Archive for the ‘privacy’ Category

File Under: Identity, privacy, Social

Facebook Wants Your Past, Present, and Future On Open Graphs and Timelines

Facebook will soon allow its users to integrate all of their music, media, and lifestyle actions and interactions with their profiles, Mark Zuckerberg announced at Facebook’s f8 conference yesterday. Connecting profiles to services like Spotify will allow users to fill out their own curated “Timeline,” so friends can see each others’ media activities both as individuals and aggregated over their entire network, a move that will explode the amount of content on the site.

The new arrangement is part of two new Facebook initiatives, one of which is the Timeline. Users can fill in their Timelines with both content pulled in from other services — say, an article “liked” on Ars Technica or a game played — as well as “real world” activities like photos or status updates. The real world content can be filtered by date into the timeline, so users can fill in their backstory on the site with everything that happened before Facebook existed: moves to a new city, first words as a baby, or every single relationship breakup pre-2004.

Once in place, the timeline will be the new News Feed, with friends’ updates streaming past. But not everything will make it into the Timeline: small updates, like what music friends are listening to, may be relegated to the Ticker, the integrated online friends/status update bar rolled out Wednesday. Users will be able to choose which activities are significant enough to appear in their timelines.

Zuckerberg also placed emphasis on the new use of verbs in timelines, which will allow people to sort their friends activities in different ways. For instance, with a status update reading “Casey Johnston is watching Veronica Mars for the millionth time,” users will be able to click both “watching” to see what else friends are viewing at the moment, or “Veronica Mars” to see a list of other friends who like Veronica Mars.

These updates will feed into the second new feature, Facebook Open Graph, which collects and ranks the the activities or items that friends are interacting with. Apps that integrate with Facebook will be sorted in Open Graph based on popularity with a user and his or her friends, including Spotify, Hulu, Netflix, Foodspotting, Vevo, and Nike+, among many others. Open Graph is intended to help with app discoverability, showing users what their friends are doing without flooding their feeds every time a friend kills a mobster or plants a new crop of corn.

When Timeline was introduced, Chris Cox, director of product at Facebook, noted that “there is nothing we love to summarize more than time itself,” stating that with the new features it would be possible for users to create months or years in review.

Of course, Facebook’s entire motivation isn’t just for friends to become more intimate with each others’ past and present. Daniel Ek, Spotify CEO, spoke briefly at the conference, and noted that “because our [Spotify's] playlists are social, they [users] are more engaged. And because they are engaged, they are more than twice as likely to pay for music.” For Spotify, which boasted 2 million paying members worldwide as of Wednesday, the exposure to the better part of a billion Facebook members could mean big bucks.

The new completionist Facebook is a significant departure from what Facebook’s most avid competitors, Google+ and Twitter, currently offer on their sites. If Facebook can get users to buy into putting their whole life histories on the site, the amount of content there will explode, and create an investment and representation of self users won’t be likely to abandon. And with more content comes more opportunities to target ads.

The beta for Facebook’s timelines begins today, with availability being rolled out gradually. Neither Zuckerberg nor any of the speakers mentioned a timeline for the new version, but we expect it will be sooner rather than later.

This article originally appeared on Ars Technica, Wired’s sister site for in-depth technology news.

File Under: privacy

W3C’s New ‘Do Not Track’ Group Aims for Better Web Privacy

The World Wide Web Consortium (W3C) has announced a new project to standardize the “Do Not Track” opt-out tools already a part of Firefox, Internet Explorer and Safari. To help move the “Do Not Track” tools from browser novelty to web standard, the W3C has launched the Tracking Protection Working Group. The new group will bring together browser makers, advertisers and developers to standardize a simple way for web browsers to opt-out of online tracking.

Behavioral advertising, as such tracking is known, is becoming increasingly common on the web. Advertisers use cookies to follow you around the web, tracking which sites you visit, what you buy and even, in the case of mobile browsers, where you go. The U.S. Federal Trade Commission has already outlined a Do Not Track mechanism (PDF link), which would work much like the FTC’s Do Not Call list, offering a way to opt-out of online tracking.

While the new DNT header is already part of Firefox, Internet Explorer and Safari, and a wide range of sites now respect it, it has lacked one key ingredient — standardization. The new Tracking Protection Working Group is the first step on the road to standardization and will hopefully mean Opera and Chrome will both soon adopt the DNT header.

To help web developers get a handle on the new header Mozilla has put together a Developer Guide on DNT. The guide includes a walk through of how to detect a DNT header, and what to do about it when you do, as well as some sample code to help developers build DNT compliant sites and apps.

See Also:

Footprints photo by Vinoth Chandar/Flickr/CC

File Under: privacy, Security

Why Wait for Google? Use Encrypted Search Today

Google appears to be expanding the use of its encrypted search page, automatically redirecting some Chrome users to the HTTPS version of Google search. The company has also expanded the number of Google search tools that work with the encrypted page to include Google Image Search, Google Instant and Google Instant Preview.

Using Google search over SSL means that your search terms are encrypted, so prying eyes can’t see what you’re searching for, nor can they see the results you get back. Google’s efforts to provide an encrypted search page are just one part of a broader move afoot on the web to shift more traffic over to the more secure HTTPS protocol.

