back to article Ad-blocker blocking websites face legal peril at hands of privacy bods

Websites that detect ad-blockers to stop their users from reading webpages could be illegal under European law. Alexander Hanff, a privacy campaigner and programmer, says he has received a letter from the European Commission confirming that browser-side web scripts that pick out advert blockers access people's personal data ( …

Re: Bull

No they don't.

15
2
Anonymous Coward

Re: Bull

>Your proposed solutions do not scale well and are using the resources very inefficiently.

>Such a change would also kill the biggest players in the field (like Google)

It was Google I was thinking of - in traffic terms Google (CloudFlare) is already serving the ads, the publisher content and click-thru targets now in billions of instances daily.

0
0
Silver badge

Re: Bull

"Anti blockers work by checking whether the user has seen some ad or received some file, effectively retrieving the information stored in the user's cache about whether that file has been downloaded or not."

Wrong. The cache isn't involved. Neither is any information stored. Actually, if anything, the opposite is true. Ad blocking is detected by some "information" (element of the page) not being present on the client side, because of, you know, it getting blocked.

AFAICS these are two statements of the same thing.

However ultimately neither my view, nor yours, nor Mr Hanff's will be decisive. The decisive view may well be that of a court. Do you intend to provide expert evidence?

11
0
Silver badge

Re: Bull

"So, they will do anything to hinder such a shift in the paradigms how internet advertising works."

And as ad-blockers render their current paradigms unworkable they'll change PDQ.

1
0

Re: @FF22

> https://yourlogicalfallacyis.com/loaded-question

> https://yourlogicalfallacyis.com/ad-hominem

Thank you for telling me about logical fallacies (which I'm *well* aware of)

However when you look at someone's El Reg list of posts and find that, since they joined the Forums on the 9th of October 2013, they have posted a grand total of 86 posts, a goodly proportion of which relate to the use of ad blockers and some of which contain such ludicrous comments like this one...

"Theft is theft, no matter what your reasons for doing it are. And using web services and consuming content without "paying" for them by tolerating ads IS also theft."

... it is neither a loaded question, nor an ad hominem attack to wonder whether the poster who doth protest too much is doing so because he's worrying about his job disappearing.

So if you *don't* work for an advert pusher, *WHY* are you getting so uptight about people using ad blockers or why it is that it seems that everyone else apart from FF22 considers that they way these ad-block-blockers work is illegal?

29
1

Re: @FF22

@Graham Marsden:

Your "reasoning" is like

- if you're defending women's right not to be raped, you have to be a raped woman

- if you're defending black people's right not to be shame for their skin color, you have to be a black man

- if you're defending publishers right to not have their ad blocked blankly, you have to be a representative of an internet advertising company*

(*which doesn't even make sense even in itself, but let's skip this part for now)

No, I do NOT have to be a woman, a black man or an internet advertising (firm) to defend some group of people, a phenomenon or even just an idea against unfair treatment, false statements and abuse in general.

And the reason why I'm saying what I'm saying is completely irrelevant and does not determine whether what I say is factual and logical. Not that I wouldn't have explicitly disclosed why I'm saying what I'm saying. Just saying, that even if I wouldn't have done so, it still wouldn't matter.

Because if what I'm saying is not factual and makes no sense, you could obviously still rather easily point that out, and expose the logical and factual flaws in my comments. But you didn't and don't do that. Instead, you fall back to ad hominem attacks and other logical fallacies. You wouldn't have to do that if you would actually have a factual and logical counterpoint to my statements, would you?

And no, you don't actually have to answer that question. It was a rhetoric one, which we both know the answer on.

1
30

Re: Bull

"AFAICS these are two statements of the same thing."

No, because anti ad blockers - as already said - do not examine your cache, do not query the list of installed extensions/plugins (contrary to what our "expert" says), etc. And because they do not store or transmit that information anywhere inside or outside of the browser. They simply do nothing that the EU DPD would require to ask prior consent for.

0
23

Re: Bull

@Alexander Hanff 1

Well, you know, this whole situation is exactly like if you would have contacted EU officials and asked them whether "PEZ dispensers that are dispensing cyanide pills" are legal or illegal - and you would have gotten an answer back, that explicitly states, that "well, PEZ dispensers that are dispensing cyanide pills are illegal, because cyanide is a toxic element that is not allowed to be present in food or toys above [just a wild guess] 0.001 micrograms".

