- From: Lorrie Cranor <lorrie+@cs.cmu.edu>
- Date: Wed, 23 Jan 2008 13:57:48 -0500
- To: Rigo Wenning <rigo@w3.org>
- Cc: www-p3p-policy@w3.org, public-pling@w3.org, tns <t-and-s@w3.org>
> > January 22, 2008 11:00 PM PST > Whoops! Ask.com complaint to FTC is an EPIC mistake > Posted by Declan McCullagh > http://www.news.com/8301-13578_3-9855935-38.html?tag=nefd.blgs > > A zealous band of pro-regulation privacy groups made a valiant > effort a few days ago to convince the Feds to forcibly pull the plug > on a new feature on the Ask.com search engine. > > The groups, which include the Electronic Privacy Information Center > and the Center for Digital Democracy, told the Federal Trade > Commission on Saturday that that a formal injunction was necessary > to halt some supposedly pernicious practices on the part of Ask.com. > > The only problem? Those supposedly pernicious practices don't > actually exist. > > Ask.com already had voluntarily changed the way it handled its new > privacy feature weeks earlier. This self-appointed posse of liberal > nonprofits, which also includes Consumer Action, was riding to bring > to justice a problem that had long since vanished (and that's > assuming it existed in the first place). > > Now, I admit that anyone can err. And in fact I've known the folks > at EPIC to be careful, honest, and principled, even if I may > disagree with them from time to time. I think this is an honest > mistake. > > But this episode is useful to note because it exposes how the > Washington practice of advocacy groups using federal agencies to > sabotage political enemies can be bereft of facts and logic. (From > EPIC's perspective, this was supposed to be a no-lose situation: > it's a win if AskEraser is taken off the market, and if the > Republican-led FTC refuses to do so, the FTC and the Republican > appointees can be slammed as insufficiently sensitive to "privacy > interests.") > > For his part, Ask.com spokesman Nicholas Graham told me on Tuesday: > > EPIC's weekend filing regarding AskEraser is both flawed and > unfortunate. It's unfortunate in the sense that Ask.com tried to > engage in a constructive dialogue with the group last week, and was > rebuffed. Privacy is an issue that demands collaboration and > partnership between online companies and advocates, for the benefit > of all consumers. Ask.com's relationship with the Center for > Democracy & Technology is proof-positive of that. > > EPIC's filing is flawed in the sense that the document they filed is > factually inaccurate, and simply shows a fundamental > misunderstanding of the functionality of our product. In addition, > many of the issues they raise are outdated, while others are > completely misguided from the outset, and others deal with changes > that Ask.com already made to AskEraser weeks ago, and were > subsequently posted publicly on our website. > > EPIC Executive Director Marc Rotenberg replied to me in e-mail on > Tuesday evening: > > If Ask has now fixed the problem, (1) that means we were right, (2) > they should have responded to our letter. But that doesn't solve the > problem with opt-out cookies, which I think you will agree is a > nutty approach that does not scale, i.e. it requires users to keep > cookies for all the companies they don't want to be tracked by. Even > the FTC should be able to see the problem. > > Rotenberg is right that using opt-out cookies may not be the > cleanest design technique. If I were coding it, I'd have created a > special "ask.com/eraser" site--the same way Google set up its > google.com/unclesam government search -- or a private.ask.com > subdomain. No cookies would be needed. > > Then again, I'm not privy to how Ask.com's software is designed and > the trade-offs that would be involved. More to the point, probably, > companies should have flexibility in how they try to offer new > privacy features--and it's hardly clear that a bunch of permanent > Washington insiders or FTC bureaucrats know more about scalable > software engineering than, well, actual software engineers. As long > as Ask.com is honest about what it's doing, and it seems to be in > its FAQ, it should be allowed to keep on offering new features. > > There's one more question worth asking: if EPIC and CDD and their > ideological allies believed they had such a strong case, why not > file an actual lawsuit instead of asking the FTC to undertake an > investigation that would likely take half a year or more to complete? > > After all, EPIC is staffed by attorneys, and their complaint to the > FTC alleges that AskEraser is, beyond any doubt, "an unfair business > practice." If true, that would violate state consumer protection > laws, including California's section 17200, which says private > attorneys may sue a company engaging in "unfair" business practices. > > I think I know what the answer is. Judges have little patience for > plaintiffs that waste their time. If this had been a lawsuit, a > judge might well have fined EPIC et al. for wasting his time with > frivolous claims, and its staff attorneys might even have been > subject to individual sanctions. > > Lawsuits, in other words, have risks. Firing off an inaccurate > letter to the federal bureaucracy, on the other hand, merely results > in the sender looking a little silly. The next time you see them > complaining to the FTC about some alleged wrongdoing, remember these > attorneys' odd reluctance to litigate. > > ________________________ > > Ask.com's statement on the complaint: > > http://www.news.com/5208-13578_3-0.html?forumID=1&threadID=34575&messageID=370477&start=-1 > > Ryan Singel's coverage: > > http://blog.wired.com/27bstroke6/2008/01/askcoms-privacy.html > >
Received on Wednesday, 23 January 2008 18:58:28 UTC