Privacy: The Future of Content Filtering

Peter Lowe shared his thoughts on the future of data protection and internet tracking on the eye/o blog last week.

Tracking on the internet is something that's very, very hard to avoid, if not completely impossible. It's so common and accepted that even companies claiming to be "privacy preserving" actively implement methods to circumvent attempts to block them. Massive data breaches have shown the type and scale of data that's being kept about us. It's everywhere.

Sometimes it might be tempting to give up and just accept tracking as a fact of life -- and, actually, that's what more than a few people I know have done -- but there's still a lot you can do to minimize the amount of your personal data being kept, shared and sold. And there are countless people working on standards, regulation, tools, services, and methods to help us - so it's not entirely hopeless.

But what does the future look like? I have a few guesses.


Regulation has arrived, and is here to stay. More and more places in the world are implementing regulation around data handling to a greater or lesser extent, and companies are having to adjust to take this into account.

You've probably heard of GDPR, and may have heard of the CCPA in California - but did you know that Nevada has its own regulations? And even China is talking about implementing their own laws?

However, each set of rules is slightly different. Some are focused on individual rights, some are more focused on company responsibilities. Some have teeth, some don't. So what I expect to become more common is something along the lines of tax laws: companies will start operating out of regions that are advantageous to what they're trying to do.

We've already seen this to some extent. Quad9, the open public recursive DNS resolver that provides malware protection for free, moved its operational and legal headquarters to Switzerland recently. This ensures that legally it's an EU organization, and subject to GDPR along with all the other regulations. Though on the flip side, it's not uncommon to see error pages saying that a site is no longer operational for visitors in the EU.

So, just like funneling money through tax havens and taking advantage of shell companies, data will be stored in places where the rules don't apply. Legal loopholes will be taken advantage of, allowing data to be abused in ways that the regulation has tried to prevent. And none of this will be visible to anyone except the most determined analysts.

Layered privacy protection

Most people I know use some form of browser addon for content filtering, in particular ad blocking. This is great for browsing, but with the proliferation of chatty IoT devices, services loading in the background, mobile phones, and whatever else, this isn't enough anymore.

This means that people interested in protecting their privacy online need to look at additional methods. DNS filtering, for example, is a great way to protect your whole network against threats and data sharing coming from IoT devices - especially those that can't be upgraded and have no way to configure. For more serious applications and specific uses, VPNs are another way to mask your behaviour online. And simply using privacy focused services is a great thing to do - DuckDuckGo, the Brave Browser (and their new search engine), Apple iOS - these are all using privacy as a selling point.

My prediction on this side of things is: privacy will move from being a unique feature, to becoming something that is actively looked for and more commonly offered. And if you care about your privacy online, then we'll have to use these products all over the place.

New threats

Regulation is coming into place, the ways to protect ourselves are becoming more plentiful, and everything's getting easier to use.

Which means one thing: the people who want to track you are going to try harder.

Browser fingerprinting used to be uncommon; now it's a standard part of how ad networks operate. Server-side data sharing was unusual for most companies; now it's becoming the default. CNAME cloaking was basically just a theory at one point; now academic papers are being published on how widespread it is.

But that's just the start.

Facebook has patented methods for identifying a camera's geolocation based on scratches on the lens, and the people it can identify in the photo. Amazon wants to monitor people's moods based on the sounds an Echo device can hear while you're sleeping. Oculus (well, Facebook) is monitoring what people are looking at and how they're moving, so that it can place ads directly into VR games. Fitness trackers are identifying users with PTSD and targeting ads for antidepressants at them.

One of those is false - but without checking, do you know which one?

So where are new threats going to come from? This is harder to predict, but my guess is that we'll really just see more advanced versions of what's already happening: taking data that doesn't seem useful, and turning it into a way to build up profiles of people and target them. As tracking becomes even more pervasive and precise, unconscious details like eye movements, heart rate, involuntary actions, microexpressions, if they aren't already being factored into targeted ads, will be.

And, of course, SPACE ADS. We're going to see ads from space and privacy threats alongside them. But that's a whole other article.

  • There are no suggestions because the search field is empty.
Latest posts
DNS Price: Total Cost of Ownership Analysis DNS Price: Total Cost of Ownership Analysis

Mastering IT Budgets: How to Conduct a Thorough Total Cost of Ownership (TCO) Analysis of Your IT Infrastructure

In today's rapidly evolving technological landscape, enterprises are continually seeking ways to optimize their IT investments to enhance efficiency and reduce costs. One crucial metric that aids in this endeavor is the Total Cost of Ownership (TCO). Understanding TCO is vital for companies, especially when evaluating DNS solutions and...

The Real Price of Free DNS Services: What You Need to Know The Real Price of Free DNS Services: What You Need to Know

Domain Name Systems (DNS), essential for translating domain names into IP addresses, are the backbone of internet browsing. In a digital landscape where operational efficiency and security are paramount, the allure of free DNS services is understandably strong—especially among small to medium-sized businesses and tech-savvy individuals looking to optimize network security without substantial costs. This article aims to provide a comprehensive und...

RSAC 2024 Recap: The Start of a New Era with AI RSAC 2024 Recap: The Start of a New Era with AI

Last week was the 33rd Annual RSA Conference 2024 in San Francisco. If you’re in the cybersecurity industry, you know it as one of the biggest events of the year. There were over 40,000 official attendees and an equal number traveling to San Francisco to unofficially attend the event.

Explore More Content

Ready to brush up on something new? We've got even more for you to discover.