Last week, the Federal Trade Commission tried to goad the federal government into entering the Web browser design business. In an advisory report, the FTC advocated the addition of a persistent "Do Not Track" setting to "consumers' browsers—so consumers can choose whether to allow the collection of data regarding their online searching and browsing activities."
As it turns out, not much goading will be necessary. Rep. Ed Markey, D-Mass., has proclaimed his intention to craft a bill that would mandate a similar privacy setting, one that would prevent the tracking of children using the Internet.
I won't dwell on the irony that the government that's keen to protect you from privacy-violating Web trolls also wants the Web's plumbing retrofitted to make wiretapping easier. But the last organization I want designing my Web browser is the federal government.
That doesn't mean that the first organization I want building privacy into my browser is a top software firm. There is no way to get around the fact that the current batch of top Web browsers were designed as advertising delivery systems first and editorial delivery systems second. The companies behind three of the four top browsers, Microsoft (Internet Explorer), Google (Chrome), and Apple (Safari), are all deeply invested in the advertising business. The company that makes the Firefox browser has been the benefactor of Google millions, which come primarily from advertising. The folks who make the Opera browser have likewise cashed Google's checks.
None of the software companies set out to make porous, easily breached browsers. But it hasn't been in their interests to make impregnable ones. The best illustration of who is driving Web-browser development can be found in the Aug. 2, 2010, Wall Street Journal article "Microsoft Quashed Effort to Boost Online Privacy." The piece documents how Microsoft product planners wanted to bake security features into the company's Internet Explorer 8 Web browser that would "automatically thwart common tracking tools," as the Journal reports.
But Microsoft executives were keen on selling advertising. After all, Microsoft blew $6 billion on the purchase of the Web-ad firm aQuantive in 2007. Its fellow browser-builders went on advertising-company shopping sprees of their own: Google purchased DoubleClick for $3.1 billion in 2007 and AdMob for $750 million in 2009, and Apple bought AdMob competitor Quattro Wireless this year for $275 million. In the case of Internet Explorer 8, the Microsoft product planners were overruled—the automatic privacy guard settings were canceled, to the great pleasure of the advertising industry.
Giving advertisers control of the browser is like putting the ad industry in charge of television design. I'm sure if the advertising industry had its way, your television would report back to them your every burp and fart.
I don't mean to imply a software-advertising conspiracy. Since the early days of the Web, the top players have been aboveboard about the ultimate costs of free browsers and free content: advertisements. And hand-in-hand with those advertisements have been the privacy-complicating cookies that track where you are, time how long you stay, note what you do, and then follow you where you go on the Web.
The best journalism about how marketers hunt and record your journeys into Cyberia can be found in the Wall Street Journal'songoing What They Know series. They aggressively spy on Web users, building dossiers on your likes and dislikes, your gender, your income level, your place of residence, and even your health. They then sell this information to other firms. For instance, this Journal piece shows how InfoCheckUSA "scrapes" social-media data and markets them to companies that are assessing job applicants. This piece reports the comeback of "deep packet inspection," which profiles Internet users based on the data generated by their Web surfing. These companies and others make browsing the Web akin to walking down a block with 47 security cameras peering into your wallet and psyche. This spying has become so rampant that even Web giants like Comcast and Microsoft aren't always aware of every powerful tracking cookie they drop on users' computers, as this report from the Journal series shows.
Expert users already know how to minimize unwanted Web intrusions. They use their existing browser settings to block cookies or use a third-party program to manage them. They kill hard-to-kill Flash-cookies. They install Web add-ons that kill ads (some of which monitor surfing history) and programs like Noscript that block intrusive programs, some of them potentially dangerous to your computer's health and your privacy. I am one such expert user, and my main browser is Firefox. But all that blocking and tackling can be exhausting. Just give a gander at this primer on Web browser security published by the Department of Homeland Security. It's 5,775 words long!