* Ted Lemon wrote:
Dialing in a little closer, consider this snippet from the actual text of the
document:
In the Internet,
the term ["attack"] is used to refer to a behavior that subverts the
intent of a communicator without the agreement of the parties to the
communication.
So in the case of Google, the parties seem to have agreed to the
communication, which suggests to me that this document is specifically
not talking about Google. Unless Google is in the habit of
eavesdropping on communications to which it is not a party.
The draft specifically calls out "legal but privacy-unfriendly purposes
by commercial enterprises" "no matter how benevolent some might consider
them to be" causing "through correlation with other communication
events, [revelation of] information the communicator did not intend to
be revealed"; that is a description of "behavioral advertising".
If you put Google "+1 button" scripts on your web site, that does not at
all mean first time visitors have somehow consented to Google being a
party to their communication, before they had a chance to become aware
of that. Indeed, many German web sites disable such "buttons" by default
('Two clicks for more privacy') for this reason.
If Google Analytics is somehow not pervasive monitoring then I do not
see how I could personally be affected by pervasive monitoring? "NSA
'spied on porn habits to target" does not seem different from "Google
'spied on porn habits to target" if I ignore that Google is no formal
part of the U.S. military. Is pervasively spying on porn habits an
attack? Yes if it's done by tapping undersea cables, no if it is done
through CDN server logs? How do you tell which CDNs are party to your
communications?
--
Björn Höhrmann · mailto:bjoern(_at_)hoehrmann(_dot_)de ·
http://bjoern.hoehrmann.de
Am Badedeich 7 · Telefon: +49(0)160/4415681 · http://www.bjoernsworld.de
25899 Dagebüll · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/