I get that you two are rivals, but he does have a point that you haven't addressed.
Ghostery seems to be in the business of selling the data that I forget to tell them they may not collect. This is intrinsically a sneaky thing to do.
Yes I know about and use the "default to blocking" setting, but I don't think there is much argument that Ghostery users download your software with the expectation that the default would be anything else. But it is. And that's sneaky.
So you offer a very useful product, for free, and make money off of the people who fail to configure it so that it performs the only service they would ever purposely download it for.
Again, I have sniffed Ghostery looking for violations of my configuration settings, and never found any. I believe that it follows its configuration settings, and I am thankful for its existence. And I recognize that development and maintenance of it is not free. Presumably you are not a volunteer.
I have gotten value out of Ghostery, but apparently that has been on the backs of other users who want the same thing, but are less-careful than me about reading configuration options, and that doesn't sit well.
This is somewhat wrong: Ghostery, ever since version 1, had Ghostrank feature in it. It has always been an opt-in deal, the users who trust us may turn it on so provide us with data. For the first 4 years the data sat without any use until recently where Evidon figured out how to turn it into money. Even so, the data Evidon sells has nothing about any user, merely tracker data. Here are some samples of whats actually delivered to clients: http://www.knowyourelements.com/ and http://www.evidon.com/evidon-trackermap/tagchains-static.htm....
As I said, we do not trick the users into anything, and are as transparent about where the data goes as possible, if you have suggestions how to increase this then please let us know. We currently cover this question in every listing Ghostery has, all options pages, web site, FAQ, and many posts on our blog.
As far as defaults: originally, Ghostery was a detection software designed to "reveal the invisible web", but has added blocking since. Our official stance is that we do not make decisions for the user, but we do run every user through an install wizard that explains whats up. Disconnects stance here is a different, they do offer default blocking, tho they also have their own "whiteliest" built into it without telling the users about it. We are going to add some easy configuration in the near future that will pre-block stuff, but this is still in the works.
Finally, Ghostery source is available for review for "sneakiness" since every extension is pure javascript. We host it here if you're interested: https://www.ghostery.com/ghosteries/chrome/ and you can just unzip any other extension to extract source.
You have to opt-in to 'Ghostrank' which is the data that they sell. I don't really see what's sneaky about this. Hell,if you click the 'see more...' toggle on the prefs page it tells you what Ghostrank does.
>Online marketing companies need better visibility into real-world applications of their technologies and those owned by their competitors. GhostRank data is sold as reports to businesses to help them market to consumers more transparently, better manage their web properties, and comply with privacy standards.
quesera described what's sneaky about Ghostery - their users think they're protected but aren't and don't know they're sending data to Evidon that the company sells but are:
> So you offer a very useful product, for free, and make money off of the people who fail to configure it so that it performs the only service they would ever purposely download it for.
I gave some numbers above that show, in practice, just how many users are in one of these unexpected configurations:
> Ghostery's game seems to be tricking users into sending their data to Evidon. Going off the company's own numbers, something like 45% of Ghostery users send Evidon data (by comparison, only 2% of Firefox users share data through Telemetry).
> And how exactly is it trickery if users have to opt-in to the program and they're told what the program does?
Ghostery seems to rely on vague messaging (last I looked, they don't actually say anywhere in their extension that they sell the data you share to ad co's and data brokers) and UX "optimization" (what quesera dubbed the "reconfigure-on-update dance", for example) to get less attentive users to leave blocking off and to send data - as the numbers show.
In the second paragraph (though really, its just a statement...) on the preferences page -- no need to navigate to another page, and they tell it to you in plain english. Once again, you have to opt-in, so if you opt-in without knowing what it does it's your own fault and you're being a dumb user:
When you enable GhostRank, Ghostery collects anonymous data about the trackers you've encountered and the sites on which they were placed. This data is about tracking elements and the webpages on which they are found, not you or your browsing habits.
Online marketing companies need better visibility into real-world applications of their technologies and those owned by their competitors. GhostRank data is sold as reports to businesses to help them market to consumers more transparently, better manage their web properties, and comply with privacy standards.
Actually, I'd completely forgotten about GhostRank, the opt-in data collection service. The sneaky part I was referring to was just the default setting to add new trackers but not block them. I don't think any users have the expectation that updates will work that way.
I'd argue that Ghostery should come with a default configuration of ALL trackers and cookies blocked. I'd argue even more strenuously that after the user configures Ghostery manually to do so, ALL should continue to mean ALL even after updates. Ghostery currently has 700 3P cookies in their database, and almost 1700 trackers. There is no valid argument, imho, that a user who configures to block ALL really means "block ALL right now, but if you see any new ones, I would really like to try them out first!"
However, I mostly agree that Evidon has been up front and straightforward about what they do and how they do it. I want to like Ghostery. I do like Ghostery. This little bit of sneakiness though, honestly, taints the whole operation. You can call it an oversight, and I will agree that it can't possibly have much marginal value to Evidon...but it's somewhere between tone-deafness and carelessness, two qualities that call for heightened vigilance.
Ghostery seems to be in the business of selling the data that I forget to tell them they may not collect. This is intrinsically a sneaky thing to do.
Yes I know about and use the "default to blocking" setting, but I don't think there is much argument that Ghostery users download your software with the expectation that the default would be anything else. But it is. And that's sneaky.
So you offer a very useful product, for free, and make money off of the people who fail to configure it so that it performs the only service they would ever purposely download it for.
Again, I have sniffed Ghostery looking for violations of my configuration settings, and never found any. I believe that it follows its configuration settings, and I am thankful for its existence. And I recognize that development and maintenance of it is not free. Presumably you are not a volunteer.
I have gotten value out of Ghostery, but apparently that has been on the backs of other users who want the same thing, but are less-careful than me about reading configuration options, and that doesn't sit well.