Google Is Dodging Internet Explorer's Privacy Protections (So Is Facebook) : All Tech Considered Google, Facebook and 11,000 other companies are circumventing privacy protections in Internet Explorer.

Google Is Dodging Internet Explorer's Privacy Protections (So Is Facebook)

Google tricked both Apple's and Microsoft's Web browsers into allowing its third party cookies — even when browsers were set up to block them. Mark Lennihan/AP hide caption

toggle caption
Mark Lennihan/AP

Last week, when Stanford researchers discovered that Google was circumventing privacy protections on Apple's Safari browser, executives at Microsoft couldn't help getting in a few digs at two of their biggest competitors. Here's what Microsoft's General Manager Ryan Gavin wrote at the time:

This type of tracking by Google is not new. The novelty here is that Google apparently circumvented the privacy protections built into Apple's Safari browser in a deliberate, and ultimately, successful fashion.

If you find this type of behavior alarming and want to protect your confidential information and privacy while you're online, there are alternatives for you. Windows Internet Explorer is the browser that respects your privacy.

Windows Internet Explorer may respect your privacy but that doesn't mean it successfully protects it from Google — or other firms. Monday the company revealed that Google was bypassing privacy protections on its IE browser as well.

Turns out so is Facebook. And so are thousands of other companies.

Ten years ago Microsoft helped create a protocol that allowed your browser to tell websites which cookies it would and wouldn't accept. It's called P3P in the industry and it stands for the Platform for Privacy Preferences Project.

But unfortunately P3P has become an industrywide joke. Thousands of companies have found ways to work around it. It's not that hard. Websites simply send code that lies about what they are up to to your browser. Carnegie Mellon researchers found 11,000 examples of this kind of electronic deceit. And there are no cops on the beat and few consequences for companies that fib.

This has been an open secret in the industry for years. And as the Safari debacle just illustrated, this kind of problem isn't unique to Intent Explorer or P3P.

When you set up any major Web browser you can determine how much privacy you would like. Do you want to accept cookies for the sites you visit? Those cookies make life easier. They allow you to automatically sign in to The New York Times — or allow your bank to recognize that the computer you are using is associated with your checking account.

You can also choose to accept third party cookies. These cookies are placed by ad networks and they can track your surfing across the net. Ad networks use them to place ads that are relevant to you on all sorts of websites.

So if you've ever had the experience of shopping for, say, a pair of a snow boots online and then noticed that ads for those boots are tracking you — following you around the digital world — that is a third party cookie at work.

Safari was set up to block third party cookies by default. Microsoft's IE was not — but you can ask it to. You can even ask Google Chrome to do it as well — but you have to dig to find that option.

What Google did was to trick both Apple's and Microsoft's browsers into allowing its third party cookies — even when browsers were set up to block them. Google responded in a statement saying that settings for its IE browser are "widely non-operational." And Facebook said the P3P policy was outdated.

All of this is going on behind the scenes. And only the most sophisticated computer users are typically even aware of the complex conversation that occurs between their computer browser and the websites they visit.

However, Google's privacy practices are attracting increasing scrutiny. The company announced last month it plans to change it privacy policies March 1 and begin consolidating information it collects about millions of users.