Night of the Surveillance Dead

In one of those curious synchronicities that occasionally emerge out of the chaotic foam of the internet, I came across two stories (of an entirely different nature) featuring surveillance and ‘zombies’ this week.

The first is one that Ars Technica first publicized recently – the creation of new undeletable cookies. Cookies, for the still unaware, are little bits of code that sit on your computer and store information, usually relating to websites you have visited – so, passwords and the like. Originally they were simply a tool to make it easier to handle the proliferation of sites that needed login details from users. And in most cases, they used to be both moderately consensual (i.e. you would be, or could be, asked if you wanted to have you computer download one) and relatively easy to remove. However, in recent years, this has changed. For a start there are so many sites and applications using cookies that it has become inconvenient to ‘consent’ to them or to manage them in any unautomated way. The new development however is a system that uses the database capabilities in HTML5 rather than being a traditional cookie. The major problem with this, and you can read more about the technical details in the story, is that these cannot ever be deleted by the user, as when they are deleted, they respawn themselves, and recreate the data profile of the user by reaching into other areas of your computer (and even stuff you thought was also deleted). The company concerned, Ringleader Digital, which specializes in ‘targeted, trackable advertising’ for ‘real-time visibility’, says users can ‘opt-out’ by using a form on their website, but this so-called ‘opt-out’ is hedged about with terms and conditions.

Now, Ars Technica reports that an open-source developer, Samy Kamkar, has created ‘evercookie‘, a virtually indestructible cookie designed as an educational tool to make users aware of the presence of these new internet zombies that do their master’s bidding. It’s a neat idea but I wonder – and I hope you will excuse my taking the zombie metaphor just a little further here – whether in raising the dead to show that necromancy is bad, good wizards like Samy Kamkar might in the end just be contributing to the problem. It isn’t as if most ordinary users understand these strange powers. Perhaps the people who need to witness the power of these occult rites are the regulators. It’s not clear to me whether these kinds of programs would be considered in any way legal in most places with strong data-protection and privacy laws, like Canada and the EU – as the controversy over the similar British Telecom system, Phorm, showed. So I would be very interested in what the Canadian Privacy Commissioner has to say about it, for example. I will be asking them.

(The second zombie story I will add later…)

Phorm philling

UK satirical magazine, Private Eye, this week brings the ludicrous Stop Phoul Play website to my attention. This is a corporate spin site devoted entirely to defending BT’s underhand and intrusive ‘Phorm’ online advertising technology against what it calls ‘privacy pirates’ who they claim are either being paid or pushed to damage BT.

Those listed as ‘piracy pirates’ include the excellent investigative IT journal, The Register, the Open Rights Group and the brilliant Foundation for Information Policy Research (FIPR), along with numerous bloggers and contributors to web forums. Now, it may be that some other corporations with rival technologies would like Phorm to fail, just as Microsoft probably enjoys it a great deal every time Google takes a PR hit (or vice-versa), but to suggest that everyone who make a criticism of Phorm is secretly part of some conspiracy against BT is frankly, either stupid paranoid.

And there are very good reasons for being critical of Phorm in the trojan-like manner of its operation and the way in which it has been tested without the consent of users. As Private Eye also reminds us, Phorm has landed the UK government in legal trouble with the EU. It hardly needs a conspiracy to make people justifiably annoyed.

This is one of the weirder exercises in PR I have seen, not least because its paranoia and promotion of conspiracies can only be damaging to BT. Thus it is no surprise to find that, according to the The Register, that it is the product of the fevered imagination of Patrick Robertson, whose previous clients include the lovely General Pinochet and former Tory MP and convicted liar, Jonathan Aitkin. So go take a look at Stop Phoul Play (while it still exists…) – it really is quite insane.