Erik Moeller wrote:
It has been brought to my attention that Cafepress,
which we currently use
to sell Wikimedia Merchandise at <http://www.cafepress.com/wikipedia>, has
some privacy issues. Specifically, they have a "web pixel clause":
Pixels. Pixels, also called clear GIFs, are invisible
files on Web pages
that you visit. If you visit a page on the Site that contains a Pixel,
the Pixel communicates with your computer to determine, among other
things, whether you have been to that page before or viewed a particular
advertisement. We may use Pixels to serve advertising, enhance email
advertising and track usage of the Site.
How exactly does this work? The Pixel "communicates with [my] computer",
but my computer has been told not to answer communication requests,
My friends and I have a hypothesis: The Pixel is a 1x1 transparent GIF
that is stored on a special server that keeps track of requesting IPs.
So this server knows if a given Pixel has been requested by my IP before,
thus determining if I'd visited the page on which that Pixel lies as an <IMG>.
If we're right, then this isn't particularly evil.
It's inherent in HTTP that servers can see who requests files,
and this 1x1 transparent GIF <IMG> file is just an efficient application.
Conversely, people seriously interested in guarding their privacy
know how to circumvent such tracking.
And a somewhat weak personal data disclosure policy:
we may disclose your Personally Identifiable
Information when we believe
in good faith that it is required by any applicable law or legal
process, or if we believe we need to disclose it to protect or enforce
our rights *or the rights of our members, users, or other third
I don't like this; "the rights of [...] third parties" is so vague
that they're not really promising any privacy for my PII at all.
Personally, I'm not concerned about the information that I give them,
which is no more than I give the clerk at K-Mart when I shop there;
still, it's useful to know that they're not promising anything
(just like K-Mart doesn't promise anything, so far as I've ever heard).
My point of view, right now, is that if no alternatives
exist, we should
continue using Cafepress, and add a link to the Wikipedia article about
them on the page, where the privacy issues can then discussed from a
neutral point of view.
I believe that this is correct. The lack of privacy protection
is no reason to stop using Cafe Press, but at the same time,
we should always be on the look out for others sales venues.
If we find alternatives that /do/ protect shoppers' privacy strongly,
then that's a reason to use only those alternatives and not Cafe Press.
But in the present market, Cafe Press is essentially unique.
An analogy: The Wikipedia Foundation uses free, open-source software.
This is important for Jimbo's founding philosophy of Wikipedia,
so that anybody can copy not only the encyclopaedia but the entire site.
And of course, we're constantly modifying our software for our purposes.
But imagine an evil parallel universe in which Micro$oft controlled
all software copyrights with an iron fist, and the free software
and open source movements existed only in utopian fantasies.
Would we shut down our operations? No, we would make do with what we had.
Come the revolution, /then/ we would switch to free, open-source software.
This analogy is exaggerated, but the same principles apply.