Mixed (Instant) Messages

Jeff Winkler | 4.14.2009 3:21 PM

A couple news articles prove that there really are folks in government looking out for our best interests:

The European Union started legal action against Britain on Tuesday for not applying EU data privacy rules that would restrict an Internet advertising tracker, called Phorm, from watching how users surf the web….

The European Commission said Britain should outlaw Internet traffic interception and monitoring unless users give explicit consent that their behavior can be tracked and analyzed.

It said it had received numerous complaints about BT Group PLC, which tested Phorm in 2006 and 2007 without informing customers involved in the trial. Phorm analyzes Internet users' behavior so it can target them with advertising that might appeal to them.

"Such a technology in the view of the European Commission and European data protection law can only be used with the prior consent of the user," said EU spokesman Martin Selmayr.

In its decision to pursue legal action against Britain regarding "behavioral advertising," the EC is pretty upset over the lack of "consent":

At the heart of the legal action by the EC is whether users have given their consent to have their data intercepted by the advertising system….

A spokeswoman from the commission [said] that the EC wanted the UK to ensure there were procedures in place to ensure "clear consent from the user that his or her private data is being used."…

"Technologies like Internet behavioural advertising can be useful for businesses and consumers but they must be used in a way that complies with EU rules," the EU's Telecoms Commissioner Viviane Reding said in a statement.

In her weekly radio message, Reding was very clear about her position:

Another privacy concern repeatedly mentioned to the European Commission these days is behavioural advertisement… Now, European privacy rules are crystal clear: a person's information can only be used with their prior consent. And we cannot give up this basic principle, and have all our exchanges monitored, surveyed and stored, in exchange for a promise of "more relevant" advertisement.

It's great to see a government body protecting Internet users from secret and unapproved searches of their information. Now that the EC is safeguarding "basic principles," we can all rest easy.

Oh…Wait…

It looks like the idea of "consent" is a one-way street. On April 6, with little fanfare, the EU's revised Data Retention Regulations 2009 went into effect:

…The 'Data Retention Regulations 2009' EU directive places legal obligations on every ISP to retain personal details of Internet users. This includes Internet telephony, email and web browsing history.

These powers will be limited to data such as a time, date and IP address and won't extend to actual email content. They will however store your entire browsing history including all pages you've visited or attempted to visit. Details of fixed and mobile calls will go even further, providing the government with the geographical data of the call. The act has been around for a while but has only now been updated this week to include the law on Internet communication.

So advertising trackers and Internet Service Providers must offer users a chance to opt out of behavioral advertising, while storing ISP customers' personal data is mandatory? There's mixed signals here. Well, so much for consent and "crystal clear" privacy rules. Looks like it's back to the drawing board PC's paint program.

In the great 2004 cover story, Reason contributor Declan McCullagh explains the upside of zero privacy. In February, Senior Editor Jacob Sullum wrote about the UK's secret plan to monitor everything. Reason's private stash here.

Start your day with Reason. Get a daily brief of the most important stories and trends every weekday morning when you subscribe to Reason Roundup.

NEXT: Fresh Eggs: The Human Kind

Hide Comments (9)

Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.

Pro Libertate 16 years ago

Behavioral targeting is out? Guess the U.S. can forget about that E.U. admission now. Shucks.
Episiarch 16 years ago

You shouldn't post pictures of yourself on H&R, Fonz.
Brett Stevens 16 years ago

All of this means that Darknets -- private, encrypted, custom software sites -- will continue to thrive.

Good luck regulating the internet. First, it routes around damage including censors; second, it generates too much stuff to go through even with our best computers now.

I recommend all people use encryption, especially on your hard drives, and emails; doubly so if you're doing nothing illegal.
Pro Libertate 16 years ago

Brett,

Until the government just out and out makes possession of strong encryption by individuals probable cause of criminal behavior.
Geoff 16 years ago

FWIW the company doing this is the one Bruce Schneier works for. The security company he founded (Counterpane) was bought by BT a couple of years ago. I'd imagine he's somewhat conflicted about all of this, since he's pretty strong on the civil liberties side.
R C Dean 16 years ago

See, when a private company wants to shake 'n' bake your data, that's bad and requires consent.

When the All-Wise and All-Knowing State wants to shake 'n' bake your data, that's good and requires no consent, not even an opt-out.
Pro Libertate 16 years ago

Government sucks ass on security and on privacy. How those idiots are supposed to tell the private sector to behave on either issue is beyond me. Especially considering the dire consequences to a private actor when it allows personal information to leak out of its grasp. And the lack of those same consequences when the government does it.
James Butler 16 years ago

RCDean has it correct ... at least as far as the EU is concerned. Here in America we've got bunches of private companies shaking and baking our data AND the government, too! Woohoo! The EU is positively tech-savvy on this one, compared to America.
Libertarian Keyboard Warriors 16 years ago

"When the All-Wise and All-Knowing State wants to shake 'n' bake your data, that's good and requires no consent, not even an opt-out."

No Dean, they can both be bad.

It doesn't have to be an either/or stance. See how nuance bites you in the ass yet again? You should have learned by now. What imaginary group of people are you talking too when you make such comments? The fringe? What an easy battle to win.

Anyway, further proof that an Ivy League education is just an expensive resume builder.

Please log in to post comments

Mixed (Instant) Messages

Latest

Cops Called on Dad for Playing Catch with 14-Year-Old Son at Park

ICE Denies Reason Access to Immigration Court In Miami Detention Center

Deported for Innocent Tattoos?

Oh, Canada

Federal Court 'Vacates in Its Entirety' the FDA's Costly and Onerous Lab Test Rule

Recommended

Login Form