New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Predictive text and complete loss of privacy #8

noloader opened this Issue Jan 11, 2016 · 2 comments


None yet
3 participants
Copy link

noloader commented Jan 11, 2016

Here's an example of a complete loss of privacy due to the browser's willingness to allow data to be egressed via predictive text. There's no fingerprinting required.

In the example below, I _almost_ made online reservation for a hotel room. I competed the form, but then had second thoughts because of the endless stream of spam that results from providing an email address. I _closed_ the browser window _before_ submitting the form.

I _thought_ my data stayed within my security boundary, but within a day or two, the emails started arriving. It seems my data was egressed without my knowledge or consent. It resulted in the endless stream of spam I was trying to avoid. Also notice the ad says "We noticed you were on our site...".



This comment has been minimized.

Copy link

npdoty commented Jul 5, 2016

As you note, this is a privacy issue that we wouldn't typically call fingerprinting. Specifically, data you enter into a form might be recorded by a site even if the form wasn't submitted.

I'm not aware of easy ways to provide transparency or control over when information is shared with a server, but thoughts on that topic would be welcome on the Privacy Interest Group mailing list: I'm closing this issue for now as it doesn't seem to be in scope for the fingerprinting-guidance doc.

@npdoty npdoty closed this Jul 5, 2016


This comment has been minimized.

Copy link

contentprovider commented Oct 25, 2017

Is there a missing theoretical construct here? TLD: is it not public.. Our makers work was public: man's work is private. Everything was public, law divided public (into protected private w/remainder public) those seeking to protect their personal power and wealth by rule of law, (enclosure acts of 1650 et al.) sought to make themselves sovereign and everyone else public. Privacy is about personal sovereignty; are we born sovereigns? Seems sovereignty is the anti thesis to the tool of the wealthy and powerful known as the nation state. The nation state divided the populations of the globe into parts and the rulers of the individual parts used, propaganda, social morality, law and gated access to information in order to shape the morals and cultures of the peoples that populated those nation states.. So what is the distinction between inanimate private and animate sovereign?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment