- From: Deji Olukotun <deji@accessnow.org>
- Date: Fri, 21 Aug 2015 15:28:46 -0400
- To: Mark Nottingham <mnot@mnot.net>, annevk@annevk.nl
- Cc: www-tag@w3.org
- Message-ID: <CAN9cB4HkDkqo_ZH7_2RtfObz4y=d9o6nVXc9UQTr1uXHQGf0OQ@mail.gmail.com>
Thank you, Mark. I've shared with our team and we'll take a look at the links you provided about transport-level metadata. Anne, thanks for forwarding along more information on the conversation around supercookies in Holland. We have been in contact with Vodafone about this issue and we will be in touch about it. Meanwhile, any suggestions about other articles or sources are much appreciated. Best, Deji On Wed, Aug 19, 2015 at 3:36 AM, Mark Nottingham <mnot@mnot.net> wrote: > Hi Deji, > > Thanks for that; this is very interesting and timely. > > You might be interested in looking at the ongoing discussion in the IETF > about adding transport-level metadata; e.g., in SPUD, that would be > available even for TLS connections. > > https://tools.ietf.org/html/draft-trammell-spud-req-00 > > https://github.com/hildjj/draft-hildebrand-spud-prototype/blob/master/draft-hildebrand-spud-prototype.md > > Cheers, > > > > > On 18 Aug 2015, at 3:44 am, Deji Olukotun <deji@accessnow.org> wrote: > > > > Hi - > > > > Thought this might interest you, given the TAG's statement on July 17 on > tracking headers and other privacy-related matters. > > > > You may remember last year's story on Verizon's use of "supercookies" to > track users. In the wake, Access launched AmIBeingTracked.com to allow > users to see if the supercookie was being used on their network. > > > > Today, we have released a report on our findings. The report was covered > by the Wall Street Journal: > http://blogs.wsj.com/digits/2015/08/17/study-finds-supercookies-used-outside-u-s/ > . > > > > Our report found alarming results, among them: > > • Evidence of widespread deployment. Carriers in 10 countries > around the world, including Canada, China, India, Mexico, Morocco, Peru, > the Netherlands, Spain, the United States, and Venezuela, are using > tracking headers > > • Tracking headers have been around for nearly 15 years; > > • Users cannot block tracking headers because they are injected by > carriers beyond their control, and they can attach to users even when > roaming across international borders; > > • Tracking headers leak private information about users and make > them vulnerable to criminal attacks or even government surveillance; > > • Tracking headers depend upon an HTTP, or unencrypted connection, > to function, and may lead to fewer websites offering HTTPS. > > The full report is available here. > > > > Feel free to write with questions. > > -- > > Deji Olukotun > > Senior Global Advocacy Manager > > Access | accessnow.org > > > > tel: +1 415-935-4572 | @dejiridoo > > PGP: 0x6012CDA8 > > Fingerprint: 3AEE 4194 F70E C806 A810 857A 6AD5 8F48 6012 CDA8 > > > > Subscribe to our free weekly newsletter on digital rights, the Access > Express: accessnow.org/express > > -- > Mark Nottingham https://www.mnot.net/ > > -- Deji Olukotun Senior Global Advocacy Manager Access | accessnow.org tel: +1 415-935-4572 | @dejiridoo PGP: 0x6012CDA8 Fingerprint: 3AEE 4194 F70E C806 A810 857A 6AD5 8F48 6012 CDA8 *Subscribe to our free weekly newsletter on digital rights, the Access Express: accessnow.org/express <https://accessnow.org/express>*
Received on Friday, 21 August 2015 19:29:17 UTC