And then you would go on tour and to media outlets and would claim that "the EU has declared PEZ dispensers illegal" - while in fact they did nothing alike. They only answered your (rather pointless) question about an imaginary PEZ dispenser that specifically dispenses cyanide pills - but which has nothing to do with PEZ dispensers on the market and which nobody in their rights mind would start to manufacture anyway.

The only difference between your "anti ad blocker that stores scripts" story and the "PEZ dispenser that dispenses cyanide pills" story is, that while the concept of a PEZ dispenser is simple enough for everybody to get a grasp on, and to realize that the problem with such a dispenser would be the cyanide itself, most people - including you - are simply not knowledgeable about the inner workings of anti ad blockers or even of the web and of web browsers in general to realize that

(1) the problem with anti ad blockers that store scripts would be - according to the EU - not their existence per se, but storage of scripts, and that

(2) existing anti ad blockers are not storing scripts or any other information on client computers - so they're not illegal either. And that you're riding a dead horse there.

And it's not only that actual anti ad blockers don't store any information on the users' computers, but it wouldn't even make sense for them to do so. Because users can turn off or on the ad blocking any time, between any two page loads - and if an anti ad blocker would store any information on whether a user blocks ads, instead of re-evaluation that on every page load, then it would

(1) fail to allow access to the content for a user that has turned his previously active blocker off, and

(2) fail to deny to the content for users that have originally not blocked ads, but have enabled it after passing the ad block test. Which would completely defeat the purpose of an anti ad blocker, both ways.

So, in reality all ad blockers work by checking whether the user is blocking ads on every single page load, and allowing or denying access to content based on the result only in regard of that single page just loaded. No storage of information is needed for that, and it would be actually totally counterproductive to store any such information.

And because actual anti ad blockers do not store information on the users' computers and because they don't collect any personally identifiable information either (which again is not needed and would not make sense anyway), they're not and can't be illegal under EU data protection laws, even if they didn't ask for prior consent from the user for doing what they're doing.

The only illegal anti ad blockers under the EU law would be those imaginary anti ad blockers that "store scripts" on the users' computers, but which do not exist in reality - only in your enquiry to the EU and of their reply on that.

1
23
Law

Re: Bull

"Your proposed solutions do not scale well and are using the resources very inefficiently. That's exactly why internet advertising has evolved over time not to work that way (which it did originally), but the way it does today."

And yet, ads and possibly the overworked servers they're grabbed from will take a web page that loads in under 500ms, and make it take 5000ms, loading the ads before the content so you're just waiting. THIS is why I use an ad blocker, not because I hate ads per say, it's the speed/performance hit I get for the privilege.

Try from a mobile on a slow connection and it gets much worse... Once (if) a page does load fully it often becomes unbrowsable, having scrolling hijacked so ads shift with the page, causing it to jump back up etc.

Also don't buy into the idea of "assumed permission". The increase in click bait and click-event redirect ads (some will launch the page you want in a pop-up/new tab and have a dodgy ad website show up in the current tab) make this assumed permission obviously floored. Your whole industry is shooting itself in the foot!

Basically, you have small legit ads that don't affect page performance or affect the use of the page you may have wanted... Then you get 90% of the other ad brokers who are owned by swine's, use poor programmers and built to run at minimum cost for maximum profit, so UX and privacy isn't their primary concern, in fact they're things to be removed from users in pursuit of your goal.

17
0

Re: @FF22

> Your "reasoning" is like

Oh deary, deary me, FF22 and you were complaining (incorrectly) about *me* using fallacious arguments!

Shall we try Ad Hominem Tu Quoque? Or maybe Burden of Proof? Or there's always the good old False Analogy...

(You could, of course, also look up the definition of what "theft" actually is, but that's by-the-by...)

> the reason why I'm saying what I'm saying is completely irrelevant

Is it? Ok, FF22, you tell us *why* this *ONE* particular issue is so important to you.

As I said, out of (what was, at the time) just 86 posts since 2013, a large proportion of them have been about the blocking of adverts, so why this and nothing else? Why are you putting so much time into attacking Alexander Hanff? I, for one, would like to know.

