One of the core areas that Mozilla is working on is user privacy, and one important aspect of this is controlling cookies. Most people are now aware that sites they visit seek to place cookies – small strings of information – on their systems as a way of tracking when and what they visit on that site. What many may not know is that so-called "third-party" cookies are also widely used: these allow people to be tracked as they move from site to site, and effectively enable a detailed picture of their use of the Web to be built up.
If people don't mind such third-party tracking, that's fine. But most are unaware it's going on, and may well object to other sites knowing about their browsing habits – especially if information is being collated to generate a detailed profile of their most personal interests. In order to give control back to the user, a new beta version of Mozilla's Firefox blocks such third-party cookies by default. Here's an interesting post by Mozilla's privacy lead, Alex Fowler, detailing this move and what happened when he visited four typical sites before and after installing the new beta:
I cleared all my cookies before visiting these sites and then re-performed this process several times, as I wanted to verify that in fact four sites did lead to over 300 cookies from more than 100 companies I had not visited.
The fact that just four sites caused 300 cookies to be loaded from 100 companies not involved in those sites shows the extraordinary scale of this invisible tracking, and how important Mozilla's initiative is here (it's worth noting that Apple's Safari already has this feature.)
And yet it seems not everyone is enamoured of the move. Under the cataclysimic headline "IAB Europe cautions Mozilla switching off a large part of European industries and undermining the openness of the internet" - yes, Mozilla is undermining openness, apparently – we read the following:
IAB Europe expresses disappointment that Mozilla's new browser cookie settings, which will come into effect in early April, will block third party cookies by default. This move will switch off a significant part of the industry and undermine pan-European industry-wide efforts to empower Mozilla Firefox users through improved transparency and better choices about how to manage their online footprint.
IAB, in case you'd forgotten, is the Interactive Advertising Bureau, the industry body for online advertising. Its claim that Mozilla's move will "undermine pan-European industry-wide efforts to empower Mozilla Firefox users through improved transparency and better choices about how to manage their online footprint" is pretty extraordinary. I've not come across any moves from the IAB to that effect, and I spend far too much of my time online, so I would have thought it might have popped up somewhere. Equally, the idea that the online industry is giving "better choices" to users is nonsense: as the experience of Mozilla's Fowler shows, there is a massive abuse of our trust going on here that most of us are completely unaware of.
IAB Europe continues:
Digital advertising today helps to fund content, services and applications that consumers enjoy for little or no cost. The economic benefits to European consumers have been assessed by McKinsey to amount to EUR 69bn in 2010. But digital advertising also helps businesses – many SMEs – support and drive their businesses. IAB Europe, representing over 5,500 organisations in the online advertising, media, market research and analytics, has spear-headed an industry-wide self-regulation effort across Europe to provide consumers with greater transparency and control over targeted advertising in a consistent way. "The Mozilla approach will undermine this effort and deny consumers" says Kimon Zorbas, Vice President of IAB Europe.
Mr Zorbas is then quoted as saying:
Switching off an entire industry does not benefit users in the long run, raises serious competition issues, at least in Europe and threatens to tear apart the foundation of a free internet."
It is, of course, quite true that digital advertising plays an important role in the online ecosystem, and helps many businesses. But it is utter toffee to suggest that Mozilla's move will endanger this by "switching off an entire industry"; after all, the new Firefox feature does not stop sites using cookies, it merely blocks third-party cookies being loaded by default (and they can still be accepted if the user so wishes.). IAB Europe seems to be suggesting that the entire online advertising edifice depends on users being tracked by hundreds, possibly thousands, of third-party cookies installed on their systems that watch their every move.
If that is indeed the case, IAB Europe has a very big problem on its hands, since it means that its members are incapable of making money from people visiting their sites without engaging in mass surveillance that would make East Germany's Stasi envious. But I don't think this is the case. Even once the new Firefox is rolled out to all users, commercial sites will continue to function as before, and cookies will continue to be placed on people's machines (with their knowledge and approval). The only thing that will change is that massively-intrusive third-party networks won't be able to take for granted the presence of their cookies on machines, and that's as it should be.
IAB Europe's statement is obviously over-the-top scare-mongering. The interesting question is why it is making these ridiculous claims. I think the real reason is the Data Protection regulation that is currently being debated in the European Parliament. As I noted recently, this has come under the most sustained attack by US lobbyists ever seen in Europe.
It seems likely that IAB Europe's absurd accusation that Mozilla, one of the linchpins of the open Web, is actually undermining openness, is part of a larger campaign to belittle and bludgeon anything and everything that might offer the European public any measure of protection against the desire of certain large companies in certain countries to take and use our private data as they wish. It shows that these companies fear that European users may finally be on the brink of taking back control over that data. Which is why we must not lose this precious opportunity, and must keep pressing our MEPs to defend our privacy.