I linked to the preliminary report on privacy released by the FTC yesterday. Chief among their suggestions is a lightweight Do Not Track system based on browser headers, a scheme that is technically sound but raises questions about compliance and complaint.
More concerning is this Wall Street Journal posting about an outfit, BlueCava, looking to assemble a massive database of unique identifiable networked devices.
He’s off to a good start. So far, Mr. Norris’s start-up company, BlueCava Inc., has identified 200 million devices. By the end of next year, BlueCava says it expects to have cataloged one billion of the world’s estimated 10 billion devices.
Advertisers no longer want to just buy ads. They want to buy access to specific people. So, Mr. Norris is building a “credit bureau for devices” in which every computer or cellphone will have a “reputation” based on its user’s online behavior, shopping habits and demographics. He plans to sell this information to advertisers willing to pay top dollar for granular data about people’s interests and activities.
This is entirely continuous with EFF’s research into browser fingerprinting and sustains Professor Ed Felten’s warnings about going after mere tracking cookies too zealously. Nothing about the fingerprinting is necessarily incompatible with the proposed Do Not Track system. The article merely raises the urgency in answer questions around how to determine whether an advertiser is honoring the DNT header and how to enforce an action against them.
Race Is On to ‘Fingerprint’ Phones, PCs, Wall Street Journal (via Hacker News)