IANAL, but I am generally familiar with HIPPA. This is probably not a HIPPA violation because the HIPPA rules only apply to specific sorts of businesses, and the healthcare.gov site is not one of them. For instance, I could share any medical details I had on you as much as I want without violating HIPPA laws.
It sounds like you're using the ad industry's definition of "PII". That definition is ludicrous. The bulk of information that can be used to identify me personally falls outside of the standard definition of "PII", and so the term "PII" is pretty much devoid of meaning.
There is zero evidence that this data is being used for advertising purposes - the article makes a lot of speculation. For example:
I disagree. The evidence is that the data is being sent to them. Nothing more needs to be proven. There is no -- as in zero -- legitimate reason for the site to be doing this. All performance analysis they need can be done in-house.
For example, IBM does both - but they also do pretty good data analysis. Would you rather it goes to some 3rd-world country for analysis (because you can be pretty sure it will be sold)?
I honestly don't see any difference between the two scenarios. I have no reason to think that domestic ad companies are any more trustworthy than 3rd world country companies (and I have several reasons to think that they're not). I'm pretty sure it will be sold either way.
Ahh, I understand. You'd also have to not be an AT&T user. Best bet is to actually test for header injection first, since we don't really know all the carriers that do this. Particularly with the small carriers, since they are just reselling service from the major carriers.
There are only three possible explanations for this: the two phones were using different carriers, or they were being tested in different geographical locations, or the cell carrier itself is making the distinction for some weird reason. The header injection itself is totally unrelated to the phone, the operating system, or what the software on the phone does.
My definition of "tiny" is "under 5,000 people". I live in a state that has no city that is as large as 3 million people. But perhaps there are more than the usual number of electronics hobbyists in my state.
I assume this is due ot a "no track" setting at the browser application level.
The browser has nothing to do with this at all, and there's nothing a browser (or any other software you can run on the phone) can do about it short of using a VPN.
When you did your tests on the Android phone, are you quite certain that you weren't using the WiFi connection? The tracking header is only inserted into traffic that goes over the cell network.
I wonder if we could fuck with this services though by creating a Mozilla addon that inserts this header and fills it with some random garbage on each request. If enough people used it maybe we could DOS their database by filling it with UUID seen only once?
No, that wouldn't work. The header is inserted well after the request leaves your phone. If you insert the header yourself first, it will just get overwritten once you've sent it.
I know this is meant to be a joke, but closing Radio Shack means there is no longer any place you can just run out and grab a specific capacitor or DB9 connector or whatever.
I have never lived in a larger-than-tiny town that didn't have at least one independent electronic supply store within driving range. I haven't set foot in a Radio Shack in years, but I am always totally able to run out and grab components at the last minute.
Meh. Radio Shack actually died decades ago, once they decided to stop being an actual parts supply store. All of my sadness passed way back then.
You don't have an real electronic supply stores in your area? My sympathies...
I am, actually.
Doesn't everybody?
Fortunately, no.
peer pressue...have you tried to have a social life these days without a stupid FB profile?
Yes, I have, and have found no problems whatsoever doing so. My social life is rich and full and completely Facebook-free. I've never had a date react to my lack of Facebook in a negative way.
I am hoping my hardest hope that my employer won't use this. Right now we're forced to use the thoroughly horrendous Jive app for internal social media "needs", and I fear that Facebook's offering might be better. I fear this because the awfulness of Jive is currently an excellent excuse to avoid using it at all. Replacing it with something less awful might make it more difficult to avoid.
The one day you'd sell your soul for something, souls are a glut.
