Google: IE Privacy Policy Is Impractical 258
itwbennett writes "In response to Microsoft's claim that Google circumvented Internet Explorer privacy protections (following the discovery that Google also worked around Safari's privacy settings), Google on Monday said that IE's privacy protection, called P3P, is impractical to comply with."
Dear Google (Score:4, Interesting)
So you're telling me it's impractical to send nothing or to NOT SEND BS in the field?
Congratulations for being as evil as MS
Old and Busted (Score:5, Interesting)
P3P has been Old and Busted [epic.org] since Slashdot first covered it [slashdot.org] in 2002.
Microsoft would never bring it up, if they weren't already in panic mode. This seems to indicate that MS is in far worse shape than we know.
Not impractical, ridiculous! (Score:5, Interesting)
I think Google is being polite, as do people who quote a "lack of value"
From http://en.wikipedia.org/wiki/P3P [wikipedia.org]
The main content of a privacy policy is the following:
which information the server stores:
which kind of information is collected (identifying or not);
which particular information is collected (IP address, email address, name, etc.);
Kind of information??? As if the AI problems were all solved. IP Address? Of course it is collected. Email address? Yes if there is an input box that says email address then the address is collected.
Impractical to Microsoft, MS also send invalid P3P (Score:4, Interesting)
I find it interesting that Microsoft also sends an invalid privacy header, just as they are complaining about Google doing.
I also find it interesting that MS is blaming Google for IE's failed handling on invalid P3P headers rather than fixing their product.
Re:Impractical to who? (Score:5, Interesting)
"but the data they use to do so never leaves their own servers."
I guess you believe everything you hear/read....
Why would the data leave their servers? They don't need to sell the information to advertisers--they simply tell advertisers, "We know everything about everyone. We will put your ad in front of the 1 million people most likely to respond. You don't need us to sell their information to you--they will provide it when they buy your product."
Re:FTFY (Score:3, Interesting)
Google is under no legal requirement, but remember, they're the "Do No Evil!" crowd. Deliberately circumventing a system which allows browser USERS to say "I don't want to allow cookies from sites which will do X, Y, or Z with my data," would seem to fly in the face of that policy, wouldn't it?
What you're saying is, "Since Microsoft didn't create a hermetically sealed box that's unable to be bypassed, it's okay for Google to simply disrespect the wishes of the user - as expressed by the web browser settings - and do whatever they want."
Is this REALLY a road you think any company should be going down, where "whatever's not bolted down" is fair game for anybody smart enough to take it?
One question never answered (Score:4, Interesting)
How does Facebook do it (the Like button)? Does Facebook also circumvent it this way? Either Facebook found a way to do it better, or they are both doing the same thing.
Can we stop the Google/Microsoft bashing and focus on the techniques please?
Re:Impractical to Microsoft, MS also send invalid (Score:2, Interesting)
If it's something that can be exploited then it's a bug. Any security/privacy feature of the browser should be in the control of the user not at the mercy of the http server.
If it was something like a buffer overflow would microsoft still complain how that bad guys should stop sending invalid data packets to the browser?
I don't like googles extensive tracking either, but complaining that it's not using some unpopular protocol is just silly. If you are going to implement privacy control then make it work regardless of the information that the site may send or just don't bother.
Re:FTFY (Score:3, Interesting)
If Google sent nothing, and simply said "We refuse to support P3P," then the P3P system would have stopped them setting the tracking cookie. So Google had to expend the effort to:
1) Find a loophole that would allow them to track users even if this P3P system was in place;
2) Implement & test their workaround;
So yes, they had to deliberately develop and implement a workaround to allow them to plant the tracking cookie on IE users. Because not planting that cookie would be ever-so-inconvenient and unprofitable for them otherwise.
What blows my mind is that people are trying to frame this as a "Google vs. Microsoft" issue, when it is very clearly a "Google vs. User" issue. Google should respect the wishes of the users, as expressed by the P3P settings, or work to convince users that it is trustworthy & that they should change their settings (or use a different browser) that would allow google to track them. Hard claiming you're trustworthy when you're caught making an end-run around user preferences because they happen to be at odds with your business model.
Re:Impractical to who? (Score:4, Interesting)
That's for internet advertising. Google does no print advertising, which loads every mailbox in the nation with tons of shit. Considering the amount of people that use their real names, you don't think they'll sell all that data they collect on you to print advertisers for targeted mailing?
What's a mailbox? I don't have a single bill that shows up in my mailbox. It's all paid online. Anything that shows up in the USPS box just gets chucked into the burn barrel. (Unless it's a package shipped by one of the few companies that charges $1 to ship via USPS from clear across the US--but that's rare.)
To save myself time, I've been thinking about replacing my mailbox with an always-on burn barrel--maybe using a propane barbecue bottle to supply it. Maybe the USPS would finally get the hint. Anything 'important' needs a signature and the mail carrier knocks on the door.
Re:Dear Google (Score:4, Interesting)
Right. They exploited a bug in Internet Explorer so they could track users against their wishes. On is own maybe more naughty than evil, but following on their very purposeful and sneaky bypassing of anti-tracking measures in Safari, it's just a continuation of a pattern of sneaky disregard for users' wishes.
Don't be evil had to go out the window the second Google became an advertising company. If you didn't realize before, it should have become obvious when they bought doubleclick, the evilest company on the web.
Re:Impractical to who? (Score:5, Interesting)