Trying to solve this through purely technical means is futile. If you block it at the user-agent, sites will share data at the back-end to create a super-profile.
Right now it's really convenient for advertisers to run an ad auction right in the user's web browser because all the context is there -- take that away and you'll see user data aggregated on the back-end instead.
Absent some type of regulation and enforcement, I really don't see how this puts a dent in the "reads a lot of articles on NY times about dogs, sees a lot of ads on cnn.com for dog food" profile aggregation.
This needs a bit more technical detail. If you mean they'll combine IP + other fingerprinting, we can work on mitigation techniques there too.
> I really don't see how this puts a dent [...]
It does as it asks sites to more explicitly install something server side with their HTTP server instead of embed this one-line script tag. Changing from the browser being to store of cross-site identifiers to the backend has a chance to shine more light on the practice and increase the burden of tracking. It can make a real dent.
Regulation/enforcement are orthogonal to technical solutions. There are also varying levels of support for the former vs the latter and we shouldn't mix them nor should we blindly say "regulation and enforcement" without nuance. Many, including myself, are against most regulation/enforcement approaches due to implementation incompetence (intentions notwithstanding). But regardless of that debate, it shouldn't muddy the technical debate.
Yeah, but instead of playing cat and mouse, just make it illegal and fine anyone caught violating it.
Honestly, banning tracking would end the race to the bottom and be good for publishers and consumers. It probably won't affect FB & Google because they are too big to be displaced. It may kill a bunch of middlemen, but they are leaches and should die anyway.
I agree that this should happen. Unfortunately, this requires a revolutionary political movement which has so far failed to materialise. When there isn't adequate appetite from the rest of society for the protections you want, your solution has to be a technical one.
Maybe another way to kill the middlemen is to develop technology which undermines their business model, e.g. DTube; YaCy.
If you really force the industry to switch to "trust me, I've seen these users, now pay me" APIs on the back-end, it'll be a massive shake-up of the entire business model.
OK, but at least then it's not polluting the user's experience and burning the user's CPU cycles. Still a strictly positive change IMO.
> The negative side is that you can no longer [...] block it in your browser
If they're not doing it in your browser then you don't need to block it in your browser, because they're not doing it, because they're doing it in their back-end (which is not your browser) instead of in your browser (which is).
Honestly, what are you trying to say?
Sorry if I've not been clear enough here. Let me explain my thought process.
uBlock Origin shows me this https://i.imgur.com/Vv2xyIL.png when I visit cnn.com.
In contrast, when I go to news.ycombinator.com, nothing is blocked. It gives me some idea of what companies respect my privacy and what companies are happy to sell my internet browsing history out to advertising networks and data brokers.
Yes, I'm blocking it as much as possible regardless, but I think it's still valuable to be aware of which sites are good actors and what sites are not. The little number on the uBO toolbar icon is a rough reminder of this.
> If they're not doing it in your browser then you don't need to block it in your browser, because they're not doing it, because they're doing it in their back-end (which is not your browser) instead of in your browser (which is).
The problem is not that the tracking is in my browser. The problem is the tracking.
If the tracking all happens server-side I have no idea what sites are tracking me and I can't do anything to prevent it. I can't even avoid it because I can't see what sites do it.
The original comment that you seemed to be replying to was "Right now it's really convenient for advertisers to run an ad auction right in the user's web browser because all the context is there". I thought you were saying blocking that crap in your browser didn't make a difference.
I can't see your pic because I never allow JS outside of a VM.
If tracking is enabled in a browser it becomes vastly easier for them to assign unique cookies to follow you. OK, now then can do it with etags and browser fingerprinting - mitigating the latter is possible, I don't know about the former.
> If the tracking all happens server-side I have no idea what sites are tracking me and I can't do anything to prevent it.
...is dubious. Etags and fingerprints aside, tracking non-cooperating (cookie declining) browsers has to be harder. I agree with you about tracking being the problem though.
I can use a VPN to hide my IP on most of my devices, except for when I'm trying to watch Netflix/Amazon/whatever. But I wish I didn't have to.
> But I wish I didn't have to.
One way or other you will always have to. Perhaps the most important way of destroying the ad industry online is to have an alternative means of funding sites. Maybe that would work.
On a related note, remember that time when AT&T and Verizon were just giving out the cell numbers associated with their customers' IP addresses to whoever asked, because they're complete fucking morons who thought that was a good idea?
Break the platform and force everyone to re-engineer, and you can start severely hitting the companies that continue violating GDPR in the "new world".