back to article Intel accused of wiretapping because it uses analytics to track keystrokes, mouse movements on its website

Intel is among the growing list of companies being sued for allegedly violating American wiretapping laws by running third-party code to track interactions, such as keystrokes, click events, and cursor movements, on its website. Last week, a lawsuit [PDF] against the chip maker that was filed in February was removed from a …

  1. Anonymous Coward
    Anonymous Coward

    Good heavens! I just suffered the annual ordeal on Info. Security & Privacy Awareness. We get this every single fucking year! Obviously the lackluster compensation policies of BK and Swan really took their toll.

  2. Neil Barnes Silver badge
    Mushroom

    How many times?

    Where I put my mouse is none of your fucking business!

    1. druck Silver badge

      Re: How many times?

      Some sites are almost impossible to navigate, due to confusing loops of links, hamburger menus, or not even being obvious some elements are links. If there was analytics which detected the users mouse rage, and flagged it up to the company, I might be tempted to enable their script.

      1. DrXym Silver badge

        Re: How many times?

        Lots of websites do stuff like A+B testing, measuring mouse travel. For the most part I imagine they do this to give users a better experience from using the website although there are obviously certain cases where they're trying to stop people from cancelling a subscription or changing their privacy settings.

        1. Anonymous Coward
          Anonymous Coward

          Re: How many times?

          Oh... you deluded fool. You must be new here.

      2. Anonymous Coward
        Anonymous Coward

        Re: How many times?

        Ah... Facebook.

    2. DrXym Silver badge

      Re: How many times?

      This stuff is common on websites and usually it is for the purposes of improving the website, e.g. Intel might want to make it easier to find drivers so they measure how long it takes for somebody to get what they're after, how many people give up mid-way through and that kind of thing. Although of course it could be used to develop anti-patterns, making it harder to talk to a real person, harder to change settings, add more pushy advertising and so on.

      1. Anonymous Coward
        Anonymous Coward

        Re: How many times?

        Interesting, I've got a couple of old crappy mice in the recycle box - they don't work well, the pointer jumps all over the place. I'll go get them and log in. Maybe I can put a few cat treats on an old keyboard too.

      2. The Man Who Fell To Earth Silver badge
        FAIL

        Re: How many times?

        It's never about improving the user experience. Never. At best, Amazon for example, it's about extracting your money as quickly and efficiently as possible. But for a primarily OEM supplier like Intel, it's about collecting data they can monetize.

        1. Neil Barnes Silver badge

          Re: How many times?

          I bought something from Amazon.de today, and the delivery *wasn't* auto-stuck on the join prime and never get out mwahaha button. And yet it's not April first!

        2. rcxb Silver badge

          Re: How many times?

          At best, Amazon for example, it's about extracting your money as quickly and efficiently as possible.

          Amazon is on my list for the worst-performing site I use, and getting slower every year. I'm always waiting ages for javascript to load until I can open a larger image. It's so bad I went from always shopping at Amazon, to now starting my shopping at eBay and only with hard to find or more expensive items will I compare what's available on Amazon.

          And once I've decided to buy, what does Amazon do? Stop the process cold to try and force me to sign up for a Prime subscription, or else hunt for the one square centimeter of space on the screen I can click on to place my order. And only then do I get the privilege of changing it from premium shipping back to FREE.

          The kitchen sink website design of Amazon makes it about the worst looking on the modern internet, too.

          1. Mr Dogshit

            Re: How many times?

            I would gladly use a greenscreen TTY terminal to buy stuff from Amazon. I don't give a crap about the stuff they shove in my face - pictures of Jeremy Clarkson I find particularly offensive.

          2. rskurat

            Re: How many times?

            And their search is unbelievably bad - I can be very specific about what I'm looking for, and that exact text string match is number 8 in the results.

        3. DrXym Silver badge

          Re: How many times?

          Amazon is trying to monetize every last pixel out of their website. Literally almost everything they're about is selling stuff.

          Intel's website has a broader purpose - information, developers, OEMs, products, support. It is clear that there are various things they want to improve about their site and doubtless some of those involve measuring who is clicking on feature stories, promotions etc. It is also clear that it is in everyone's interest to make it easy to navigate and find information on their site for people who visit with a purpose. The same goes for MANY companies.

          So it's kind of absurd to suggest it's never about user experience. Of course it is. And even if we're talking about the Amazon's of the world I'm sure everyone has been to a site where they've added something to a basket but something has screwed up and they've given up. e.g. the site forgot their order, or forced them to create an account to order, or dragged them through too many pages, or whatever. Analytics can help there. The site gets a sale and the customer isn't annoyed. It's not all either/or.

      3. Michael Wojcik Silver badge

        Re: How many times?

        Sure, it can be used for usability research, in the same way that eye-tracking studies traditionally were. But the potential for abuse is tremendous. It's also a performance hit, which makes the site harder to use, so there's an immediate cost for users.

        It's possible to do A/B website testing without intrusive analytics. I'd like to see these legal challenges drive this stuff out of the market.

      4. Adelio Silver badge

        Re: How many times?

        Maybe they could just test the website BEFORE deploying!

        1. RM Myers Silver badge

          Re: How many times?

          Unfortunately, I've visited many websites that limited their testing to internal users before deploying. Every website is easy to navigate AFTER you know how it works, and when the software/hardware of the user is well known.

  3. ayay

    Well...

    ...they can cry foul, but wiretapping is pretty much what it is.

    1. Jim Mitchell Silver badge

      Re: Well...

      In some jurisdictions, recording ("wiretapping") can be legally done with only one party's consent (ie, Intel).

      This seems more like one party using the other party's phone (some browser script) to do the recording, which is an interesting spin on things.

      1. doublelayer Silver badge

        Re: Well...

        "In some jurisdictions, recording ("wiretapping") can be legally done with only one party's consent"

        Yes, but not with a third party. In such jurisdictions, if I call you, I can record our conversation. However, if I call you and a third person not on the call records it, even if you know that, it is not legal. Also, California doesn't allow this. Florida does, but that proviso applies there.

        1. sreynolds

          Re: Well...

          I beg to differ. There are three parties, you and your input device (perhaps mouse in this case) and the third party that is monitoring you from some remote location.

          1. doublelayer Silver badge

            Re: Well...

            The law is clear. Parties which can record when one-party consent is permitted are those parties known to be on the call. I initiate the call and am one of them. The recipient of the call receives the call and is known to me, therefore they are also one of them. Another person is listening in and I didn't know they were there and I didn't consent to their collection. That's illegal. If they sold their software to Intel, only Intel runs it, and the data is only stored on Intel equipment, then that's not a violation. If any of my data goes to the operators of the library, they are violating it with Intel's collaboration.

            Even if Intel runs it all locally, they are violating legislation in states requiring two-party consent (this does mean all-party consent) and privacy legislation in the mold of GDPR, including the CCPA.

  4. A random security guy Bronze badge

    Why does Intel need to track users so closely?

    I can see FB doing it. But Intel?

    1. Dan 55 Silver badge

      Re: Why does Intel need to track users so closely?

      Intel won't be happy until they're absolutely sure their website is an unnavigable labyrinth.

    2. Michael Wojcik Silver badge

      Re: Why does Intel need to track users so closely?

      The usual reason. Some manager is given responsibility for the website. Said manager must justify his or her budget and salary. Showing you're doing a lot of A/B testing and making changes based on "data" -- regardless of the quality of that data, or how you got it, or whether those changes actually improve user experience -- plays well with higher-ups.

      There needn't be any corporate justification. It's about marketing someone's internal fiefdom to the C-suite.

      And real usability research requires resources. Ever run a technology ethnographic study or a contextual-inquiry study with a statistically-significant number of users? That's real work. Slapping another analytics script onto the site, then doing some trivial analysis on a bunch of numbers with an Excel spreadsheet, is much cheaper and easier, particularly if you don't care about the quality of the results.

      1. A random security guy Bronze badge

        Re: Why does Intel need to track users so closely?

        Intel has played fast and easy with security. I bet it was also warned. And yet they chose to persist.

        Depressing to see a company being so tone deaf.

  5. mark l 2 Silver badge

    If I know their is software which is tracking my mouse movements and keystrokes, Ill be drawing a giant penis and writing fsck off rather a lot on their website.

    1. rcxb Silver badge

      Ill be drawing a giant penis and writing fsck off rather a lot on their website.

      I look forward to the new school of data-driven web designers that insist web pages must be all be redone to include a penis-shaped navigation bar for maximum efficiency and customer engagement.

  6. Wade Burchette Silver badge

    So, how do you block this?

    I went to Intel's website and looked for any scripts from this company and I could not find any. NoScript only showed up scripts from Intel and tiqcdn.com. There has to be a way to block this. Does anybody know which domains these douchenozzles use?

    1. Snake Silver badge

      Re: Scripts

      Go to Intel.com and allow scripts on NoScript. If you view the page source you'll find that the main page is loading

      https://www.intel.com/etc.clientlibs/settings/wcm/designs/ver/210325/intel/global/js/resources/performance-config.js

      This script is hosted on the Intel domain so allowing Intel.com on NoScript doesn't raise any additional warnings. Perusal of the script seems to indicated many performance metrics are being observed - I'll suspect this this script is just one of the keys.

  7. Bitsminer Bronze badge

    GoDaddy for instance

    Try this little experiment: type in most of the info for a new domain on the godaddy website.

    Don't pay, don't type in a credit card number, don't complete the form. Just abandon it with a domain name filled in and your (hopefully throw-away) email address.

    And await the spam. Godaddy records all the clicks, including the domain and your email, as you type. (Or did about 3 years ago).

    1. sreynolds

      Re: GoDaddy for instance

      Or why not do this to your friends? I mean you'd think that some people who have unique email addresses for every person they speak to would be a bit suspicious.

      1. Korev Silver badge

        Re: GoDaddy for instance

        I got quizzed in a shop when I was returning some faulty gear not long ago. The guy who served me was most confused when I gave him a shop.name@mydomain.com type email address.

  8. logicalextreme Silver badge

    Think it's about time

    I started blocking scripts by default.

    1. ecofeco Silver badge

      Re: Think it's about time

      Where have you been for the last 5 years? :)

  9. Anonymous Coward
    Anonymous Coward

    https://www.commitstrip.com/en/2020/10/21/weird-bots/

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021