1996-03-03 - Re: NYT login

Header Data

From: “Phillip M. Hallam-Baker” <hallam@w3.org>
To: cypherpunks@toad.com
Message Hash: 1cc4ace7d76b45dc6665a54b667243ac118dbad7a78f578b22a404ca5e68798b
Message ID: <199603032135.QAA21850@bb.hks.net>
Reply To: N/A
UTC Datetime: 1996-03-03 22:08:08 UTC
Raw Date: Mon, 4 Mar 1996 06:08:08 +0800

Raw message

From: "Phillip M. Hallam-Baker" <hallam@w3.org>
Date: Mon, 4 Mar 1996 06:08:08 +0800
To: cypherpunks@toad.com
Subject: Re: NYT login
Message-ID: <199603032135.QAA21850@bb.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

Just Rich wrote:
> 
> Rumour has it that there might be a cpunks/cpunks (cypherpunks was taken).

This brings up an interesting prtoblem which I have been trying to
solve. How can we fund content providers on the Web while not
compromising privacy?

Early on I targeted political and governmental sites as likely users of
the Web. This also reflected a personal belief that I have in open
government. What I did not anticipate was the speed with which the
mainstream press started appearing on the Web. In part this was due to
the Whitehouse server which has legitimized the Web in many corporated
boardrooms.

There is a problem though, nobody has a fully convincing revenue model
yet. This will have to chage if sites like the NYT are going to stay
online. Ideally I would like these sites to be free to the readers
because it helps break down international chauvnism and petty minded
nationalism. I believe that the significant number of trans-national
relationships forged over the internet have lead to a significant shift
in support for French Nuclear testing for example. Ten years ago many
French supported terrorism such as the sinking of the Rainbow warrior in
persuit of this policy, this time round there has been much less support
for the government posistion.

The challenge therefore is to find a means by which NYT etc can pay
their staffs. Advertising is an obvious mechanism but here there is a
problem. Advertisers need to know what they are receiving by way of
value for money. Don't believe the stories of $50K per month advertising
charges, many of these prices are very heavily discounted. $50K is what
advertisers are willing to pay once they know for sure the Web works for
them.

If we apply traditional advertising logic it would be necessary to use
very intrusive methods to discover how effective the Web is. This is not
necessarily the case on the Web since it is an interactive medium. As
Jock Gill pointed out at a recent conference we organised, instead of
targetting customers the Web permits a participatory process which may
be far more profitable for big name brands, allowing them to establish
the high value long term relationships they really want.

So the question is how can we square the circle? I have no problem
telling the NYT's advertisers that NYT have a reader who is in the high
tech goodies purchasingcategory. I have a serious problem allowing the
government to know that I read the NYT, remember that in many countries
that could lead to getting you arrested. I also think we need to be
cautious about comapnies collecting similar information. Imagine for a
moment that the US elected a fascist president opposed to "left wing
intellectuals". It would be a bad thing if he could obtain a list of
likely left wing intellectuals compiled from readership of various
magazines, visiting of left wing Web sites etc. This is a live issue in
Holland where no phone records are kept because stored records were used
by the NAZIs when they were invaded to find out who was talking to whom.


Some Ideas I had:

	1) An anonymous session identifier generated by the browser
	constructed in a cryptographically secure manner so as to
	prevent linkage across sites.

	This would allow NYTs to find out that a reader had moved 
	from the sports section to the politics section within the 
	site but not to track them from the NYT to Time Warner.

	2) A privacy code of conduct. Sites adhering to this code
	would be alowed to display a trademarked icon on their
	pages. 

	This code would cover items such as not selling log files
	not maintaining online records of identity. 

There are many people who are willing to put in the effort to make the
Web a place where people can interact in privacy. I know very senior
people in very large companies who are as concerned as many cypherpunks
on this issue. The point is that we need to come up with a scheme which
addresses their legitimate business needs and protects privacy.
Otherwise the market will decide and it does not care much about
privacy.


I have written up some working drafts. You can get them from the IETF in
ascii text or via the web as W3c working drafts http://w3.org/



	Phill Hallam-Baker
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMToQuyoZzwIn1bdtAQFSZgGAwMeBfDr4g3yBclG08m6f8K2Ml1Gv07i1
L5wybpz4/8o4Gy7/P3UUP+82IcEpgGrl
=hUU/
-----END PGP SIGNATURE-----





Thread