A Gentleman's Agreement on Privacy.

I'm a bit of a privacy nerd. I like privacy obviously, but I'm also interested in how technology and business can enable privacy and not hinder it. Now, Mochi is among other things, an advertising network, and like most advertising networks we use a unique cookie to keep track of users (specifically we store a random 128-bit integer in a flash Local Shared Object). So while we don't currently do any behavioural advertising it is not outside of the realm of possibility. It is with that in mind that I'd like to announce that as of 2011-05-31 our advertising product honors the DNT header.

A brief overview of Do Not Track and it's goals is best found at http://donottrack.us/ but here is the short version:

Do Not Track is a technology that enables users to opt out of third-party web tracking, including behavioral advertising. At present a user cannot opt out of many of the hundreds of tracking services and advertising networks; those that do allow opting out each require setting (and not deleting!) an opt-out cookie. Much like the popular Do Not Call registry, Do Not Track provides users with a single, persistent setting to opt out of web tracking.

What does this mean to you? Probably very little. However if you're a user who wants control over how information about you is used, and you use one of the major browsers that supports the DNT header (Firefox 4, IE9, Safari 5.1) it means that you can tell Mochi that you want to opt-out of being tracked while you play flash games, and we'll honor that wish.

When the DNT header is present Mochi will not assign your browser a unique cookie and will not log the last octet of your IP address. This greatly reduces the uniqueness of the fingerprints you leave behind as you play flash games using our ads across the web.

In the Local Shared Object we still store some information about the ads you've seen, mostly the ads you've seen today, this week, and this month. We use this to make sure you don't have to see the same ad too often in a short period of time. We also store the timestamps of the last 3 times you've seen an ad. All this information is stored locally and can be controlled by Adobe's Global Storage Settings and Website Storage Settings.

In our server side logs we store information, including the first 3 octets of your IP address, and the browser name and version (instead of the full user-agent string.) We believe this reduces the uniquness of an ad impression sufficiently to be true to the spirit of DNT. The IP address is used only for getting country, timezone, and region data out of an industry standard GeoIP database for targetting and forecasting.

Why DNT?

With support of the browser vendors and FTC interest in legislating some sort of Do Not Track implementation. As well as a California Senate Bill proposing Do Not Track requirements for businesses now seemed like an ideal time to step up and turn a personal interest in privacy into a requirement for our product. Because I wanted to. Because I feel it is important that companies help ensure the privacy of users instead of trying to make money out of usurping it.

Mochi happens to be a small company that lets individuals be individuals and express themselves in our products. Want to join us? http://bit.ly/mochijobs


blog comments powered by Disqus