> if what I'm saying is not factual and makes no sense, you could obviously still rather easily point that out, and expose the logical and factual flaws in my comments. But you didn't and don't do that.

No, I haven't and I'm not going to because others are doing that and comprehensively and repeatedly demolishing your arguments, but you are simply not willing to accept even the possibility that you could be wrong.

So, again, I ask *WHY* this one particular issue is such a big deal for you.

Now are you going to answer that, or are you just going to try to move the goalposts again and attack me for pointing out your fallacies instead?

18
1
Silver badge

Re: @FF22

"but you are simply not willing to accept even the possibility that you could be wrong."

As I keep saying about the (online?) advertising industry: fingers in ears, "LALALALALA!"

8
0
Silver badge
Joke

Re: @FF22

@Graham Marsden,

<quote>Ok, FF22, you tell us *why* this *ONE* particular issue is so important to you.</quote>

Because (s)he is the Loverock Davidson of the ad industry.

2
0

Re: Bull

I can see why they wont do (A)

24/04/2016 10:00 Some of your ads are serving up malware and are directly from you

24/04/2016 10:15 Aware user spots something odd, emails publisher

24/04/2016 10:17 Email arrives

24/04/2016 10:30 No-one reads the email

24/04/2016 16:30 No-one reads the email

25/04/2016 08:30 Someone reads the email.

25/04/2016 09:30 Malware removed

30,000 people have been exposed to malware 300 had to do something manually, 30 lost data

At the very least your sites reputation now has rather diminished value.

Quite probably (IANAL) if you did not take timely action once informed, you have liability for loss and consequential loss. At what point 'timely' is is arguable, but probably shortly after 24/04/2016 10:17.

4
0

Re: Bull

I think you will find that "personal information" in relation to a data processor is any information that can be used with other information held by the data processer to identify an individual.

0
0

Re: Bull

The ePrivacy Directive doesn't require access to "personal information" it covers ALL information as highlighted in the European Commission's letter. The main point of the amendments in 2009 (Article 5(3)) were to deal with spyware, malvertising and behvioural tracking/profiling - it is not the Data Protection Directive it is the ePrivacy Directive and exists for completely different purposes to the DPD.

The European Commission regards adblock detection as a form of Spyware it also falls under the category of behavioural profiling (using an adblocker is a "behaviour").

3
0
Pirate

Re: Bull

I give up.

Please tell me where the cyanide dispensers are, I have lost the will to live.

2
0
Anonymous Coward

Re: Bull

Does that not make image-preloading scripts illegal too? After all, they check to see if an image has been downloaded, presumably without permission.

Going further, it also covers any site that uses jQuery and $(document).ready(), and - going further - <body onload="">

0
0
Silver badge

Almost enough to make me want to vote to stay in

Any site that refuses to serve me content because I run an ad blocker gets put on my blacklist and is never visited again.

There is always another place to find the information or buy goods these days that I feel that they are just shooting themselves in the foot.

The more they block, the more they will turn people away.

75
1
Silver badge
Pint

Re: Almost enough to make me want to vote to stay in

Exactly, I could not have said this better. +1 Sir.

23
1
Silver badge
Joke

Re: Almost enough to make me want to vote to stay in

"The more they block, the more they will turn people away."

And maybe over time, the internet will be pared down to just the stuff worth having? In which case, keep it up advertisers, keep it up!

26
1

Re: Almost enough to make me want to vote to stay in

Any site that refuses to serve me content because I run an ad blocker gets put on my blacklist and is never visited again.

Mostly agreed, except for Channel4's All4 (as was 4oD). Unfortunately their stupid adblock detector cannot detected that I've whitelisted their site*, so I've sent a link to them and told them to be at the forefront of disavowing adblock detectors.

* Possibly because I use ublock rather than adblock - mind you I also use NoScript and have a stupid long host file so ain't nut'ing gettin into my system!

7
1

Re: Almost enough to make me want to vote to stay in

Mostly agreed, except for Channel4's All4 (as was 4oD). Unfortunately their stupid adblock detector cannot detected that I've whitelisted their site*

It's an old problem. Back in the day, users were blocked by lazy coders from viewing pages unless they used Internet Explorer whether or not the browser they were using could render the page or not. In this case it's just that the lazy coder in this case was only interested in seeing if you had a blocker rather than checking that they had actually been blocked.

2
0
Silver badge

Re: Almost enough to make me want to vote to stay in

4oD is - or was, the last time I tried to use it - broken. I don't use an Ad Blocker because NoScript pretty much wipes most advertising out anyway, and that, Ghostery, and my cookie retention policy all combine to knock tracking on the head.

However, when I last visited 4oD in an attempt to watch something (and after I'd got NoScript [temporarily] whitelisting the necessary script sources, the site played me the pre-show adverts, then the first part of the program. IIRC, it then played me the first break adverts, before putting up a message saying it was blocking me from viewing the remaining content because I was running an Ad Blocker.

After pissing around to get things working again, it played me the pre-show adverts before I could see (and therefore skip through) the first part again, then I had to sit through the first break adverts again, before continuing to watch the program.

Unsurprisingly, I've never bothered with 4oD since. If it's on one of C4's channels, if I don't manage to record it (or a repeat) I don't watch it.

17
0
Silver badge

Re: Almost enough to make me want to vote to stay in

No joke really. The internet is in need of a major cull of crap and parasite sites. We could lose over half of it and hardly notice.

16
0
Anonymous Coward

Re: Almost enough to make me want to vote to stay in

"There is always another place to find the information or buy goods these days that I feel that they are just shooting themselves in the foot."

ALWAYS? I don't think so. There's always an ad-blocker-aware site that hosts exclusive-not-found-anywhere-else content that forces you into a take-it-or-leave-it scenario. Frequently, I find that to be necessary but obscure device drivers which means I have to take it or abandon the hardware which means money.

0
2
Silver badge

Re: Almost enough to make me want to vote to stay in

"The internet is in need of a major cull of crap and parasite sites. "

Yup. Most of those parasite sites scrape content from someone else, bracket it with intrusive adverts then push themselves using clickbait.

Sometimes they even take over existing high quality sites..... Perhaps this has already happened to El Reg.

9
0
Anonymous Coward

Re: Almost enough to make me want to vote to stay in

well, it would be hilarious, if the major Internet problem how to find true content under the MOUNTAIN of garbage were to be solved so spectacularly by the garbage-generating advertisers themselves...

5
0
Silver badge

This FF22 guy/gal

Worst. Astroturfer. Ever.

Imbibed a pinch too much of the ol' nose candy, perchance?

2
0
Silver badge

Re: Almost enough to make me want to vote to stay in

"Frequently, I find that to be necessary but obscure device drivers which means I have to take it or abandon the hardware which means money."

Extreme edge cases don't seem like a sound foundation for what might remain of the existing advertising business model.

0
0
Silver badge

Re: This FF22 guy/gal

I'm not sure that's fair actually. Regardless of personal distaste for online advertising, I think his point is sound.

The letter states that "storing of information of gaining of access to information already stored is [..]. allowed if the user has given his or her consent".

FF22 is making the point that if you consider the caching of the ad-detection script to be "storage", and therefore requiring consent, then logically this requirement would then apply to everything in the cache.

Visit a page that loads an image? The image is stored in the cache, so you have to give consent. And so on for every resource on the page, including the HTML itself. I'm no great fan of advertising online, and run an ad-blocker for most sites, but I have to agree with this assessment.

Whether it's true or not will hinge on two things.

First, the definition of storage as it is used in the directive. This is not simply a matter of quoting a dictionary definition: there must be exemptions for temporary storage required to facilitate the transaction, otherwise your SMTP server would not be able to accept your mail for further transmission, for example. I think the browser cache would fall into the same category.

Second, the definition of consent. Perhaps you could argue that by typing a URL in your browser you have given informed consent to the display of that page and the resources you would reasonably assume to be a part of that page - stylesheets, images and so on. From there it's not a great stretch to argue that a script which checks whether the adverts are displayed properly is reasonably part of a website that depends on ad revenue.

In short, if you assume Hanff is correct that explicit consent is required and applies to all storage, then it's reductio ad absurdum to the point where your browser is unable to function. I have no doubt he will take this to court and I'll be intersted in the result, but I think it's not as cut and dried as he makes out.

1
1

Re: This FF22 guy/gal

Please take the time to read the law and the recitals which explain the law. They very clearly answer your questions and show your thesis to be wrong.

Storage is defined, consent is defined, exemptions exists.

Thanks for your lazy "I cant be arsed to read" input.

1
2
Silver badge

Re: This FF22 guy/gal

Given this topic is now four days old, and that the same point has been made several times already, perhaps you would consider sharing with us great unwashed the benefit of your many years of experience on this topic, and provide us with links to some of these answers you cite?

After all this is your area of expertise, and they are fairly central to your argument. You probably have them to hand, as no doubt you will need to cite them as part of your impending challenges.

Until then you are very welcome, and I anticipate once again basking in the warm glow of your haughty response.

0
1
Silver badge

Re: This FF22 guy/gal

Tell you what Alexander, as you are clearly very busy and important., I'll save you the effort and quote this for you:

"(22) The prohibition of storage of communications and the related traffic data by persons other than the users or without their consent is not intended to prohibit any automatic, intermediate and transient storage of this information in so far as this takes place for the sole purpose of carrying out the transmission in the electronic communications network and provided that the information is not stored for any period longer than is necessary for the transmission and for traffic management purposes, and that during the period of storage the confidentiality remains guaranteed. Where this is necessary for making more efficient the onward transmission of any publicly accessible information to other recipients of the service upon their request, this Directive should not prevent such information from being further stored, provided that this information would in any case be accessible to the public without restriction and that any data referring to the individual subscribers or users requesting such information are erased."

I presume this is the definition of storage you refer to?

Perhaps you could share some of your wisdom with us on paragraph 25?

(25) However, such devices, for instance so-called "cookies", can be a legitimate and useful tool, for example, in analysing the effectiveness of website design and advertising, and in verifying the identity of users engaged in on-line transactions. Where such devices, for instance cookies, are intended for a legitimate purpose, such as to facilitate the provision of information society services, their use should be allowed on condition that users are provided with clear and precise information in accordance with Directive 95/46/EC about the purposes of cookies or similar devices so as to ensure that users are made aware of information being placed on the terminal equipment they are using. Users should have the opportunity to refuse to have a cookie or similar device stored on their terminal equipment. This is particularly important where users other than the original user have access to the terminal equipment and thereby to any data containing privacy-sensitive information stored on such equipment. Information and the right to refuse may be offered once for the use of various devices to be installed on the user's terminal equipment during the same connection and also covering any further use that may be made of those devices during subsequent connections. The methods for giving information, offering a right to refuse or requesting consent should be made as user-friendly as possible. Access to specific website content may still be made conditional on the well-informed acceptance of a cookie or similar device, if it is used for a legitimate purpose.

Maybe I just can't be arsed again, but it looks like that could apply to JS used to "analyse the effectiveness [,..] of advertising", and that allowance is specifically made for "website content may still be made conditional on the well-informed acceptance of a cookie or similar device".

Asking the user to remove an ad block is asking for consent to show ads, wouldn't you agree?

If I understand your argument, you say the storage of the script which asks the user to remove add blocking itself requires consent? But surely asking for any form of consent requires a script, which requires storage, which requires consent? I refer you to my reductio ad absurdum argument above.

If you could spare a minute to enlighten us hoi polloi further that would certainly further the conversation, don't you think?

0
1

Re: This FF22 guy/gal

"in so far as this takes place for the sole purpose of carrying out the transmission in the electronic communications network"

Adblock detection scripts are nothing to do with carrying out the transmission in the electronic communications networks - their purpose is to detect adblockers.

"their use should be allowed on condition that users are provided with clear and precise information in accordance with Directive 95/46/EC about the purposes of cookies or similar devices so as to ensure that users are made aware of information being placed on the terminal equipment they are using. Users should have the opportunity to refuse to have a cookie or similar device stored on their terminal equipment."

Which just verifies exactly what I have stated - users need to give their consent - current methods of detection are happening without consent. Also note the "users should have the opportunity to refuse" so these scripts cannot be used until the user is given the opportunity to refuse such activities.

So thanks for your input but if you think it does anything other than verify -everything- I and the European Commission have stated, you seem to be having some issues with your comprehension.

2
0
FAIL

The marketeeers have shot themselves in the foot. There is a place for discreet ads on a page but large flashing red ads are what drove me into the arms of adblock, a cosy place where I intend to stay.

I have no right to force myself onto a web site which doesn't want me to use an adblocker but I can, and do, vote with my feet and wallet. (OK, for the pedants: my fingers and little stash of cash.)

37
2

"I have no right to force myself onto a web site which doesn't want me to use an adblocker"

This is why adblock-blockers should be legal. The EU should not give you a right you should not have.

1
28

Adverstisers consistently prove their unworthyness

Flashing ads, then pop-ups, then pop-unders, interstitials, auto playing videos and user trackers. I have sympathy with good web sites trying to generate ad revenue, but the techniques that have been used over the years to stuff unwanted ads down our throats means that with very few exceptions, if I can't use an ad-blocker I'm not going to visit. If they would stop being such assholes, I suspect many would stop using ad blockers. I know I get tired of the drama of maintaining a good ad blocker. (the bastardization of Ghostery recently is a good example)

15
1
Bronze badge

Stacks of cash? I hardly ever use cash any more, and never on the internet. It's all about shoving numbers around.

I don't even use it much for live transactions. I keep some cash for the occasional candy bar, bag of chips ("crisps" if you like), tips and such, but the rest goes on a credit card. (Just for convenience, not a mounting debt.) $100 cash usually lasts me several months.

...Oh sorry, you said "pedants", I thought you were calling me. ;)

2
1
Anonymous Coward

Bull?

That kinda fits with the associated website: http://www.think-privacy.com

It appears to be peddling software, or maybe vapourware?

The cap seems to fit.

Site visitors are referred to Mr Hanff's Twitter thing....

That's surely not a very suitable place for :-

" ... a globally respected privacy expert and advocate with a background in computer science, pyschology, sociology and law... " (according to the website)

Twitter features a rant vs the BBC for not airing his interview - maybe the Beeb knows something?

Or maybe not...

Perhaps Alexander Hanff would care to comment on these august pages?

1
24
Silver badge

Re: Bull?

"That's surely not a very suitable place for :-

" ... a globally respected privacy expert and advocate with a background in computer science, pyschology, sociology and law... " (according to the website)"

How much of an international presence did Max Schrems have? Didn't help Google then.

10
0
Silver badge

Re: Bull?

I assume you're posting as 'Anonymous Coward' because you care about your privacy?

And yet you're criticising someone who takes steps to help you protect the privacy you seem to care about.

Or perhaps I'm wrong: You don't care about your privacy - or anyone else's for that matter; perhaps it's really that you're part of the problem: An advertising industry that thinks it can just trample over people's privacy (while also compromising their security).

26
1

Re: Bull?

I suspect it is one of my stalkers - the language of his comment matches that of a stalker I have had for the past 8 years, I just ignore them.

24
2
Pint

Re: Bull?

And your anonymous stalker relies on appeals to authority rather than actually putting forward an argument. Definitely to be ignored.

Have a cyberpint!

20
2

Re: Bull?

If Mr Hanff is referring to @blepharon as his Twitter "stalker" then I can categorically state that Bull (I've no idea who BULL is) posting above is NOT @blepharon (and that @blepharon is NOT a stalker).

Any futher unsubstantiated allegations he might want to make on that subject, should be backed up with verifiable evidence - I can certainly publish my own.

But getting back to adblocking - I'm not at all sure that the pics of the EU letter/email that we got given on twitter make it clear that detecting adblockers is illegal. ~IANAL - and neither is Mr Hanff.

1. The letter talks about what is allowed/not allowed, under the legislation, and that is not the same as saying that any unspecified model of adblock detection is illegal or legal.

2. It isn't the whole letter - when Mr Hanff has the time, it would be good to see a proper scanned pdf of the whole letter, available online.

3. It isn't an opinion from the advocate general or the ECJ following a specific test case, and is therefore not legally binding on anyone.

I'd love to see my version what I THINK the ePrivacy directive says actually enforced - but having personally been through 8 years of the blood sweat and tears of the Phorm campaign (where I worked very hard to support Mr Hanff for some years), as well as seeing no progress on StalkStalk (despite trying personally with others to pursue legal action against TalkTalk) or the interception of email by Google, Yahoo! UK&Ireland, BT, and the interception of web browsing by BlueCoat Systems/Verizon/Huawei - I am not easily persuaded that something IS illegal just because Mr Hanff SAYS it is, and that such "illegality" will actually be enforced by the national or European courts.

So far I've not actually SEEN any legal actions pursued to a conclusions by Mr Hanff on these or related matters, whether against Google, Safari, or others. Threats, rudeness, emotive personal opinions, but no actual court hearings with judgements.

My personal opinion? I use a HOSTS file, I use an adblocker, and I also use an anti "adblock-detector" greasemonkey script. I pay for content I value using a subscription model.

Why? Not primarily to protect my privacy although that is important - I don't like being tracked and I do my best to prevent it. But mainly because I don't trust ad-networks not to serve MALWARE onto my computer. Which is why I also run script blockers.

If I used a smartphone, I'd also be bothered about ads swallowing up bandwidth.

I'll wait for the further appearance of material next week on Mr Hanff's website ( http://think-privacy.com ?), as promised on https://twitter.com/alexanderhanff/status/723457388104286209 - is that the same material promised 5 weeks ago for the week beginning 14th March https://twitter.com/alexanderhanff/status/708326532075413504 ?

I doubt the answer will be found in legal threats. It will be inexorable pressure from ordinary consumers reacting by continuing to use adblockers, developing their own opensource tech to circumbent adblocker-detetion, and avoiding publishers who take measures that consumers find unacceptable -It's along time since I polluted my devices with Murdoch's brand of "publishing". That process is already happening and the ad-tech companies are losing (hence all the conferences they are sponsoring). Publishers who adapt to that reality can survive. The others? We can live without them.

Meanwhile - my advice is.. "follow the money" (on all sides of the argument).

Keep mentioning malvertising and bandwidth when publicising the issue.

Always ask for evidence.

Don't believe what people tell you unless they can back up their claims/allegations with evidence.

4
3
Silver badge

Re: Bull?

'I am not easily persuaded that something IS illegal just because Mr Hanff SAYS it is, and that such "illegality" will actually be enforced by the national or European courts'

Of course illegality won't be determined except by decision of a court. But courts don't proactively pursue cases. Cases have to be brought to them. This appears to be Mr Hanff's intention and seeking the views of the regulators is a sensible step to take before doing so.

7
1

Grey Areas

I agree with the EU’s stance, but I’m a little unsure where the boundaries are.

Search engines and other services use the IP address to guess the location, and mobile devices already have access to geolocation via JavaScript. Servers and JavaScript have been known to do some browser and OS sniffing. Even screen size sniffing to choose suitable images. Can’t this be regarded as private data in the same sense?

6
0

Re: Grey Areas

No the law is actually quite sensible and gives some exemptions for purposes strictly necessary to provide a service the user has requested. Detecting browser resolution in order to render the page properly would fall under such an exemption.

Even detecting device via the user-agent to see what the pixel density is (retina or not) would fall under the same exemption.

But it is also about the purpose that data is used for - if the user-agent, browser resolution, font list etc are then re-used to create a device fingerprint for identification purposes - that is when it becomes illegal (this was covered by an Article 29 Working Party opinion from 2014).

It should be noted as well that making changes to existing cookie banners would not make this legal either for a number of reasons:

1. Cookie banner solutions are currently not compliant with the law (they place the cookies before the page is even rendered and the user has seen the banner)

2. Recital 66 of the ePrivacy Directive allows the use of "browser settings or other applications" to indicate whether or not you consent to the storage or access to stored information. In my discussions with regulators and the Commission, such an action by the user (installing an adblocker) would be seen as an explicit denial of consent as it is based on a specific and deliberate action of the user, which cannot be nullified by an implied consent from a "cookie banner" (these banners rely on consent being implied). Explicit trumps implied every time.

29
1

Re: Grey Areas

If the user requests an ad-free page but the publisher does not provide ad-free pages then they should be allowed to detect the user's request and refuse it.

2
14

Re: Grey Areas

Then they should lobby to have the law changed to allow this - because whether you agree with the law or not does not mean you are free to disobey it.

20
1

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2017