W3C home > Mailing lists > Public > www-tag@w3.org > August 2015

Re: Our new report on tracking headers / W3C

From: Deji Olukotun <deji@accessnow.org>
Date: Fri, 21 Aug 2015 15:28:46 -0400
Message-ID: <CAN9cB4HkDkqo_ZH7_2RtfObz4y=d9o6nVXc9UQTr1uXHQGf0OQ@mail.gmail.com>
To: Mark Nottingham <mnot@mnot.net>, annevk@annevk.nl
Cc: www-tag@w3.org
Thank you, Mark. I've shared with our team and we'll take a look at the
links you provided about transport-level metadata.

Anne, thanks for forwarding along more information on the conversation
around supercookies in Holland. We have been in contact with Vodafone about
this issue and we will be in touch about it. Meanwhile, any suggestions
about other articles or sources are much appreciated.

Best,
Deji

On Wed, Aug 19, 2015 at 3:36 AM, Mark Nottingham <mnot@mnot.net> wrote:

> Hi Deji,
>
> Thanks for that; this is very interesting and timely.
>
> You might be interested in looking at the ongoing discussion in the IETF
> about adding transport-level metadata; e.g., in SPUD, that would be
> available even for TLS connections.
>
>  https://tools.ietf.org/html/draft-trammell-spud-req-00
>
> https://github.com/hildjj/draft-hildebrand-spud-prototype/blob/master/draft-hildebrand-spud-prototype.md
>
> Cheers,
>
>
>
> > On 18 Aug 2015, at 3:44 am, Deji Olukotun <deji@accessnow.org> wrote:
> >
> > Hi -
> >
> > Thought this might interest you, given the TAG's statement on July 17 on
> tracking headers and other privacy-related matters.
> >
> > You may remember last year's story on Verizon's use of "supercookies" to
> track users. In the wake, Access launched AmIBeingTracked.com to allow
> users to see if the supercookie was being used on their network.
> >
> > Today, we have released a report on our findings. The report was covered
> by the Wall Street Journal:
> http://blogs.wsj.com/digits/2015/08/17/study-finds-supercookies-used-outside-u-s/
> .
> >
> > Our report found alarming results, among them:
> >       • Evidence of widespread deployment. Carriers in 10 countries
> around the world, including Canada, China, India, Mexico, Morocco, Peru,
> the Netherlands, Spain, the United States, and Venezuela, are using
> tracking headers
> >       • Tracking headers have been around for nearly 15 years;
> >       • Users cannot block tracking headers because they are injected by
> carriers beyond their control, and they can attach to users even when
> roaming across international borders;
> >       • Tracking headers leak private information about users and make
> them vulnerable to criminal attacks or even government surveillance;
> >       • Tracking headers depend upon an HTTP, or unencrypted connection,
> to function, and may lead to fewer websites offering HTTPS.
> > The full report is available here.
> >
> > Feel free to write with questions.
> > --
> > Deji Olukotun
> > Senior Global Advocacy Manager
> > Access | accessnow.org
> >
> > tel: +1 415-935-4572 | @dejiridoo
> > PGP: 0x6012CDA8
> > Fingerprint: 3AEE 4194 F70E C806 A810 857A 6AD5 8F48 6012 CDA8
> >
> > Subscribe to our free weekly newsletter on digital rights, the Access
> Express: accessnow.org/express
>
> --
> Mark Nottingham   https://www.mnot.net/
>
>


-- 
Deji Olukotun
Senior Global Advocacy Manager
Access | accessnow.org

tel: +1 415-935-4572 | @dejiridoo
PGP: 0x6012CDA8
Fingerprint: 3AEE 4194 F70E C806 A810 857A 6AD5 8F48 6012 CDA8

*Subscribe to our free weekly newsletter on digital rights, the Access
Express: accessnow.org/express <https://accessnow.org/express>*
Received on Friday, 21 August 2015 19:29:17 UTC

This archive was generated by hypermail 2.3.1 : Friday, 21 August 2015 19:29:17 UTC