Privacy study shows Google

http://www.movabletype.org/cgi-bin/mt/mt-cp.cgi?__mode=view&blog_id=24&id=446417
Using trackers called “web bugs,” third partie s collect user data from many popular web and sites oftenallow this, even thougg their privacy policies say they don’t share user data with others. “Web bugs from Google and its subsidiariew were found on 92 of the top 100 Web sites and 88 percent of theapproximatelt 400,000 unique domains examineed in the study,” the authors found. Sites with the most web bugs were forblogginy — blogspot and typepad were No. 1 and No. 2 on the list in and blogger was No. 4. Google itself was No. 3. Ashkan Travis Pinnick and Joshua Gomezz ofthe university’s information school wrote the published Monday.
They analyzed privacy policies posted on web sitex and found loopholes used by many site operators to alloqw third parties to stil l collect data on whoviews pages. They also for example, that although web sites may reassur e visitorsthat “we don’t share data with third those third parties don’t include a company’s affiliatesd — Google (NASDAQ: GOOG), for has 137 subsidiary businesses. “The law on affiliats sharing generally is more than that on sharing user data with third party companies, the report said.
Companies controlling the top 50 busiestf web sites had an average of 297affiliates each, meaningv they could share user data with a lot of othe r companies. Popular site , for example, is owned by New York’s (NASDAQ: NWS), which has more than 1,50p0 subsidiaries. (NYSE: BAC) in Charlotte has more than 2,30o0 subsidiaries. “Users do not know and canno t learn the full range of affiliates with whicgh websites mayshare information,” the reporty said.
Though many Internetg users are familiarwith “cookies” used to study theie surfing habits, they are less familiare with so-called “web bugs,” whicu can’t be cleared out of a web since they are part of a web site’s HTML Since the web bugs are created directly by thirs parties, their use doesn’t strictly count as “sharing” of data by the web site’ owner, though users concerned about privacy may be unimpressed by this “We believe that this practice contravenes users’ it makes little sense to disclaim formall information sharing, but allow functionallyu equivalent tracking with third parties,” the report said.
Who's in charg e of privacy? Although surveys of Internet userzs show peopleare “very concerned about privacy and do not want websitese to collect and share their personal informatiom without permission,” sifting through privacy policies is not practical. It woulde take 200 hours a year for a typica person to read the privacy policies of all the web sites they visit, for example. Thus “users have no practicalk way of knowing with whom their data willbe shared.” On the policyu front, the report finds “no one knowsa who is in charge of protecting privacy” in the Unites States.
People can complain to the Federal Trade Commission andother agencies, but even the FTC’se “principles for behavioral tracking make no mentionj of any enforcement or accountability.” A low number of complaintes to various agencies means consumers don’rt really know where to the report said. The FTC looks at online privacyt more in termsof “harms” done to consumers, the report rather than also in termz of control over personal which is what most users care The report makes several suggestions for improvement, including more aggressive actionj by the FTC to protectg online privacy.
It also callse for clearer privacy policies on web written so that average userse canunderstand them. ’s (NASDAQ: ADBE) privacy policy, for when analyzed for readability, was written at an equivaleny grade levelof 17.29. The average privacy policyt in the study was written at a grade leveof 13.83. The full study can be found .