[baddox]

It's difficult to argue about whether it's "surreptitious." It's certainly no secret. I think this is why you need organizations (perhaps government or otherwise) to establish standards for what is and isn't acceptable, so we don't have to quibble over words like "surreptitiously."

[Nextgrid]

> It's certainly no secret.

There is no easy way to tell whether an app shares data with third-parties without setting up an MITM proxy or a packet capture. As far as the majority of users are concerned it is a secret.

[Nicksil]

>It's difficult to argue about whether it's "surreptitious." It's certainly no secret. I think this is why you need organizations (perhaps government or otherwise) to establish standards for what is and isn't acceptable, so we don't have to quibble over words like "surreptitiously."

It is a secret, though. Outside of you, me, and a few other folks like ourselves, users of this software have no idea what's going on behind the curtains. There is no overt disclosure to the user explaining the myriad communication exchange, occurring on a nearly constant basis, between their device and some remote server(s); much less giving the user a say in the matter.

Stating the use of the word "surreptitious" (to act in a clandestine manner; exactly how these communications are executed) amounts to a mere quibble is disingenuous.

[edmundsauto]

I cannot easily see what information goes through an ASP form submitted with a ViewState parameter (where the page state is encoded in a blob buried in a JS var or HTML comment). Is that also surreptitious?

[Nicksil]

>I cannot easily see what information goes through an ASP form submitted with a ViewState parameter (where the page state is encoded in a blob buried in a JS var or HTML comment). Is that also surreptitious?

I can't say I completely understand the scenario, but if you're talking about a user filling out a form, then submitting that form, then no. That would be expected behavior.

Data may be encoded in any number of encodings depending on need. Encoded data isn't always human readable; especially so during secure transmission. It's not so much the inability for a human to read the encoded data as it is the data being consisting of only what is necessary to perform the action expected by the user; those expectations, of course, set via whichever means the user is interacting with the software.

Please correct me if I've misunderstood.

[baddox]

> That would be expected behavior.

That's exactly my point. "Surreptitious" is being used to mean "I think it's bad, and I think it's not expected." The "bad" part is obviously subjective, but even if we agree on that, the latter is where you really need standards bodies to agree on what is acceptable technology practices. To me, ad tracking is definitely expected (regardless of whether I think it's bad). I suspect it's also expected by nearly all HN participants, and ubiquitous ad tracking is even in the mainstream public consciousness outside of tech circles.

[scarface74]

Having a government full of technical lot illiterate politicians regulating digital advertisement - what could possibly go wrong.

[Analemma_]

Then that's the fault of companies who fucked up self-regulation so badly that the government has to step in. If they had behaved, this wouldn't be necessary.

[Nextgrid]

I am not sure whether there could be anything worse than the current situation of a free-for-all with customers' data.

[RussianCow]

There absolutely could, if the new legislation were easy enough to circumvent for large companies but expensive to implement for everyone else, giving big players an even bigger advantage as far as data goes.

[scarface74]

Maybe the government having access to all of your data....

[Nicksil]

>Having a government full of technical lot illiterate politicians regulating digital advertisement - what could possibly go wrong.

I'm not sure that argument works.

If we expand a bit, It wouldn't be difficult to find that governments are mostly comprised of <industry> illiterate politicians. There is no need for a government to be comprised of digital advertisement industry specialists in order to pass meaningful industry regulation.

[scarface74]

Those who don’t learn from history....

https://en.wikipedia.org/wiki/Communications_Decency_Act

https://en.wikipedia.org/wiki/Digital_Millennium_Copyright_A...

And a few where we dodged a billet.

https://en.wikipedia.org/wiki/Stop_Online_Piracy_Act

https://en.wikipedia.org/wiki/Pirate_Act

[Nicksil]

You're trying to convince me that the system isn't perfect. Listen, I've long since agreed with you.

I commented on your initial response because it was overly dismissive and implied the only way forward is to first wait until we have a government stocked with domain experts who only act only on policy within their domain. It dismisses the fact that it is unlikely that the politicians introducing regulation were solely responsible for its construction.

Yes, there is corruption in government and yes ignorance is painfully obvious in some legislation, but to dismiss the idea of enacting regulation because the politician(s) signing it into law may not be experts in the field the regulation addresses, isn't at all practical.

I'd further argue that it is incumbent upon those working in industry to ensure the creation of regulation is conducted transparently and includes representatives from the industry to contribute the necessary knowledge and expertise required to formulate the law(s) such that society benefits from the protection and commerce suffers no undue burden.

[scarface74]

Given the choice between a corrupt company and a corrupt politician, the corrupt politician can do far more damage. It’s far easier for me to choose which companies I use than choose which government that I am under.

The government can do and has done far more damage than big tech.

[gpderetta]

History has much scarier lessons about governments abusing detailed lists of population preferences.