back to article Mozilla CSO demands fines to curb Big Tech surveillance

Mozilla's Chief Security Officer Marshall Erwin urged federal regulators to crack down on internet giants and web browser makers that don't protect their users' privacy — and to make them pay penalties for bad behavior. "Privacy online is a mess, consumers are stuck in this vicious cycle in which their data is collected, often …

  1. VoiceOfTruth Silver badge

    Perhaps a better way...

    For each cookie that a web site adds, calculate a cost based on its persistence and longevity.

    Let's imagine micropounds/microdollars/microdirhams:

    1. Session cookie, expiry at most one week (these have some value to the end user): 0.0

    1.1 Session cookie more than one week (easy workaround - require a new login): 0.05

    2. Advertising cookie: 0.1

    2.1 Advertising cookie per day (make them pay if the cookie persists longer than an advert in a daily newspaper): 0.1

    3. Analytics cookie for one web site, expiry at most one week (this has legitimate use for a web site): 0.0

    3.1 Analytics cookie cross site (this is tracking, not just analytics): 0.1

    3.1.1 Analytics cookie cross site per day: 0.1

    4. Device cookie uniquely identifying a device whether laptop, desktop, mobile (utter scum of the earth): 0.5

    4.1 Device cookie per day (make them pay): 1.

    We are not the product, we are the victims. If there is a cost to be born by the advertisers and trackers, they will do far less of it. The cost of buying billboard space is not cheap, cookies are. We give about 1 or 2 seconds of our attention to an advert in a newspaper, if it grabbed our attention in the first place, then we move on. So it should be with cookies.

    1. Frank Bitterlich

      Re: Perhaps a better way...

      ... or maybe... make tracking techniques under the guise of "advertising" illegal altogether, how about that?

      I'm sick and tired of the constant "... but we need the advertising revenue" whining. You're not making any advertising revenue. You're making tracking revenue. Why do ad companies get away with pretending that they need "targeted advertsing" and thus need to track your web surfing to the max?

      Who on this planet would accept someone ringing your door bell and going, "Excuse me, sir, we need to make sure the junk mail we fill your mailbox with is relevant, so I just need to have a quick look at your book shelves and the products in your fridge. If you could just step aside for a second..."

      And don't get me started about the whole "legitimate interest" BS in the GDPR. That sounds like the rules for using the company credit card for personal expenses in the Hitchhiker: It's forbidden – unless you declare that you really want to do it. In other words, doing something illegal is OK, as long as that is your business model.

      1. ecofeco Silver badge

        Re: Perhaps a better way...

        I wish I could up-vote this more.

  2. Woodnag

    "financial penalties are a meaningful way to move the needle"

    Nope. Because the fines are lower than the profit, and don't cause the transgressions to stop.

    Custodial penalties are a meaningful way to (etc)...

    1. Dan 55 Silver badge

      Re: "financial penalties are a meaningful way to move the needle"

      Instead of fining the company, senior management should be fined. That would sort the problem out quickly.

      1. Woodnag

        Instead of fining the company, senior management should be fined

        Not if the company pays their fine.

        1. Anonymous Coward
          Anonymous Coward

          Re: Instead of fining the company, senior management should be fined

          Dawn raids are the best. You can't actually convict executives of anything meaningful, but getting hauled out of bed at 4am by armed cops in front of your mistress (or wife and children in unusual cases) spoils anyone's day, and even top executives would avoid it happening too often.

    2. iron Silver badge

      Re: "financial penalties are a meaningful way to move the needle"

      Whenever these companies get caught doing something they shouldn't it always seems to be the fault of "a rogue engineer" so I'm going to say no to custodial penalties because it would be the poor developer serving them not the middle manager who told them to add the tracking code, nor the suit who made it the company policy.

      I have refused to write code, including ad tracking code, because it was against my ethics but not every developer has the ability to do so.

    3. Spanners Silver badge

      Re: "financial penalties are a meaningful way to move the needle"

      Financial penalties should be related to global turnover and on a sliding scale.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like