THE BLOG

New York Times Cookie Hypocrisy

11/21/2011 06:30 pm 18:30:37 | Updated Jan 21, 2012

Sunday's New York Times editorializes in favor of Do Not Track and other privacy legislation going through Congress and the Federal Trade Commission. Yet the New York Times itself makes much use of personal, private, and tracking information itself. Indeed, it requires tracking.

The editorial (my emphasis):

"Congress should act on the F.T.C.'s recommendation to establish a system that would allow consumers to effectively opt out of all tracking of their online activities. There are other worthy proposals, including the administration's call for limits on the collection of data about consumers online. Lawmakers have proposed about a dozen privacy bills this year alone. But with Congress stuck in a partisan rut, it is reassuring to see the F.T.C. at work."

Now read the Times' privacy policy (and highlights):

* If you subscribe to the print New York Times, the company will sell your name *and address* and other unspecified data to others. "If you are a print subscriber to the New York Times newspaper and subscribed either by mail, phone or online, we may exchange or rent your name and mailing address and certain other information, such as when you first subscribed to the New York Times (but not your e-mail address) with other reputable companies that offer marketing information or products through direct mail." That's not opt-in; it's opt-out.

In Public Parts, I argue that privacy policies in old media have long been far worse than online. Magazines, newspapers, and other recipients of your media money have for years sold information about what you read and consume and who you are and where you live to large data-base companies and marketers. If a library or an online site did that, it would be shot. But the New York Times does that. Want to pass a law about that, Times?

* The New York Times requires that you use cookies. It decrees: "You will not be able to access certain areas of our Web sites, including NYTimes.com, if your computer does not accept cookies from us." So what happens when Congress passes Do Not Track, Times?

In its explanation of cookies, the Times says: "Our registration system requires that you accept cookies from NYTimes.com in order to log in to our Web site. Cookies are not spyware, viruses or any other kind of malicious program. For best results, set your browser options to accept all cookies from NYTimes.com. You can use your browser options to clear the cookies later, if necessary."

Precisely. You have many means now to get rid of cookies: You can turn them off, kill them at the end of every session or whenever you want, or open a private session (an "incognito" window in Chrome) that relays no data about you. Do Not Track is redundant. It's political cynicism.

Oh, and the Times -- which gathers more personally identifiable data about you than most any other newspaper -- could not operate its paywall without cookies.

* Just like other online marketers, the Times uses cookies to target advertising. "The New York Times Home Delivery Web site also transmits non-personally identifiable Web site usage information about visitors to the servers of a reputable third party for the purpose of targeting our Internet banner advertisements on other sites. To do this, we use Web Beacons in conjunction with cookies provided by our third-party ad server on this site." Would the Times outlaw this essential business behavior? This is how the Times earns its premium rates with branding advertisers.

* The Times hires a number of analytics companies to track your behavior, from the creepily named Audience Science to WebTrends for the web and from Localytics to the fluffily named Flurry for mobile.

* The Times logs what pages you see and uses that to recommend content.

* It logs your location if you use mobile applications.

* It allows third-party ad servers to place cookies on your computer and track your behavior.

Note, too, that the Wall Street Journal, which has been on a Reefer Madness high regarding privacy, also collects personally identifiable information and connects it to browsing history without users' permission. More hypocrisy.

Mind you, I do not object to any of these tracking behaviors. They are, in my opinion, necessary to pay for the content we get from the Times and the Journal and much of the rest of media. They are used to reduce noise, repetition, and irrelevant advertising and content. They are all-in-all harmless and have been demonized by privacy's regulatory-industrial complex and now even by the Times. If the Times gets its wish and Do Not Track passes, enabling too many consumers "to effectively opt out of all tracking of their online activities," then I fear we will get less content or more paywalls or both.

I also argue that media and marketing companies have done a godawful job of letting their customers know what information they were gathering and what they were doing with it and how consumers benefited. They long ago should have learned from Amazon, which reveals what it collects and what results and enables customers to see and control and correct that information (which also only gives Amazon yet more valuable data). So it's their own damned fault they've been demonized, opening the door to the cynical pols and bureaucrats who proposed Do Not Track -- and to their allies, such as the Times editorialists, who argue on the basis of nonspecific emotions rather than tangible facts about harm and consequences.