Jason White wrote:
Agreed. Then they make it worse by ignoring W3C specifications (in particular, Aria) so that when I do visit the site with a Javascript-capable browser, it still isn't accessible.
I dunno about aria, but apparently there is this thing called a "DOM", which is why even though edbrowse uses the flipping mozilla js engine, I *still* can't use it for online banking.
We need good, well publicised examples of how the information collected can be (and preferably has been) misused by some site operators.
Bruce Schneier's blog is full of depressing examples of this. There was also that great one where Target knew some teen girl was pregnant before her dad did, by data mining her purchase history. The Target rep then went on to say "people found it creepy when we advertised baby stuff to them before they told us, so instead of stopping that practice, we now mix in unrelated ads, so people don't realize we know". Whee.
There are more subtle issues as well. For example, I heard it mentioned that in one particular study, researchers demonstrated how they could corrolate information extracted from photographs posted on the Web by different parties to make relatively reliable inferences about who the friends and associates were of the people depicted in the images.
Oh there's lots of fun ones. Facebook can find out who you are even if you've never used it, by doing facial recognition (like the international casino cabal) on all the photos your friends uploaded. And I remember a paper about identifying an individual human based on an average of seven (IIRC) timestamped geolocation tags. Not to mention stuff like identifying individual humans based on their writing style or the way they sit on a chair. Shit, now *I* need a drink.