You probably can’t help but have noticed (in the EU at least), that website operators seem keen to gain your permission to pop “cookies” into your browser. Cookies are tiny computer files that a website can use to store information about you on your own computer. To prevent nasty people doing nasty things, the security policies operated by your browser try to ensure that only websites that write a cookie can read them back.
Because of the way that web pages are constructed, it might well be that third parties appear to write cookies to your computer when you land on a particular website from that website, but that isn’t the case. Instead, web page publishers allows other sites to write cookies to your browser by including third party scripts in their pages. For example, reading the ITV cookie policy, I notice that they declare that third party advertising services may deploy cookies when you visit the ITV website. In this case, those third parties will almost certainly use the cookie as part of a recipe that records the fact that you went to the ITV website. If the same third party is used by Channel 4, that third party will be able to add information to the cookie it set when you visited the ITV website so that it knows you visited both those sites.
If enough people adopt a particular third party service, that service may be able to pick up quite a good idea about the range of sites you visit. Google’s various ad’n’analytics services in principle allow it to track you across a wide range of sites, because those services are so widely used, though the extent to which Google does or does not fuse data from the cookies associated with those various services may be moot…
One thing I hadn’t realised (or maybe, hadn’t really thought about) before was brought to my attention when something else that was new to me crossed my radar the other day: real time bidding on web adverts, the architecture for which is broadly descibed by Shuai Yuan, Jun Wang, Xiaoxue Zhao in their paper Real-time Bidding for Online Advertising: Measurement and Analysis as follows:
The model is crudely this: when you visit a web site, the publisher alerts the advertisers that someone has landed on the webpage. Through various cookie machinations, the publisher (and/or the advertiser) may be able to identify you, or certain things about you, from the various cookies on your machine. The advertisers decide what you’re worth and bid to place the advert. The publisher accepts a bid from one of the advertisers and pops the ad into the page you’re visiting. Sort of. (The publisher in this case is more likely to be an ad marketplace/broker, rather than the webpage publisher.)
So that was new to me – realtime bidding. The world’s gone mad. Anyway. As a result of that, I suddenly appreciated the creepy bit in the image above, in step 4: “advertisers choose to buy 3rd party data optionally”. That is, advertisers – in real time – may buy cookie mediated information about people who are in the process of loading a particular web page – in order to work out a bid price for placing an ad within that page to present to that person. Personal advertising, in real time. If data from other (non-web) sources can be added into the mix, perhaps because someone has been uniquely identified, then presumably all the better… for example.
To help create a better picture of the person who is actually opening up a web page, and to piece together all those fractional bits of information that separate web domains can place into your browser through cookies they – and only they – can read and write – “cookie matching” services, such as the cookie matching service run by Google’s DoubleClick Ad Exchange provide a means by which various parties can pool together, or sell between each other, what they know about an individual from the cookies they have independently set on that individual’s webpage. (For a description of one recipe for matching cookies, see SSP to DSP Cookie-Synching Explained.)
I guess I knew this happened anyway (it’s part of the basis for ad retargeting – aka ads that follow you round the web), but I hadn’t realised quite how sharey-sharey, selly-selly and real time it all was.
So we’re being tracked and info about us being sold in real-time as we traipse around the web. But we know that anyway, and we don’t seem to let it bother us.
How about real world tracking, though? Are we as happy being tracked as we walk around in physical space too? It seems so – and the technology appears to be getting so mundane… Through my feeds yesterday I was lead to MFlow Journey, a product of a company not so subtly called Human Recognition Systems, that uses video surveillance to capture and follow “anonymous” faces to track human traffic flows through airports. Human tracking is nothing new of course – your mobile operator can track your phone as easy as peasy can be, and if you have wifi enabled on any of the devices you’re carrying around with you, anyone who cares to can track you too. With the click of a button, apparently (review of a typical Euclid analytics dashboard). (See also: New York Times, Attention, Shoppers: Store Is Tracking Your Cell). Apple seems to be doing it’s bit to make retail centre tracking easier too.
Automatic Number Plate Recognition (ANPR)
So that’s faces and phones… number plates can be trivially tracked too of course. Here’s a recent (January 2013) ACPO report on The police use of Automatic Number Plate Recognition (the vignettes at the start of the report are illustrative of just what the millions of rows of data in the database allow you to pick out about a particular individual; other operational examples are described in this IPPC Independent Investigation into the use of ANPR in Durham, Cleveland and North Yorkshire from 23 – 26 October 2009 (summarising press release); see also the ACPO 2009 Practice Advice on the management and Use of Automatic Number Plate Recognition, the National ACPO ANPR Standards (NAAS) v.4.12 Nov 2011 and this Memorandum of Understanding to Support Access to ANPR Data, v.2 Feb 2011. A recent bollocking from the ICO (Police use of ‘Ring of Steel’ is disproportionate and must be reviewed) suggests that popping ANPR cameras on all roads in and out of a town is just not on, but I guess this is limited to police deployed cameras, and doesn’t necessarily address mosaic pictures that you can build up from piecing together ANPR hits wherever you can pick them up from…
…because as well as ANPR systems operated by the police, ANPR is widely used by private companies (though I’m not sure about the extent to which they do, or may be obliged to, share their logs or data collection facilities with the police?) For an idea of what sorts of ANPR “solutions” are available, here’s a list of approved car parking operators with some handy metadata that shows whether they use ANPR or not.
Camera surveillance is just not limited to ANPR systems of course, as any precinct bench loitering yoofs will be able to tell you. Just what is and isn’t deemed acceptable generally is described by the recent (August 2013) surveillance camera code of practice (press release).
Hey ho – it’s got me wondering now what other pieces of the panopticon are already in place?
See also: The Loss of Obscurity – A Round-Up of Recent Reports Relating to Privacy and Personal Consumer Data
OUseful.Info, the blog... 
Thanks for the post Tony. A few days ago I watched the video in this web content I link below. The video tells the story of a family and their use of technology and the track of data experts showed was left behind. There is feedback about what the participants in the study thought about this.
http://www.troyhunt.com/2013/09/in-google-we-trust-links-and-more-info.html
Thanks for that Andy – will take a look. It’s really easy to come across as paranoid putting together posts like this, but it really is a drip, drip, and the potential for JOINs gets ever easier… But then, maybe universal tracking is not a bad thing…?! Hmmm…. Gulp…