Browser settings not enough to make the web safe from tracking Mike O'Neill, June 2023 ©2023, Baycloud Systems Ltd. All rights reserved. A decade after efforts to standardise #DoNotTrack were disbanded at the behest of Big Tech, attempts to drain the online tracking swamp via exclusively techniical mitigations continue to ...

Transparency via a Machine-readable Server Identity and Purpose Descriptor. Mike O'Neill, Febuary 2019 ©2019, Baycloud Systems Ltd. All rights reserved. Web pages often contain many, sometimes hundreds, of elements that initiate transactions with servers other than those managed by the top-level website. These "third-party" servers can collect personal data, link ...

Privacy protecting metrics for web audience measurement Mike O'Neill, February 2019 ©2019, Baycloud Systems Ltd. All rights reserved. The online advertisment ecosystem needs accurate information about how often advertisements are interacted with, and when they are viewed. Advertisers need to know where and how often their ads are showing to ...

The Charter of the the W3C Tracking Protection Working Group (TPWG) has expired, and the WG shut down, after publishing the Do-Not-Track technical document as a ' Note '. As the Note's introduction says, there has been very little attempt by browser companies to implement the necessary Consent API, and ...

The world’s biggest advertising group, WPP, through their media buying subsidiary GroupM have just issued a comment to the Do Not Track Tracking Preference Expression public list. Their position is close to that of some of the ad-tech and online media companies that have taken part in W3C discussions on ...

My mother's family are all from Aberdeenshire where I spent the best part of my childhood. We would relocate our company to Scotland in a heartbeat if it stays in the EU. So, I was not happy when a "digital law specialist" from Glasgow, Heather Burns, published my personal data ...

A proposal for restricting user indentifiers to site-specific contexts. The DNT Tracking Preference Expression document ( TPE ) allows for the registration and communication of site-specific consent, but there is no verifiable or transparent way to implement this using HTTP cookies. Although servers can stop using UID cookies when the ...

The European Commission’s recent proposal for the new ePrivacy Regulation (EPR), like the ePrivacy Directive which it will replace, creates rules on how websites or service providers should process communication data and access to storage in users’ equipment. It requires that users’ “freely given, informed, specific & unambiguous” consent must ...

Recent reports reveal that the UK’s GCHQ has hacked into computers belonging to Dutch multinational Gemalto, to gain access to encryption keys used for mobile telecommunications. They did this by targeting particular Gemalto staff that had access to files containing the keys, and scouring their interoffice emails. The keys were ...

Another method allowing targeted advertisers to avoid Safari third-party cookie blocking has been found on a UK website, implemented by a French AdTech company. I have pointed out before that an early decision by the Tracking Protection Working Group (TPWG) was that servers could take different action on receipt of ...