Doc Searls Proposes We Set Our Own Terms and Policies for Web Site Tracking (searls.com)
- Reference: 0176798451
- News link: https://yro.slashdot.org/story/25/03/23/1842242/doc-searls-proposes-we-set-our-own-terms-and-policies-for-web-site-tracking
- Source link: https://doc.searls.com/2025/03/23/real-agency/
> Meet [3]IEEE P7012 , which "identifies/addresses the manner in which personal privacy terms are proffered and how they can be read and agreed to by machines." It has been in the works since 2017, and should be ready later this year. (I say this as chair of the standard's working group.) The nickname for P7012 is MyTerms (much as the nickname for the IEEE's 802.11 standard is Wi-Fi).
>
> The idea behind MyTerms is that the sites and services of the world should agree to your terms, rather than the other way around.
Basically your web browser proffers whatever agreement you've chosen (from a [4]canonical list hosted at Customer Commons ) to the web sites and other online services that you're visiting.
"Browser makers can build something into their product, or any developer can make a browser add-on or extension..." Searls writes. "On the site's side — the second-party side — CMS makers can build something in, or any developer can make a plug-in (WordPress) or a module (Drupal). Mobile app toolmakers can also come up with something (or many things)..."
> MyTerms creates a new regime for privacy: one based on contract. With each MyTerm you are the first party. Not the website, the service, or the app maker. They are the second party. And terms can be friendly. For example, a prototype term called [5]NoStalking says "Just show me ads not based on tracking me." This is good for you, because you don't get tracked, and good for the site because it leaves open the advertising option. NoStalking lives at [6]Customer Commons , much as personal copyrights live at [7]Creative Commons . (Yes, the former is modeled on the latter.)
"[L]et's make this happen and show the world what agency really means," Searls concludes.
Another way to say it is they've created "a draft standard for machine-readable personal privacy terms." But Searl's article used a grander metaphor to explain its significance:
> When Archimedes said 'Give me a place to stand and I can move the world,' he was talking about agency . You have no agency on the Web if you are always the second party, agreeing to terms and policies set by websites.
>
> You are Archimedes if you are the first party, setting your own terms and policies. The scale you get with those is One 2 World. The place you stand is on the Web itself — and the Internet below it.
>
> Both were designed to make each of us an Archimedes.
[1] https://www.threads.net/@docsearls/post/DHjFBjHsGwM
[2] https://doc.searls.com/2025/03/23/real-agency/
[3] https://standards.ieee.org/ieee/7012/7192/
[4] https://customercommons.org/choose-your-agreements/
[5] https://customercommons.org/agreements/p2b1/0.9/
[6] https://customercommons.org/
[7] https://creativecommons.org/
Is it the first of april yet? (Score:3)
I can tell you what happens. If your browser tells the site "You must agree to my terms", the site will tell you "Set your terms to 'nothing' to see the content".
There are also a number of legal obstacles. For example, it's already questionable how much effect typical forms of agreeing to terms on a website really have (since you don't sign anything and your identity is not verified, so anyone could have clicked the "I agree" button), but at least some human being is clicking the "I agree to the ToS" checkbox. This proposal assumes that an automated system on the website is able to review and agree to the terms. If you really want the site to agree to your terms, you'll have to wait after requesting a page for a human responsible for the site to review your terms and agree to them. Any automated response won't be legally valid.
The sensible way to do this is for governments to address these issues one by one, rather than expecting sites to comply with a user's terms and possibly just denying access because it becomes too complicated to assess whether the site can comply with the terms, or because the site owner simply does not want to comply with user's ToS. A simple one would be, for example, to make Do-Not-Track a law and require sites to provide access even if you don't allow tracking.
Pay or consent (Score:2)
> If your browser tells the site "You must agree to my terms", the site will tell you "Set your terms to 'nothing' to see the content".
To be closely followed by something like "This website is not directed toward persons in member states of the European Union."
> A simple one would be, for example, to make Do-Not-Track a law and require sites to provide access even if you don't allow tracking.
Which would probably lead to a rise in pay-or-consent schemes, in which the website presents a paywall to a user agent that presents DNT or son-of-DNT.
Re: (Score:2)
The point is, that GDPR forbids pay-or-consent schemes.
"When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract."
and
"Consent is presumed not to be freely given if it does not allow separate consent to be given to different personal data processing operations despite it being a
Re: (Score:2)
And the robots.txt file is supposed to stanch AI crawlers.
I have a bridge in NYC for you that goes to Brooklyn for sale. Crypto.
Doc is altruistic, and I love his motives, but this isn't going to work. Sorry. Even litigation with the GDPR won't stop it, as the collection of judgments will soon be impossible as countries ignore international law, international courts, and generally flip the bird across jurisdictions.
