05 April 2016

A Moderately Irritated Note to Internet Advertisers and Graphic Designers

There's no excuse for breaking a webpage because a potential reader is (a) on a "slow" connection that doesn't handshake with your "data analytics"1 software or supercookies or (b) is aware enough of "data analytics" and its inherent weaknesses that he or she blocks the cookies without blocking the data. There are some advertising aggregators that I block at the DSN level (I'm looking at you, certain-advertising-engine-named-after-a-mouse-function) because the proportion of actual malware distributed through them is unacceptably high. I block supercookies and third-party cookies unless I preapprove them.

Get over it. I'm only rarely blocking the actual ads themselves. In fact, by blocking the cookies and unnecessary tracking I'm actually giving you better data: I don't actually read your ads, as a matter of policy and conscious avoidance I never click on an ad (or, indeed, make any purchase based upon an advertisement), so a positive data point from me to you is actually affirmatively misleading.

I accept that however economically foolish it is, y'all are using an economic model that depends almost entirely upon advertising, and don't want me to see the "premium content" without seeing the ads (but see above... and below). Actually breaking not just the kewl content page(s), but the front page with the index to the kewl content page(s), is dumb. It means I won't even look at a headline and change my mind to allow cookies "just this once," let alone for that site. It means that you'll never get any of my three readers doing the same by clicking through to your formerly functional index page (that is now obscured by "automatically resizing" graphical elements that aren't smart enough to figure out that they don't know the screen size at the destination if the destination isn't giving them supercookie data-analytic feedback) if they take even comparable precautions to protect their own computers from malware. The graphic designers were so eager to make things look kewl on every potential device that they couldn't bother to make them look usable on "no device."2

But at least that's just a commercial website. The less said about the way some financial-services websites rely on even worse security practices, the better. There's no excuse for a bank's website throwing up all over one's shoes when confirming a checking account balance merely because the "block third party cookies" setting prevents that bank's mortgage-refinancing division (which is a separate corporation on a separate domain) from displaying an ad to lowest-fee-structure checking-accountholders who are not homeowners and have no interest in becoming homeowners. Leave aside for a moment whether this might violate any requirements of the Consumer Finance Protection Bureau or of the Federal Reserve or of the Comptroller of Currency or even state-level banking law, major-US-bank-now-in-North-Carolina-that-used-to-be-in-San-Francisco (and you're not alone in this, either — or even the worst offender). Leave aside, too, whether as a depository institution you have an ethical obligation to make things clear to your depositors. This is just bad business: You're discouraging accountholders from doing the responsible thing and checking balances before engaging in transactions... and thereby becoming eligible for those (overpriced) mortgages your own bloody ad is peddling so assiduously.

If I can't view a site even when operating in relatively open mode, it — and its advertisers — have even less hope of getting business from me (or my three readers) than my sarcasm, cynicism, and willpower would otherwise allow. Of course, many of these advertisers depend upon customers being credulous... which says some interesting things, but for another time. Perhaps for election time given the current primaries (in which the two leading ethically- and intellectually-challenged Heffalumps are each claiming a "right" to a third candidate's votes/voters, like some baron at Runnymede counting his peasants).

The real problem here, though, is that the silence on misuse of "data analytics" — whether actual or potential — falls directly into a conversation gap about the "FBI iPhone data demand." That's a complex argument for another time, but y'all should ponder the difference between the ire directed at the FBI's demand for assistance... and the routine use of hidden code and data aggregators that gets to at least 80% of the same thing.

  1. That term always makes me laugh. I'm older than I look; back in my day, we called it "traffic analysis" (PDF) and used it for some pretty inimical-to-privacy purposes. [edited 16 Aug 2016] It's rather ironic that the agency in question has broken that direct link, which now takes one to its homepage filled with deceptively smiling faces; try this one instead (PDF). [/edit] Whether we were more or less trustworthy than private industry because we were the gummint is, of course, a value judgment, and varies over time. Whether the capability and known usage leads to an inherent capability to breach privacy, however, is not.
  2. As an individual with a moderate visual impairment and very strong text orientation who actually reads the text, I have a decades-long dispute with the graphic-design community. I've been wearing bifocals for about half a century, you idiots: Trying to get my attention around your idiosyncratic visual periphery isn't just useless, it's counterproductive and insulting. And that would remain true even if I had perfect vision. Rule of thumb: The earlier a person with a graphic-design orientation is involved in any process, the more likely there will be a disjuncture — possibly extending to dysfunction — between the content and the display context.