Another One Rides the Bus: Twitter Goes Big Brother (and self-destructing cookies)

First of all, not in the article but /far/ more important… Twitter recently changed their API to kill anonymous RSS feeds. In short, if you want to follow someone’s tweets, it’s now: a) A royal pain to do that with your RSS reeder
b) Not possible to do it without giving Twitter a list of all the people you want to follow.

How/why? They re-jiggered their API so it only returns feed data via JSON, and only then if you’re an authenticated user. Up until about a month or two ago, you could get RSS feeds just by appending the person’s username to a special URL.

This sucks. I don’t want to tell Twitter which accounts I’m interested in keeping an eye on. (yes, I realize IP tracking and the like, but when people move to authentication it means they care about getting accurate tracking, which often indicates they plan to use the data for something)

The only workaround seems to be creating a unique Twitter account for each account I’d like to follow, and then using the API key only once per account… Oy vey. This is where I wish I knew something about programming, scripting, and otherwise making computers do tricks so I could automate the signup/API key harvest/URL generating.

Do… Not… Have… Time… For… This… Crap.

Anyhow. Where were we? Right. The article.

Yeah, besides delivering a mob-style execution to RSS feeds, Twitter’s also decided to implement a cross-web tracking system. More or less like what Facebook and the like do — drop little “tweet this” graphics on random websites, have them drop cookies in your browser, and use that to figure out where you’ve been surfing.

Link it to your account, build up a behavior profile, and before you know it they’ve worked out your innermost secrets. Woo-hoo.

In keeping with Twitter’s general policy of being the “slightly less evil” Web 2.0 company (because they’re all getting the public to disclose all their communications and interpersonal connections in public, they aren’t subject to quite the same pressure to be underhandedly evil)… Twitter’s actually allowing people to opt out.

Defenses: I say screw that, no doubt opting out is another dot in the behavior profile.

As well as RequestPolicy (which is generally quite effictive but also has a nasty way of making websites broken until you spend a second or two clicking), there’s a new idea out there…

Self-Destructing Cookies. A Firefox plug-in that causes cookies to disappear as soon as you stop browsing a website… unlesss you explicitly asked they be kept.

Why the hell didn’t someone come up with this idea sooner?! This oughta be an option in the Firefox privacy settings, not an add-on plugin…

https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/

http://www.dailymail.co.uk/sciencetech/article-2355983/Big-Brother-strikes-Now-TWITTER-wants-start-tracking-web.html

“Twitter has announced it plans to start tracking users and the websites they visit.

The site plans to use browser cookies – small files that are placed on people’s computers each time they visit a web page – to track online movements.

Advertising partners will then be able to target customers by either anonymously matching email addresses of users, or by using the cookies collected, to serve more personalised adverts. […]

A blog post from Adi Kamdar from the Electronic Frontier Foundation said: ‘Twitter is setting an important example.

‘It is possible to exist in an ecosystem of tailored advertisements and online tracking while also giving users an easy and meaningful opt-out choice.

‘This is in stark contrast to many other advertising and tracking firms.

‘Consumer privacy is an issue of control and transparency; you may be perfectly fine with targeted ads, but you should have the ability to know what information companies have about you and the option of saying no.

To support its claim for transparency, Twitter will also be linking to each advertising partners’ firms cookie opt-out pages.

When users enable DNT or opt out from cookies on websites their data is wiped from the companies’ files.

This means any stored log-in or payment details are removed and will need to be entered in manually. “

Advertisements
%d bloggers like this: