This morning onstage, Gary Kovacs of Mozilla announced a fascinating browser add-on for Mozilla: Lightbeam. (Watch his TEDTalk.) It allows you to track who’s tracking you online … and the results are surprising, to say the least.
In summer of 2011, we stumbled onto an early version of the add-on, then called Collusion. How did we find it? Because we’d read that the developer, Atul Varma, was inspired by Eli Pariser‘s book The Filter Bubble. And we had to know more. Varma was kind enough to talk with us, and here is what he said:
So … tell me how Eli Pariser’s book inspired you to build Collusion.
At the point I started building it, I’d just read a few chapters of the book, and I was fascinated with all the stuff he was talking about with data collection companies. I wanted to visualize it better myself, and make it easier for kids to understand–internet literacy is a major goal of my main project, Hackasaurus. I knew a lot about add-on development, so I built it as a Firefox add-on.
The original version of the add-on didn’t visualize known data collection companies differently from other sites. All the dots were gray, and I didn’t have any more information than, “Oh, there’s a site called DoubleClick.net that all 4 of those websites you just visited seem to be sending cookie-laden network requests to.”
That’s the point at which I went out there to find more information about the particular sites that I noticed were tracking me.
After the first iteration, I found out about PrivacyChoice and got their tracker list. Now when you mouseover, you know how some of the dots are colored red? Those are the data tracking companies. I’m able to tell by looking at PrivacyChoice’s tracker list and correlating domain names with the data tracking companies that own them.
Now that you can see this tracking data in graphic form — what’s your favorite thing to do with this tool? How do you suggest people play with it?
This is something I’d like to make a bit easier, but this is how I use it: I make a browser window and place it on the left side so I can see it while I’m browsing around the web. I have the other browser window that has a bunch of tabs in it on the right side of my screen, and basically I just start using the web. And I notice this massive graph building up on the left side of my screen. Some of my coworkers, they’ve left it on for weeks at a time, and they show me the graph, and it is … it is just utterly scary.
What’s a site that surprised you?
One of the ones that was most surprising to me was VirginAmerica.com. One of the most unusual things about it — on the graph, it appears to make a single request to DoubleClick, which then makes requests to like 20 different data collection companies or something crazy. When you watch it in graph form, it looks like … there’s that kind of flower that, when you blow on it, there’s all of these wispy things that fly out of it — a dandelion. It’s pretty, but it’s also kind of scary.
And the other thing that just blew me away was, when I was making the tutorial that appears on that page when you don’t have the add-on installed, when you see the demo that takes you to IMDb, and the New York Times and the Huffington Post? Those were just five random websites that I selected, it definitely wasn’t premeditated on my part like, “I bet these are full of trackers.” So it just blew me away that DoubleClick actually tracked me in all of them, in all five of them. Another company, Scorecard Research, tracked me on four of the five.
I always knew that if a site had Google Ads on it or something, that I might be tracked across the sites, but I didn’t know it was nearly as pervasive as the add-on revealed it to be.
Yes, TED.com uses DoubleClick; it seems to be the industry standard.
Yeah, I didn’t even know that Google owned DoubleClick. I learned that, I think, from Eli’s book. You know, I use Gmail, now I use Google+ a bit. Google was already such a big part of my life — finding out that they know a lot more about me that I had assumed that they did is a bit unsettling.
I finished reading The Filter Bubble a few days ago. At the end, there are a lot of calls to action that he makes toward the end of the book that I’d really like to see my organization, Mozilla, proactively try to do something about.
Some of my colleagues like the idea of collusion and are exploring whether or not a tool like this could be beneficial for Firefox user
Managing privacy is an interesting piece of this problem.
One of my coworkers thought it would be really neat to gamify the add-on and make it so that you could click on one of the nodes to zap it, to make it so that your browser didn’t communicate with that site anymore, or didn’t send cookies along when it did communicate with it. Making the visualization into a user interface that lets you actively block and unblock things that you didn’t want tracking you. I think that we’ll try experimenting in a few of those directions.
A number of people I’ve talked to, as soon as they see this they’re like, “I have to get TrackerBlock.”
But what I find interesting is: I made this add-on, but I don’t actually use any of those blockers. [laughs.] I don’t see a huge benefit to myself in actually blocking them from tracking me, really. What’s more unsettling to me is that these companies are tracking me without asking or even telling me. It’s not so much that I don’t want them tracking me, it’s more about the violation of trust that that they’re tracking me without my consent.
What are the next steps now that we know?
What I would really love to see Eli’s book and this add-on and these kinds of conversations do — I’d really love to see it lead to a different way to monetize the web.
Because right now, tracking is the only way a site can make a living off the content that they produce. With the exception of these paywalls that newspapers are putting up, there isn’t any easy way to build a website and actually make a living off it, even though you’re clearly delivering value to your users. Like with the TED site, clearly you’re doing a service by making these talks and putting them up on the web. Why is it that sites like this can only be financially supported by doing data collection? It just seems like there should be a better way.
Right now, some smaller sites that need the revenue — you know AdBlock Plus? These smaller sites will detect if you have that add-on installed and serve you a message like, “Can you please disable your ad blocker for just this site? It’s the only way we can keep this site up.” It would be great to make it easy for a website creator to be transparent and say, “You can look for free, or you can see the site without ads and tracking for a small amount.”
What I really want to see is not so much everyone picking up a tracker blocking add-on, because that would really cripple the web if everyone did that. The whole business model that powers most websites would just be gone. I would rather see it lead to an entirely different business model for the web where these sites that deliver really good content can still make money, users still get content, and user privacy is preserved.