You can't set a precedent of paying for privacy because you can't pay everyone who can spy on you. All it takes is for one reasonably frequently used service (credit card, Amazon, AdWords) to refuse to respect privacy, and you are back to square one.
Privacy is not something a single company can successfully sell you by paying other companies not to spy. It can only be obtained by making spying expensive and difficult. (Perhaps with cryptography, perhaps with legislation, perhaps through some other means)
Yes! The only real solutions are client-side: IP-block trackers and encrypt your connection. The "please, sir, can I have some privacy" nonsense of do-not-track headers and IAB opt-out pages needs to die.
Even those actions have limited value as long as you have any other reasonably reliable signature as you navigate the Web. Anyone with a static IPv4 address for their home computers does. Anyone with a browser that will allow queries for a bunch of collectively-almost-unique properties of the host system does. Even certain standard web protocols inherently act in this way when used for their intended purpose.
That means almost the entire web-using population is carrying around at least triple signature information, and if too many people start to block ads and trackers served via third-party systems, the major networks providing those things will just move to a model where sites hosting their ads act as proxies and serve the content from their own domain, which if anything would be slightly worse for privacy.
This risk will remain until we get fixes for each issue I mentioned above. Leaving aside TOR and the like, we could move towards dynamic and rapidly rotating IPv6 addresses as points of origin with sufficient ISP support. Browsers could then close the other loopholes, but some of them will be difficult to fully eliminate and keep eliminated without compromising the user experience, because unfortunately some features that are useful for legitimate purposes are also inherently leaky.
Making spying expensive and difficult is expensive and difficult, because most people are transparent. Think of how much work it takes for an espionage service to maintain an agent in a foreign territory. It's not good enough to have dead drops and cut-outs and safe houses; you need an entire network of them so you don't create patterns, and then you need to compartmentalize it to guard against the inevitable compromises.
The problem for privacy advocates is that encrypting everything itself sends a signal, albeit an obfuscated one. The solution ot this is 'everyone encrypt everything' but most people simply do not have the motivation to do so. Notwithstanding the 'everyone has something to hide' argument - most people don't. Either their private matters are unimportant, or they're not important enough to be leaned on for anything.
Further, from the standpoint of a bad actor (eg an overbearing state or any private extortionist), you don't need to penetrate people's privacy to compromise them, eg 'Help us out even though you are unwilling to do so, or we'll spread the word that you're a pedophile' would be enough to suborn many people's cooperation, without the accusation having any factual grounding whatsoever. In western society being labeled as a pedophile is so bad that most people turn off their brain as soon as they hear the word and are willing to impute guilt automatically. In fact, they don't even need to get the word right: http://www.theguardian.com/uk/2000/aug/30/childprotection.so...
This means you either have to eliminate the hostile party by buying or replacing them, or you go around them by providing en encrypted tunnel. And doing that reliably means doing away with MITM that browsers trust.
And is privacy only for people who can afford to spend hundreds per month on it?
The carriers might get a brief sugar rush on their EIBTDA initially (from the monetized, non-private traffic), but over the long hall this is going to be a negative growth market. The consequence is it hits google at center of mass.
AT&T is a Frankenstein of a company that is simply chewing through customers with a horrific combination of incompetence, and actual malice.
With in a week, i got 150 bill for breaking the contract. I argued that i never asked to cancel the service. I want to pay my last month bill and complete my contract.
AT&T cancelled my service because i ported my number. I ended up paying them 150$ just days before my contract expires. No prorated no discount.
Never ever going back to anything related AT&T. Never.
Just switched from Sprint to Verizon, same deal.
Because they wrote a contract that says you have to pay them more than the remaining months of full-price service if you leave them?
Why would you side with that?
Because the letter of the contract and law is more important than reasonableness or ethics.
I don't pay everyone I meet a dollar not to mug me, it's nonsense their customers have to do this.
Amazon goes to AT&T to ask what users are searching and buy that data -> AT&T says they're searching everything -> Amazon stops writing checks to AT&T since this does them no good as far as choosing what to sell to which individuals.
Someone already is!
But seriously, I wonder how any law involving VPNs will be responded to by corporations.
Plus of course you get the plenty of disk space and 24h computing a server gives you. Great learning tool, too.
Works every time, every store I've been to in any state. ;)
Of course share phone numbers work too, as another poster mentioned.
If you pay with a credit or debit card in your own name when using that card, the store very much does know who you are.
Target dispenses with the entire loyalty-card-and-discount idea to just match by payment data.
"Whenever possible, Target assigns each shopper a unique code--known internally as the Guest ID number--that keeps tabs on everything they buy. 'If you use a credit card or a coupon, or fill out a survey, or mail in a refund, or call the customer help line, or open an e-mail we've sent you or visit our Web site, we'll record it and link it to your Guest ID,' [Target Stores statistician Andrew] Pole said. 'We want to know everything we can.'"
This was really surprising to me. I used Square once at a shop in Seattle, and had an email receipt sent to me.
Almost a year later, I used Square back home in Toronto and asked for a receipt. To my surprise I didn't have to give any information: just using the same the credit card I swiped months earlier was enough.
234-567-8901 works as a phone number for one of the major US chains. I use another fake phone number for the other. I even get a gas discount on it sometimes.
Also, you created your account two minutes before posting this claim?
>Other information from the use of Google Fiber Internet (such as URLs of websites visited or content of communications) will not be associated with the Google Account you use for Fiber, except with your consent or to meet any applicable law, regulation, legal process or enforceable governmental request.
So they say they collect it. Just that for now its going to be anonymized and not associated with your Google account.
Google's standard tactic has been to offer some service that is enticing, that "just happens" to put them in a position to log massive amounts of data. They do it with analytics, they do it with email/IM, they do it with DNS, and every other service they offer. Each one gives them access to a new type of data they can log. Are we supposed to believe they will suddenly run ISP services differently?
Send a lot of cookies with your DNS queries, do you?
DNS has this page. Analytics uses first-party cookies, not google ones. The best they could do there is associate it all with an IP address, which would be a bad way to associate data and still leaves the question of what they would do with it at that point. Customize the ads only for that IP address?
Verizon or AT&T on the other hand will happily give your raw port 80 traffic to any random 3rd party if it means they get an extra buck out of it.
This is why there are various rights that we have created laws saying you cannot negotiate them away. Without these restrictions we got things like indentured servitude. Unfortunately, the law hasn't yet kept up with the changes in technology.
 and privacy absolutely IS a human right
For ISPs, we already have a model that we should be using: common carrier. It may need adaption to the realities of ISPs, but the basic idea that you get certain immunities if you only provide transit.
Dan Geer was talking about network neutrality, but I believe his solution should apply to privacy as well when he explained:
Channeling for Doctor Seuss, if I ran the zoo I'd call up the ISPs
and say this:
Hello, Uncle Sam here.
You can charge whatever you like based on the contents of what
you are carrying, but you are responsible for that content if it
is hurtful; inspecting brings with it a responsibility for what
You can enjoy common carrier protections at all times, but you
can neither inspect nor act on the contents of what you are
carrying and can only charge for carriage itself. Bits are bits.
Choose wisely. No refunds or exchanges at this window.
In other words, ISPs get the one or the other; they do not get both.