It's an ugly situation that only ends when you dismantle the panopticon, a seemingly impossib
Re:Is it the first of april yet? (Score:4, Interesting)
I just have my browser lie. I have one extension that auto clicks through cookie banners (if they don't get blocked anyway). It tries to opt out, but if it's "pay or be tracked" it just allows the tracking... Except that my browser blocks all their ads, and discards all the tracking data they try to save, and gives them ever-changing random noise when they try to fingerprint.
It's not that I object to any form of monetization for content, it's that I can't trust the advertisers so they all get nuked.
Re: (Score:2)
If you choose (automated or not) to accept, they have the *right* to track you. If any of your cookie eating plugins fails, they can use the data. And maybe you should read the banner in detail (even when they make it more steps to inform yourself than to accept it blindly), they do not only talk about storages but also about fingerprinting. And you can never be sure if you know about the latest fingerprinting methods and if your browser is vulnerable. You may also have agreed that they may use your login e
Enforcement. (Score:2)
Good luck with that. Remember there is no death penalty for corporations.
Re: (Score:2)
Not one that is currently applied.
Re: (Score:3)
> Remember there is no death penalty for corporations.
What is needed is liability of the top executives for breaking the law. Once CEOs see that other CEO's daughters can no longer go to pony club as their fathers have been sued for malfeasance they might start to behave.
Doubtless someone will claim that a [1]Limited Company [wikipedia.org] exists to stop liability of executives -- I am OK with that if through error something goes wrong but NOT where they deliberately break the law.
[1] https://en.wikipedia.org/wiki/Limited_company
Fuck Zuck (Score:1)
This shit-gargling bootlicker aided and abetted genocide. He experimented on his users. He's a flat out criminal scumbag. His company trying to argue that anything is false in the face of its continuous lying about its crimes are a fucking farce.
The actual quote was more useful i think (Score:2)
"Give me a place to stand, and a lever long enough, and I will move the world."
The lever is just as important as the place to stand in this context.
As a website host (Score:2)
Why would I spend any effort to implement this?
Re: (Score:2)
What is there to implement??
My own website doesn't have any cookies, doesn't use JavaScript, doesn't serve any advertisements, doesn't collect any user information other than the IP address recorded by the hosting server that delivers my pages, and doesn't collect any other information except what the user might enter on the "contact me" page (if they use it).
So what is there to implement??
Re: (Score:2)
Given there is a law that the information provided by the client has a legal meaning, not implementing it would probably mean you can be sued by not following the terms your site did not parse.
As long as there is no such law, I wonder why any site should follow the terms. Currently the sites pressure the users to accept their terms and suddenly they should just accept the user's terms? Without any law requiring them to do so, they most certainly won't.
I have a different request (Score:2)
Targeted ads are great if they meet my needs
If I'm in the market for a product or service, I want to request all suppliers to send me their pitches
Once I buy, or decide not to buy, the pitches stop, all of them
Also, unless I indicate that I'm in the market for something, I see no ads
I understand that this is a fantasy, and that advertisers will still spam me with incredibly stupid "targeted ads", but if it worked, it would be great for advertisers, since their ads would not be wasted on someone with no inte
Re: (Score:2)
What about a marketplace for showing ads that pays you credits you can distribute?
You say "I need a new PC", visit a site and get all the PC ads. You actually click one and buy the PC. Afterward you get to choose to spend the provision for some website, e.g., to support the journalism of your favorite news site that now doesn't need to show you ads.
They can't exploit you in every way possible? (Score:2)
Never catch on!
It's never going to work because Google (Score:1)
C'mon, if Chrome where an independient open and free source browser, then we'll never need something like this, but it doesn't, it's the product of the main culprit of the privacy lost on the internet, Google decides everything and they want to share our data and our private data to everyone else. Firefox is following this because the mismanagement at Mozilla, so soon we'll have no option and nobody will do a damn thing about it.
DNT v2.0 (Score:2)
And just as enforceable.
Do Not Track did not work (Score:1)
This proposal has zero chance to work in practice unless Alphabet is broken up and advertising, search, and browser are three different and independent businesses.
Re: (Score:3)
> Do Not Track did not work
On the contrary, DNT worked perfectly for the purpose it was intended: to sabotage alternative solutions to the privacy issue. At the time, privacy and tracking were becoming a concern and there were efforts to fix the problem in ways benefiting the consumer - for example, a proposal sent to the W3C was to standardize ad blocker functionality directly in the browser. Google realized the danger, and, together with their lapdog Mozilla and their other accomplices from the [1]Digital Advertising Alliance [wikipedia.org], forced
[1] https://en.wikipedia.org/wiki/AdChoices