Solutions for Protecting Privacy Few and Far Between
The World Wide Web Consortium's Platform for Privacy Preferences Project (P3P) was designed several years ago to tackle just this sort of problem by creating a standard language websites could use to communicate their privacy policies. With P3P, browsers could inform users of site policies and even let them opt out of visiting sites with policies they weren't comfortable with. P3P never caught on with browser makers, however, and its work has been suspended.
Perhaps the most notable advance in browser privacy in recent months is the implementation of the Do Not Track (DNT) specification by all major browser makers. Some browsers, including Internet Explorer 10, have gone so far as to enable DNT by default.
DNT is a browser preference sent via the HTTP header to Web sites. As protections go, it's actually pretty weak, as websites currently must voluntarily abide by a user's preference to not be tracked.
Although the advertising industry has generally said it would respect DNT preferences, little has been done about it. The proposed California Right to Know Act of 2013, for example, would allow people to ask businesses for a report of what the business knows about them. After being opposed by Internet industry lobbying groups, the Right to Know act has been withdrawn from consideration for at least the rest of 2013.
Absent a viable voluntary mechanism for websites to disclose their policies, legislation looks like the only good solution to a problem that's only getting worse as marketers gather more data about users. The head of the Federal Trade Commission, Edith Ramirez, recently urged the ad industry to make good on it DNT promise. In the meantime, Do Not Track legislation has been proposed in Congress, and the issue receives more attention as the standard continues to be hashed out.
Sign up for CIO Asia eNewsletters.