Why all the fuss about HTTPS? Well, every time you search Google or log in to Twitter or Facebook over a plain HTTP connection, you expose your data to the world. It’s a bit like writing your username and password on a postcard and dropping it in the mailbox. There is a better way, the secure version of HTTP — HTTPS. That extra “S” in the URL means your connection is secure, and it’s much harder for anyone else to see what you’re doing. Think of the extra “S” as the envelop that keeps prying eyes from looking at your postcards.

Although the HTTPS version of Google does, in Google’s words, “provide you with a more secure and private search experience,” it’s worth noting that it doesn’t stop Google from tracking your search terms and other data.

Google Operating System, which tracks all things Google, dug up a post on the Google Support Forums where a Google employee says that Google is “running an experiment with some percentage of Chrome 14 users where we send them to SSL search.” That means that some Chrome users may find themselves using the HTTPS search page without even realizing they are.

Chrome 14 is still in beta, so in order for this to affect you, you’ll need to be using the beta channel.

Of course even if you aren’t part of Google’s effort to expand Google Search over SSL, doesn’t mean you can’t configure your browser to use the HTTPS search page by default. Firefox fans can just install the HTTPS Everywhere extension. Chrome and Chromium users can simply right-click the URL bar, choose “edit search engines” and then look for the Google entry. Just click edit, add an “s” to the end of the “http” and you’re done. Internet Explorer users can head to the IE add-ons page and create a new search provider using the form.

Photo: Joffley/Flickr/CC

See Also:

File Under: privacy

Flickr’s New ‘Geofence’ Settings Protect Your Geoprivacy

Fencing in the range with Flickr's new Geofence features

The popular photo sharing website Flickr has introduced a new way to geotag your photos without revealing your location to the entire web. Flickr’s new “Geofence” settings give users more granular control over their geotagged photos.

Perhaps the best part of the new Geofence features are how dead simple they are to use — simply draw a circle on a map, choose a geoprivacy setting for that area, and you’re done. Your new fence will apply to any future photo uploads and Flickr will offer to update the privacy settings on any existing images that fall within your new fence.

To get started head over to the Flickr Geo privacy page.

These days geotagging isn’t just something for nerds. In fact, chances are your camera (especially the camera in your phone) is recording location data in your images whether you know it or not. Like other location-aware services, geotagged photos are fast becoming a big part of the current cultural debate about who should be able to see which parts of your life on the web.

“A few years ago, privacy controls like this would have been overkill. Geo data was new and underused, and the answer to privacy concerns was often, ‘you upload it, you deal with it,’” writes Flickr developer Trevor Hartsell on the blog. “But today, physical places are important to how we use the web. Sometimes you want everyone to know exactly where you took a photo. And sometimes you don’t.”

Previously, Flickr limited its geotagging options to a simple yes or no — either you shared location data with everyone or no one. Now you can share location data with only those people you trust. For example, you might leave the geodata for your vacation photos visible to everyone, but limit the location data of photos around your house to only your friends and family.

In those cases where there might be overlap between two geofences Flickr will default to the more restrictive of the two. For example, if you draw a circle around your house and limit it to the most restrictive group, “Family,” and then draw a circle around your whole neighborhood and limit that to “Friends,” any areas where the two overlap will still be limited to only the Family group.

Flickr’s new Geofence settings are among the best implemented privacy controls we’ve seen, striking a nearly perfect balance between genuine control and simplicity. And while we’re glad to see Flickr taking the lead, here’s hoping Facebook and others will copy these features into their own privacy controls.

See Also:

File Under: Identity, privacy

Mozilla’s ‘Do Not Track’ Header Is Starting to Catch on With Advertisers

Among the many new features in Firefox 4 is support for the Do Not Track (DNT) HTTP header. If you turn on the DNT header in Firefox 4′s preferences pane, the browser will broadcast a custom header in HTTP requests which tells servers you want to opt out of any tracking cookies.

Mozilla developed the DNT header to give users an easier way to opt out of increasingly intrusive online tracking by websites and advertisers. The header is, in the long run, a far better solution than constantly updating cookie-based block lists, which is currently the main solution for most users.

The problem with the DNT header is that, until now, no websites actually looked for it.

That, however, is changing. Mozilla announced today that the AP News Registry has implemented support for the DNT header across 800 news sites, which see more than 175 million unique visitors every month. That’s a huge shot in the arm for Do Not Track, which was previously a great idea, but one with little real world application.

Starting today, provided you turn on the DNT preference in Firefox 4, the AP News Registry will no longer set any cookies.

Mozilla also reports that it is in talks with the Digital Advertising Alliance to get the self-regulating group to support the DNT header as well. Strange though it may sound, the online ad industry actually has a decent track record of working with privacy advocates and even offers its own cookie-based opt out list. In other words, there is a good chance that DNT will be broadly adopted within the online ad industry.

While the DNT header seems well on its way to becoming a de facto standard (and a real standard, provided the W3C accepts it), it’s important to bear in mind that it will never stop rogue advertisers who choose to ignore your DNT settings. For the bad apples in the bunch, cookie-based blocking will remain the only viable option.

Footprints photo by Vinoth Chandar/Flickr/CC

See Also: