return to table of content

USPS shared customer postal addresses with Meta, LinkedIn and Snap

vzaliva
80 replies
22h0m

Clickbait title: USPS did not share anything intentionally. They negligently allowed tracking pixels from certain companies on their Informed Delivery page.

Of course, it's terrible from a privacy point of view, but let's be honest and call things as they are.

segasaturn
45 replies
21h9m

Why on earth is a government website linking anything from Facebook, Snapchat, etc? USPS isn't a trendy coffee shop or a designer brand, they're a federal agency of the United States government and should be held to a higher trust and privacy standard.

rty32
20 replies
20h44m

As the parent comment has explained, all USPS is doing -- at least from their perspective -- is to use some third-party analytics tools, without intentionally or specifically linking to Facebook or Snapchat.

Or put it this way -- is there a data analytics platform that is suitable & easy to use for any US government agency? Not that I am aware of (but please let me know). Without such infrastructure, these government organizations understandably are looking for those commercial options.

segasaturn
12 replies
20h21m

While I find it questionable that a government agency should be collecting analytics on its visitors in the first place, there are self-hosted analytics tools that they can use. One Google search turns up plausible.io which, even if its less convenient than Google would help with trust. It seems we've completely normalized the State conducting mass surveillance, tracking and metadata collection on citizens with the aid of corporate tech giants like Google.

vel0city
8 replies
19h3m

I don't think basic analytics is objectionable for a government org web service. I'd hope they'd be tracking "Do people use this? What kind of devices do people consume this site on? Is the page even loading properly for most people?"

This is analytics data.

Or maybe you'd call that "mass surveillance".

j5155
6 replies
15h33m

Sure, basic analytics is not objectionable. The issue comes from the analytics not being limited to basic things, as this post shows.

vel0city
5 replies
15h0m

I find it questionable that a government agency should be collecting analytics on its visitors in the first place

I don't agree with them using known abusers of personal data for the tooling, but this is what I was talking about.

I don't like them using Facebook for analytics, I don't know what they were getting from it. But the basic premise of analytics, I think they should do.

advael
4 replies
14h14m

Sure, but the answer they gave to this reporter was the same usual corporate garbage response that included "we need analytics to market our products" (???)

I think it's fucked up that any agency is "marketing products" at all, but inasmuch as this is necessary in some way, surely they don't need the kind of surveillance marketing that's questionably even worth it for corporate advertisers to use. It literally reads like a google or facebook lawyer wrote it

kelnos
1 replies
10h41m

The problem is that the USPS isn't really a "government agency". It's a weird hybrid where in some ways the USPS is more or less forced at act as a private company would. I agree that it's bonkers that a national postal service would need to "market its products", but the USPS is constantly facing funding issues (in no small part due to its weird setup), so they have to do something to... well, drum up business.

I agree that they shouldn't be using tracking code from Facebook etc. for their analytics, but they do need analytics of at least some sort. I think that should hopefully be uncontroversial.

advael
0 replies
4h18m

That wasn't always true, and changes in that direction were made to a lot of government agencies, doing things like making them pretend their budget is a business and that they need revenue streams is nonsensical and doesn't work, and I can say that with confidence because every time such changes are implemented the value of the department goes downhill fast, to the point where some people speculate that the intention of such policies is to kill those agencies. I sometimes buy that, but I also think we should acknowledge that while neoliberal political projects are often cynical and greedy, they are also often the result of incompetence. I see a certain naivete in people whose core competency has been gaining power through social influence not knowing how to actually build systems that work

bobthepanda
1 replies
13h48m

i mean the entire last few decades or so people have been banging the drum that parts of government, like the USPS, should "operate like a business" or even be privatized. so this being an end result of that is not that shocking, unfortunately.

advael
0 replies
13h41m

What's even sadder is that this is said in an economic and regulatory environment that has gradually winnowed away all the examples of businesses that made the argument even the slightest bit compelling if you squinted

A4ET8a8uTh0
0 replies
14h5m

Some of us do in fact believe that the only way to avoid common issues with mishandling information is not to gather it in the first place. I see sides of the same coin.

adenylyl
2 replies
19h28m

The US government does run its own self-hosted analytics platform (https://analytics.usa.gov), which the USPS does in fact use. Which makes it all the more questionable that they were additionally using third-party analytics.

nighthawk454
0 replies
9h15m

The data come from a unified Google Analytics account for U.S. federal government agencies known as the Digital Analytics Program.

Well…

mh-
0 replies
14h3m

Offtopic, I chuckled that the top* city visitors come from is Ashburn.

That's definitely just a GeoIP database picking up AWS traffic.

* (in the last 30 minutes, as of now)

nerdponx
1 replies
20h15m

Is Matomo not suitable?

chatmasta
0 replies
18h32m

I believe at least one French government website uses Matomo, based on the fact that I once used their React snippet to make it work.

Matomo is pretty solid. And you can always use it just to ingest the data, then analyze it with something other than the default dashboards.

SilasX
1 replies
16h22m

Still, I'd expect the government's bean counters to ensure that any usage of third party analytics involves some ironclad agreement to the effect of, "If you fail to meet <Herculean privacy desiderata>, then we f---ing own you", so at least the government gets something when said third party inevitably violates the agreement.

harles
0 replies
14h1m

Except it was the government agency that violated their agreements by providing this data. At least Facebook, based on their response, specifically put in the agreement that this sort of data should never be provided. It seems like the proposal of consequences flows the wrong way here.

uoaei
0 replies
20h18m

Security and similar audits are a big deal in government. Or, at least, they were...

pengaru
0 replies
13h13m

Imagine believing this wasn't the product of corruption and nobody got kickbacks for letting this "mistake" happen.

Symbiote
0 replies
20h19m

And now you see why the GDPR requires a site to list the third parties involved.

https://www.royalmail.com/privacy-notice and the cookie policy, 3.4.

Eumenes
15 replies
19h30m

Defund the USPS. They absolutely suck. 60% of their volume is junk mail. Lets save the planet.

colejohnson66
7 replies
19h13m

60% is junk mail because they’re not funded properly. Junk mail provides postage fees that fund them.

DangitBobby
3 replies
18h22m

This isn't exactly true. Even with junk mail they aren't profitable. But being profitable is a non-goal; they exist to serve the people, not to allow 3rd parties to harass them endlessly.

kelnos
0 replies
10h33m

That's not really the point. If they didn't push junk mail so hard, they'd be insolvent and fail. Profitability is not the issue.

But being profitable is a non-goal; they exist to serve the people

Agree, but someone should probably tell Congress that.

The situation is trash (literally; 95% of my mail goes directly to the recycling bin), but conservatives want the USPS to behave more like a business, and its funding -- and need to do crappy things -- reflects that.

colejohnson66
0 replies
7h44m

I never said they should be profitable, just that junk mail funds them.

Eumenes
0 replies
7h3m

Sounds like they exist to serve big business pumping out tons and tons of land fill routed trash, subsidized by the federal government/taxpayers. Given they're unionized, they can just lobby whomever to keep this unicorn status. Federal agencies should not be allowed to unionize.

_heimdall
2 replies
14h40m

If properly funded, do you really want the USPS filtering your mail to only deliver what they think you want delivered?

Their job isn't to stop junk mail. Their job is to reliably deliver whatever mail has my address on it to my mailbox.

reaperman
0 replies
13h28m

They don't have to provide bulk-mailing services to non-government entities. This is where someone says "Mail one of these advertisement packages to every person in this district", and it's not actually addressed to you. This would raise the cost of mailing spam to the same cost as mailing real letters.

kelnos
0 replies
10h32m

Not filtering, no, but I would like them to set bulk mail prices high enough to actually reflect the cost of the externalities of sending (and trashing) that mail. Fewer companies would send so much junk if they had to pay for its true cost.

StressedDev
5 replies
18h4m

The United States Constitution requires the United Staes Government to run a postal service. This means that the USPS must exist and it must be properly funded.

krapp
4 replies
17h52m

To be pedantic, the US Constitution simply grants Congress the exclusive power to establish post offices and post roads. Nowhere does it make any requirements about how Congress uses that power.

bdcravens
3 replies
16h52m

So much of the constitution is like that. Take the second amendment for example. "Arms" aren't clearly defined, affordability isn't guaranteed, taxation of such arms/ammo isn't restricted, and other amendment(s) can alter the provision of the amendment (ie, the fifth is why felons can lose their 2nd amendment rights)

_heimdall
2 replies
14h33m

The Constitution was never intended to spell out all laws of the country. It's a framework for how our government should work and a list of fundamental rights that should be protected at all costs.

The second amendment doesn't define "arms" because (a) at the time there wasn't much ambiguity there and (b) "arms" isn't actually the most important concept there. The second amendment enshrines the right for citizens to be able to stand up militias and defend themselves. The US didn't have a standing army until WW2, despite Alexander Hamilton's opinions on the matter. The second amendment was put in place because colonists lived under the thumb of a monarch and at the end of an army's barrel with nothing guaranteeing the people a right to defend themselves, their neighbors, or their fellow colonists (eventually countrymen).

krapp
1 replies
7h30m

The Constitution is a legal document and the foundation of all American law. It turns out a specific definition of "arms" would actually be very useful to the modern legal doctrines of the post-industrial society in which we actually live, as opposed to the pre-industrial agrarian society for which the British re-establishing their colonies, slave revolts and uprisings from Native Americans were problems worth worrying about.

_heimdall
0 replies
6h56m

The second amendment was a reaction to having lived under the oppression of British rule, not concerns over slave revolts or native uprisings.

That aside, the concept of amendments exist for a reason. It's totally reasonable for Congress today to amend the Constitution if a definition of "arms" is now needed. It wouldn't be the first time a new amendment modified or entirely voided an earlier amendment.

What we don't need is court rulings, executive actions, or even new legislation short of an amendment trying to modify or redefine an existing amendment. If an amendment needs to be changed or clarified that needs to happen at the level of another amendment, anything less is short cutting the system and, in my opinion, not democratic.

Retric
0 replies
18h25m

Defund the USPS.

How? The US government doesn’t fund the USPS.

There’s been some back and forth about the sudden mandate for USPS the pre funding retiree healthcare out 65 years, which nominally created a great deal of debt to the government as they failed to meet that sudden obligation. However, by removing the obligation that ‘debt’ disappeared as the government hadn’t actually spent any money on USPS retirees healthcare.

mindslight
3 replies
20h56m

I wholeheartedly agree with where you're coming from, but don't try to login to your IRS account these days without first taking some Xanax (tm).

Klonoar
2 replies
20h44m

I am pretty sure they said they’d reevaluate that ID login change but instead rammed it through.

I think about it every time I have to use it.

mindslight
1 replies
20h14m

The worst part is that it had been working just fine for me before. I already had a login that I think had been verified via postal mail. My IRS account obviously isn't going anywhere. Why do I have to create a completely new login, just to use less secure surveillance based authentication? It smells of corruption where someone gets a kickback based on how many people they can herd into the surveillance industry slaughterhouse. There are probably several layers of indirection (grift) because "government can't do anything", but that's still the underlying dynamic.

snotrockets
0 replies
13h11m

If I had to guess, the kickback isn’t from the auth provider.

Maintaining a system takes people & resources. For 40+ years, there’s a push to not allow the government to actually hire and manage those itself, but use commercial entities, because “big government is bad”.

So it is easier to get the approval to pay x2 as much for a 3rd party than do it for half the budget internally. And as things need to be done, you end up saying f*k it and help ruin public service because it was mandated you’ll do so.

And then you end up with shitty services, which was the intent all along: it’s not about big government, it’s about outsourcing government contracts to you and yours.

cqqxo4zV46cp
2 replies
20h45m

You are all over the place.

The person that you’re replying to already called it negligent. It’s clear that it’s negligent.

That’s different from USPS not having some “legitimate” reason to use a Facebook tracking pixel somewhere.

I’m not even American, but I just spent 30 seconds on the USPS site and came across an online store where you can buy gifts, etc. This reasonably puts them well within the ballpark of an organisation that’d seek to use this sort of tech. As anyone that’s worked with anyone in ecommerce marketing will tell you, there’s always organisational pressure to shove these ‘tracking pixels’ onto your site.

Again, it’s negligent that they did it, from a privacy POV. But let’s not conflate that with ‘old man grumbling about social networks’.

kelnos
1 replies
10h37m

Not the GP, but:

That’s different from USPS not having some “legitimate” reason to use a Facebook tracking pixel somewhere.

I don't think the USPS has any legitimate reason to be hosting tracking pixels from any entity outside the US government. USPS should have analytics on their website, but the USG has a hosted analytics package[0], and that's what they should be using -- which they are[1], so they should already be getting the data they need.

[0] https://digital.gov/guides/dap/

[1] https://analytics.usa.gov/postal-service

efromvt
0 replies
1h2m

The USG solution is just Google Analytics though, so…

jokoon
0 replies
20h39m

because that's how the guberment collects data

frankly I prefer when it's the government rather than companies selling it to foreign countries or scammers

rahimnathwani
9 replies
21h54m

How can a tracking pixel cause a customers postal address to be sent to Meta?

slotrans
8 replies
21h48m

1. customer enters their address in form fields

2. those form field values are templated into a GET request to the Meta tracking pixel (or POST request to the /events endpoint, or ...)

3. profit

they've made it very easy https://developers.facebook.com/docs/meta-pixel/implementati...

rahimnathwani
6 replies
21h40m

OK, based on your link the answer to my question seems to be: it's not a tracking pixel, but the "Meta Pixel", which the documentation describes as "a snippet of JavaScript code".

jameshart
5 replies
21h36m

Welcome to the wonderful world of affiliate marketing, adtech, and tag management.

In that world, third party ‘tags’ that are included in a page are generally referred to as ‘pixels’. Sometimes they are single pixel img tags. Frequently they are scripts. But the industry calls them ‘pixels’ anyway.

It is, surprisingly, not a terribly honest industry.

CyberDildonics
3 replies
19h17m

I don't know why you're being downvoted, calling full access javascript embedded into a page a 'tracking pixel' is a total lie. Then again 'serverless' is where you use a server, so the track record isn't great.

rahimnathwani
2 replies
18h55m

I guess most people reading this already knew that the term 'tracking pixel' has evolved beyond its original meaning, and is now commonly understood to include all sorts of tracking code.

I did not, but now I know :)

(And although serverless doesn't mean 'no server', we know what the word means and it doesn't cause confusion.)

ziml77
0 replies
16h42m

I also didn't know and I definitely don't like how it underplays the capabilities of the tracking.

everybodyknows
0 replies
14h56m

serverless

Doesn't the term confuse anyone hearing it for the first time? It sure did me.

slotrans
0 replies
21h45m

it could have been much worse, I have seen passwords leaked this way

("seen" meaning "I worked at a company where this happened and read the code with my own eyes" not just "I read it in the newspaper")

Terr_
4 replies
20h59m

They negligently allowed tracking pixels from certain companies on their Informed Delivery page.

I had to work on a feature like that, where individual client-companies wanted to sprinkle arbitrary pixel-trackers across different steps in our website's workflow for their users... Even today, I still worry I wasn't paranoid enough.

_______

For the curious/critiquing: When conditions are met, the main page JS creates a temporary <iframe src="..." sandbox="allow-scripts allow-same-origin">, and the destination URL (signed, time-limited) instructs a different subdomain to host up the icky arbitrary markup.

Yes, I know about the srcdoc attribute, and that would have been much easier except it breaks some tracker-code. In particular, Google Tag Manager silently stopped working, and it was because it contained some logic looking for "real site" aspects. This affected both `srcdoc` and also confused things when testing with `file://` URLs.

CWuestefeld
2 replies
4h12m

I spend a fair amount of time fending off requests from our marketing team to add every tracker they can think of into our site. It's as if they don't even think about the possibility that our customers might not like that.

crowcroft
0 replies
2h13m

There are layers to the problem.

The platforms do an incredible job of selling their ad tech across a business. No matter what business you're in the expectation is that Google or Meta etc. SHOULD work, and if they don't your marketing team isn't doing it right.

So then the pressure comes from execs to do whatever is needed to make these platforms work well. The execs aren't close to the details of what that means, but they want results.

Marketing then gets told they need to push more data to the platforms to make things work. This lines up with the what the execs have been told as well, more data is a good thing right?

Since marketers are non-technical the platforms want to make passing data to the platforms AS SIMPLE AS POSSIBLE. Which leads to these all encompassing data trackers (which conveniently is good for the platforms as well). Marketers don't really understand the tradeoffs, they just know more data is a good thing, and they HAVE to get this platform working well or else they're out of a job.

Then the question of should we trust Google or Meta is just hand waved away. They're huge companies 'of course we should trust them, they're the best in the world' – is a pretty easy pitch for a personable account rep to make over an expensive lunch. Even if you don't trust them, what are you going to do, not work with them while you're competitors make money???

IMO it's clear market failure and govt intervention is the solution. Complaining about marketing departments not doing the right thing is never going solve the problem.

belzsch
0 replies
1h56m

It’s not even about the customers.

We used to worry about trackers duplicating and profiling our player base back when we were running multi-billion dollar mobile games. F2P monetization being the long-tail beast it is, you really worry about ad platforms understanding your revenue dynamics. It was actually the managers who were worrying about trackers rather than the other way around.

I don’t know if you can find a similar argument in your industry, but losing the long tail to customer profiling can be a good string to pull.

lupusreal
0 replies
10h21m

I've been flat out blocking google tags manager for years and never noticed any breakage because of this.

dtgriscom
2 replies
16h15m

I got an email from a co-worker today, and noticed at the bottom of his signature a "Create your own email signature" link, which led to wisestamp.com. Turns out they sell an email signature service to companies.

I pointed out to him that advertising an unrelated company in his corporate emails was tacky, but even worse there was a tracking pixel in the email, clearly specific to him. So, any time someone opened one of his emails, WiseStamp would know.

He removed it immediately.

SoftTalker
1 replies
15h27m

I was critiqued on here the other day for saying I thought HTML was inappropriate for emails and that I use a plain text email client. This is one of the reasons. Reading an email should not expose you to “tracking pixels” and for me it doesn’t.

iamacyborg
0 replies
12h7m

People want to be able to include images in their emails, or bold text. HTML is fine for email, just turn images off by default

DevKoala
2 replies
20h13m

This is so naive. When you allow those tracking pixels you get paid to do it.

smelendez
0 replies
12h18m

Not directly. They’re used to track people’s behavior on your website after seeing an ad for your company, like knowing that people who see a Facebook ad for stamps are 12% more likely to buy them or whatever.

roadbuster
0 replies
2h41m

Not at all. Tracking pixels are installed by advertisers so they can understand if advertising on platform A, B, C actually drives business outcomes X, Y, Z. In other words, they're primarily a tool to see whether you're getting value for the ad dollars you're spending.

(Their secondary purpose is to let you show ads to people who already came to your website, i.e.: focusing your ad dollars on people who might actually care about your products and services in the first place)

ysacfanboi
1 replies
20h19m

If they allowed the tracking pixels, they intentionally shared the data. We all know what the tracking pixels do.

dotancohen
0 replies
15h12m

It's right there in the name.

nkrisc
1 replies
6h44m

Ok so they unintentionally shared customer postal addresses with Meta, LinkedIn and Snap.

Doesn’t really seem like clickbait to me.

vzaliva
0 replies
22m

The title is clickbait. If they did this intentionally, it is much more scandalous and will cause more outrage than just a stupid mistake.

gwerbret
1 replies
20h12m

Clickbait title: USPS did not share anything intentionally. They negligently allowed tracking pixels from certain companies on their Informed Delivery page.

You needed to read through to the end of the article. TechCrunch did its own testing and confirmed that the mentioned sites were scraping data from the USPS, including but not limited to the postal addresses. The negligence that allowed USPS to leak such information in the name of analytics or whatever it is they were gaining from Facebook et al. is unconscionable, and USPS are very much responsible, just as they would be for a trivial hack with the same effect.

1000100_1000101
0 replies
16h43m

When a researcher notices they can show source, or tweak an id in a URL and see data they shouldn't, and report it, they're threatened with jail time.

How come Meta can secretly scrape my web session, steal information, and that's not considered a massive violation of these same laws? These companies act like they're entitled to everything. Some CEOs and senior managers jailed for plotting these data theft tactics would be a welcome change... But it's never going to happen, and they know it.

dreamcompiler
1 replies
1h31m

USPS did not share anything intentionally.

We don't actually know that. What we know is that they said they didn't share anything intentionally. But there is almost no penalty for lying about such things and the USPS is desperate for money, so I don't think it's impossible that some USPS person made an under-the-table deal with Meta or another company to add this stuff to its website in exchange for a kickback. Only a detailed audit would be able to find out the truth, and that seems unlikely to happen unless Congress gets upset about the issue.

vzaliva
0 replies
24m

USPS did not share anything intentionally.

> We don't actually know that.

Hanlon's razor: "Never attribute to malice that which is adequately explained by stupidity."

rkagerer
0 replies
5h18m

I have trouble accepting that as mere negligence (vs. gross negligence). Anyone hosting a website should be familiar with the trackers and other cruft that comes from third parties they utilize. This is why I'm incredibly choosy about what libraries I use and which third parties I allow to put content on my site (directly or indirectly). If you don't have good insight on this you have no business including their assets/snippets. I use open-source analytics tools that run entirely on my infrastructure, not the junk from Meta etc.

"Everyone else does it" is not a palatable excuse.

These companies are known for having user-hostile, privacy-invasive reputations, so as developers we should by default be wary of them.

E.g. Including a Facebook "Like" snippet on your page lets them siphon all sorts of data from your visitors, particularly if the user hasn't logged out of their Facebook account. It's not how users expect the web to work, and it's an insidious technique (they're deliberately taking advantage of thousands of unwitting webmasters who don't understand the baggage that snippet comes with). More examples here: https://www.consumerreports.org/electronics-computers/privac...

Frankly, even if USPS was unaware, the data still ended up in those third party hands via their services so as far as I'm concerned, yes, they did facilitate the sharing of said data. At least they plugged the hole once it was pointed out to them.

not_wyoming
0 replies
2h56m

Post: Car strikes, kills pedestrian at crosswalk

Top post: Title is clickbait, driver didn't kill pedestrian on purpose.

Pedestrian: <is dead>

muteh
0 replies
20h0m

So the data wasn’t shared? These companies do not have USPS PII?

g15jv2dp
0 replies
14h28m

They intentionally shared data with "certain companies" that then shared it with meta etc. Let's be even more honest.

1vuio0pswjnm7
0 replies
10h22m

Title could be misleading but only if the reader jumps to conclusions; it does say anything about intent. It only says data was shared. That's 100% accurate.

USPS customers have no recourse so arguably intent is irrelevent anyway.

nullc
25 replies
22h56m

Government sites shouldn't load any third party content.

xeromal
9 replies
22h52m

I assume they are because they're broke

financetechbro
8 replies
22h49m

Government agencies are not meant to be profitable

AceJohnny2
3 replies
21h37m

Uselessly tied up budget and so many strings attached is functionally identical to broke.

I have a friend who works at USGS in California, the folks who track (among other things) volcanic and tectonic activity on the west side of the US (that includes Yellowstone).

For their field trips, they have a daily stipend for food & lodging of ~$100 IIRC. If you know the cost of lodging, you can understand how that's a ridiculously small amount.

abduhl
2 replies
20h48m

Per diem rates can be looked up at https://www.gsa.gov/travel/plan-a-trip/per-diem-rates. The standard combined rate is $166: $107 for lodging and $59 for meals and incidentals. This is adjusted for high COL locations. Many hotels have a deal with the government where rates are subsidized. Government employees should pay no taxes on their stays.

So yeah, they’re not staying at the Ritz on government business (and they shouldn’t be!) but it’s not like they’re living in a tent.

ghaff
1 replies
17h39m

That's still a small amount for many/most locations. It's certainly less than I'd pay myself out of pocket,

abduhl
0 replies
7h19m

Don’t take this the wrong way but I don’t think that the average HN poster’s view on lodging/expenses is the correct gauge for what’s an appropriate per diem for your average government worker on a business trip.

And if the government worker wants to travel for work like a consultant or a FAANG employee then they can of course pay out of pocket.

xeromal
0 replies
22h14m

Yup, it's hard to fault the postal service when the game is rigged against them from congress.

galaxyLogic
0 replies
22h39m

Right. And they are meant (?) to be transparent.

Only individual's information must be kept private.

cqqxo4zV46cp
0 replies
20h40m

OK. How do you propose to fix the current situation, then?

Completely impractical “yeah, but”-isms basically turn HN into an online political rally. This isn’t thoughtful conversation.

gosub100
6 replies
22h28m

USPS is not the government, they are one of the world's most prolific spammers.

toast0
5 replies
22h11m

How do you figure? Establishing Post Offices is a Constitutionally enumerated power of Congress, and the USPS exists as a Federal Agency since the Postal Reorganization Act of 1970 [1]:

The United States Postal Service shall be operated as a basic and fundamental service provided to the people by the Government of the United States, authorized by the Constitution, created by Act of Congress, and supported by the people.

[1] https://en.wikipedia.org/wiki/Postal_Reorganization_Act

gosub100
2 replies
18h52m

What do they "govern"? They distribute junk for advertisers. That's the majority of their existence. Can you imagine their carbon footprint? Driving to almost every US address 6 days a week to leave junk mail that 99% of goes straight to the trash. But I'm supposed to drive an EV or take the bus???

toast0
0 replies
18h11m

They govern the mail, by Act of Congress, as enumerated in the Constitution.

That you don't seem to like the USPS or its operations doesn't make it not a government service.

Some countries have no government postal service, and some have no postal service at all, but the US clearly has a government postal service.

jeffgreco
0 replies
18h24m

Yes, you should take the bus.

lacksconfidence
1 replies
21h29m

While I don't necessarily agree, the argument is that the 1970 postal reorganization act required the postal office to be self funded, and that since they are not funded with any federal dollars they are somewhere between a government service and a private service. Some argue that because of this we have seen a significant degredation in the quality of mail, because the USPS explicitly and intentionally delivers the equivilent of spam mail to every address in the country. They do this as a form of generating revenue that wouldn't be required of a proper government service. This ties into the current post as it seems plausible the reason USPS shares customer data with Meta is due to their requirement of self funding.

samatman
0 replies
17h50m

since they are not funded with any federal dollars they are somewhere between a government service and a private service.

This argument makes no sense at all to me (I did catch the part where you don't necessarily agree either btw).

There's no law which says that everything a government does has to be run at a pure loss on tax revenue. Many local utilities are owned by their respective governments, and are not infrequently run at a modest profit. That doesn't make them private, it makes them profitable.

Some argue that because of this we have seen a significant degredation in the quality of mail, because the USPS explicitly and intentionally delivers the equivalent of spam mail to every address in the country.

This is quite possibly the case, but has no bearing on whether or not USPS is a government entity, which, it is.

This ties into the current post as it seems plausible the reason USPS shares customer data with Meta is due to their requirement of self funding.

This, I do not consider plausible at all. I'm 99% sure that some youngster working on the digital side of USPS added some tracking pixels because it's all they knew how to do.

reaperducer
4 replies
21h23m

Government sites shouldn't load any third party content.

For a work project, I recently had to visit about 200 government web sites from countries all over the world.

It's surprising how many of them not only load third-party content, but actually have banner and pop-over advertising on them, especially in Asia and Africa.

By comparison, even America's worst government web site¹ is better.

¹ https://njfamilycare.dhs.state.nj.us

kjkjadksj
1 replies
20h58m

Seeing a page like that is refreshing these days. Loaded in a fraction of a second on my cellphone. Healthcare.gov on the other hand shows a blank screen on firefox mobile for ios.

wepple
0 replies
19h53m

At first I kinda recoiled at the horror of 1990s color.

But then, yeah, it loads fast and does what it needs to do. I don’t think I’d want my taxpayer money getting some hip design studio to “modernize” it.

BobaFloutist
1 replies
19h45m

Wow, it's not even .gov

davchana
0 replies
15h59m

I think the .us registry regulates the state name abbreviation subdomains, and school districts and county levels. I agree, not as good as .gov tld, but still, a layman lile me cant get a example.ca.us without some kind of proof showing actual connection with California government. (Not that California uses .ca.us, it uses .ca.gov)

dheera
1 replies
20h54m

I couldn't buy I-bonds from the US Treasury website because they are using a third party identity verification. WTF? Third parties can't verify me, I've infiltrated private companies with nonsense to protect my privacy. Ask the IRS, DMV, DHS, or USCIS instead to verify me, damnit.

fortran77
0 replies
19h55m

U.S. Savings bonds are something you "set and forget" and don't check up on them for decades. I had a HELL of a time acessing my online account (had to get someone from my congressman's office to get a Treasury Department manager on my case) to check my bonds that I bought in 2003 and, yes, I had my username, password, and the second factor stored in my safe deposit box, and access to the email I used to sign up for it.

The problem was the Treasury obsoleted the second factor they issued in 2003 (a physical lookup card with numbers on it) and I had to reverify myself. They couldn't log me in with the information I used to log into Treasury Direct two decades ago.

Reverification required entering information like the Driver's Licence number I had in 2003 and the DL expiration date of my 2003 licence (I don't know! It was in another state and I no longer have it) and some other security questions I apparently answered when signing up and short-sightedly didn't write down ("Favorite Vacation Destination")

Good luck logging in to check your iBonds 30 years from now! The don't issue paper bonds anymore to anyone. Maybe they're hoping for "breakage" -- people will simply forget they own them!

gnopgnip
0 replies
18h52m

Are there any government sites that are doing this right?

moomoo11
20 replies
22h43m

I hate using usps address change because they always leak my address.

I didn’t do it once when I had a short stint and that addrsss isn’t leaked…

richwater
9 replies
21h28m

Yet another reason I wouldn't care if the USPS shut down for good.

Between delivering spam mail and selling my addresses, they provide net-negative value to my life.

steego
2 replies
21h5m

How about you vote for politicians that pass laws to protect your privacy and minimize junk mail instead?

I personally use the USPS quite a bit to ship things and I prefer to use them over FedEx or UPS any chance I get.

cqqxo4zV46cp
1 replies
20h38m

Who said that they don’t? One person voting for a politician doesn’t change governmental policy JUST for them. How unnecessarily condescending.

uoaei
0 replies
20h15m

"instead" is the operative word here. It's commentary on priorities and reactionary attitudes.

Please don't inflame the conversation with more combative language.

ghaff
1 replies
17h56m

Your address is basically public information in a number of different ways (e.g. voter registration rolls and real estate transactions) unless you take a lot of steps, including using legal entities, to obfuscate it. I'm not going to specifically defend USPS practices but your address isn't really private in the US and many other places.

SoftTalker
0 replies
15h16m

Very true and this is why I’m not surprised by TechCrunch’s discoveries here. I just assumed they were tracking and selling the data as they always have been. I assume they’re selling the images of everyone’s mail as well.

snypher
0 replies
18h44m

Looking forward to an Amazon courier throwing my vehicle tabs in the river then marking 'delivered'.

rgovostes
0 replies
16h17m

I tend to agree, it is a net negative for me too. My weekly tour of the mail room is to discard junk mail that I ceaselessly try to opt out of. When I asked for them to stop delivering the magazine subscriptions of a previous tenant addressed to "or Current Resident", they told me they are not allowed to do so.

Once I chose to send a package through them, and I watched the tracking as the package rerouted to their lost mail center in Atlanta ("Mail Recovery Center", a misnomer if there ever was one). How could it be lost if they were still updating the tracking information? (Naturally, it was never "found".)

I briefly forwarded my mail to a relative's address while I was out of the country for an extended period, and they sold that to numerous institutions without my permission, creating a headache to unwind. To this day knowledge-based authentication systems quiz me about an address I never lived at.

I don't get a warm and fuzzy patriotic feeling from having a national postal service. If anything it feels like an anachronism. Paper mail has been virtually irrelevant to me my entire life.

mulmen
0 replies
20h55m

Yeah who wants a baby soaked in bath water? Throw it out!

mrj
0 replies
19h54m

The USPS is treated differently by Congress and is required to fund itself, unlike basically any other government service. It's unfortunate that something that was historically trustworthy has been essentially turned into some kind of weird government profit-making mashup.

I don't think USPS is a net-bad though. I can only imagine how bad Fedex and UPS would become if they didn't have to compete with the USPS. And they're already pretty bad.

But yeah.. wish they only delivered mail.

dylan604
0 replies
20h14m

They also give it away for free when you select to receive offers from whatever stores they've "partnered" with

bobmcnamara
5 replies
15h6m

Can I FOIA everyone's address?

bobmcnamara
1 replies
4h7m

I don't want to buy government records, I want to pay no more than a reasonable data copying fee. I've already paid my share as a tax paying citizen.

Aloisius
0 replies
1h31m

The taxes you paid don't fund USPS though.

ghaff
0 replies
7h47m

Probably also voter registration information in your state. And I'm sure there are real estate databases. And while much less applicable with the decline of landlines, most people's addresses used to be published annually in the white pages delivered to everyone. Your address just wasn't considered to be sensitive information for the most part historically.

Aloisius
0 replies
1h14m

That data doesn't appear to have personal names or anything else that can be used to connect them to a specific individual.

It's just all the addresses they deliver to with things like building type, schedules, route ids, etc.

Mountain_Skies
1 replies
21h7m

When I moved a year ago, I didn't file an address change. I only gave it to my bank and a few others I needed to keep informed of my address. Almost none of the junk from my old address has followed me to my new address. One annoying exception has been the DMV in my new state informing the Secretary of State in my old state that I surrendered my old state's license for one in my new state. The SoS sent me a letter asking if the move was permanent or not because if so, they wanted to remove me from my old state's voting roll. I understand the desire to keep voting rolls clean but I'm not happy that this happened behind my back. Plus before I moved, I went to the SoS's site for my old state and informed them that I was moving and should be removed. I'm guessing they get a feed from other states and just mail everyone without checking if you've already been removed. Given the general incompetence of the SoS in my old state, it's probably just a matter of time before they leak out my new address to interested parties. I haven't registered to vote in my new state and unregistered in my old state so it's not like I'm trying to double vote or even vote at all.

lh7777
0 replies
20h12m

Another option is to use the temporary address change form instead of the permanent one. You can have your mail temporarily forwarded for up to a year. Permanent forwarding also only lasts for a year. The only difference is that the USPS notifies everyone of your new address for permanent forwarding, but not for temporary. Just keep an eye out for any forwarded mail and notify the sender yourself if it’s something you want to keep receiving.

digging
20 replies
22h51m

Tracking pixels are just insane. I can't imagine a non-regulatory/legislative solution when the biggest companies on the planet will pay you money just to put a script on your page. How does that get outcompeted? Someone richer pays you to not sell out your users? Just ban this shit.

throwaway3306a
16 replies
22h7m

How does the law differentiate that from jQuery on a CDN? The CDN is also doing some amount of tracking, and some of it is simply technically necessary. Google is actually using the Google Fonts service to track traffic.

mdavidn
10 replies
21h42m

A CDN delivering something like jQuery will not receive cookies nor query parameters and will return a very generous max-age, allowing the browser to reuse the resource for any number of pages or sites without contacting the CDN again.

The value of CDNs like this has diminished greatly with the advent of HTTP/2 and HTTP/3.

mdavidn
7 replies
21h18m

This is true, but there is a mitigation available: The site can require the resource to match a specified cryptographic hash before running. This did not work with polyfill.io because that CDN would dynamically return different resources based on the user agent.

https://developer.mozilla.org/en-US/docs/Web/Security/Subres...

rvnx
6 replies
21h2m

Technically CDNs are not needed, we could just fully drop CDNs as well and cache files by content hash in the browser across multiple sites (<script hash="AAAAAAAAA" fallback="https://cdn..."></script>, instead of by path).

It would make the web faster and reduce tracking.

Now, is that really what Google Fonts or Cloudflare CDN wants ?

Maybe, but it will reduce the amount of data shared to the intelligence groups.

Lukas_Skywalker
4 replies
20h35m

Caching across sites is a privacy risk in itself, because scripts can measure the time required to load a resource and therefore detect if a visitor has visited another site with the same resource before. That‘s why modern browsers no longer cache across sites.

https://news.ycombinator.com/item?id=24894135

dotancohen
3 replies
15h5m

Why not add a random 1000-3000 ms delay to making the cached resource available? Timing attacks are not a new phenomenon.

minitech
1 replies
14h31m

Because the point of cache is to save time, not waste it. Like most naïve delays in response to timing attacks, that also doesn’t solve the tracking problem – if there’s any detectable difference (consider a cross-site tracking server that serves the content with a controllable delay) under any circumstances (consider network and disk load and availability), the mitigation is defeated.

Sites don’t share that many resources byte-for-byte anyway. The current solution is fine.

dotancohen
0 replies
6h40m

Caches also save bandwidth - for the user, for the server, and for the potentially overloaded network as well.

fn-mote
0 replies
7h0m

Random delays don’t stop timing attacks. You just need to gather more data before your estimate of the “unrandomized timing” is good enough for you to make your conclusions.

cqqxo4zV46cp
0 replies
20h33m

It’s hilarious that your off-the-cuff solution to “stopping data being shared to the intelligence groups” is itself reintroducing a known and now-mitigated security vulnerability.

This stuff isn’t easy. HN has way too big a head.

digging
0 replies
21h11m

I mean I'm not writing a literal law, but that would be roughly illegal and punishable in my fantasy world where a right to digital privacy existed. Laws, as a rule, don't physically stop anyone from doing anything they want. Plenty of illicit things happen on the internet already.

tmoertel
2 replies
19h45m

Google is actually using the Google Fonts service to track traffic.

According to https://developers.google.com/fonts/faq/privacy#when_i_embed...,

"For clarity, Google does not use any information collected by Google Fonts to create profiles of end users or for targeted advertising."

throwaway3306a
0 replies
11h48m

I'm sure they don't. That's also not the only thing you do with tracking.

g15jv2dp
0 replies
14h28m

Ah, well, if it's written in a FAQ, then the most naive interpretation of the sentence must be true. No way they'd just lie or pull off a "trickster genie" interpretation of that sentence.

digging
0 replies
20h57m

How does the law differentiate that from jQuery on a CDN? The CDN is also doing some amount of tracking, and some of it is simply technically necessary.

I don't know, it might be an intractable problem. It sucks how there's no way to tell the difference between the payloads of two different 3rd party scripts when they're executed in the browser, huh?

BeFlatXIII
0 replies
3h56m

How does the law differentiate that from jQuery on a CDN?

Functional utility for the end user

Mountain_Skies
1 replies
21h42m

Make possession of PII highly risky so the value of collecting this data becomes negative. Then you don't have to come up with cat-and-mouse regulations trying to chase down the latest workaround of the law as companies won't want the liability that comes with possession of the data in the first place.

digging
0 replies
21h8m

Indeed that's a far preferable and more effective approach. PII should be radioactive. Let's see who really needs it to run their business.

roadbuster
0 replies
2h31m

when the biggest companies on the planet will pay you money just to put a script on your page

AdTech companies don't pay you to install these on your websites. Their customers install them to help understand if the ads they're already paying for are leading to the outcomes they, the customers, care about. I posted a related comment here: https://news.ycombinator.com/item?id=41007679

  <Customer> I want people to sign-up for my F2P game
  <Google> We can show ads to people who may be interested in your F2P game
  <Customer> How do I know if the ads I paid for actually led to installations?
  <Google> Install this script on your "thanks for signing-up" page
  <Customer> Cool thanks

KennyBlanken
6 replies
22h13m

Wait until you hear that the USPS scans the front and back of every piece of mail that passes through its high-speed scanners, stores it for an unknown period of time, and makes those records available to law enforcement.

Those images are part of their 'informed delivery' service which you can sign up for.

I've noticed on a number of occasions that the contents of the envelope were noticeable without enhancement and legible with simple contrast/level adjustment.

kyleee
1 replies
21h55m

Another example of dragnet spying. People are too stressed to care

jeffbee
0 replies
19h51m

No they just don't care. The kind of privacy maximalism found on HN appeals to one in a million. It is not a mainstream issue at all.

hunter2_
1 replies
21h23m

the contents of the envelope were noticeable

I've seen that as well, but I place the blame on the sender for using an envelope that isn't fully opaque.

SoftTalker
0 replies
15h2m

Or they scan using UV or other frequencies so that even if the envelope is visibly opaque it’s not opaque to their scanner. Sometimes their post processing slips up and reveals that their scanner can see thru the envelope.

uoaei
0 replies
20h13m

It's pretty hard to believe they don't also regularly use endoscopes on random or suspicious packages when there's a little space to insert one.

davchana
0 replies
15h54m

There are whole discussions on various forums and subreddit about image background, fonts of address, sending addresses of USCIS letters to immigrants applicants, to know or guess whats the content of the letter, due to anxiety and curiosity of can't wait until you actually open the letter, that if this letter is a routine acknowledgement, or interview request, or request for proof, or approval or something. Most of the time if the address section shows a part of green statue of Liberty, its a good news.

xyst
4 replies
22h31m

Only need to sign up for informed delivery via website, then the service sends e-mail and/or texts. Have rarely needed to use their site directly.

Still it’s a major oversight on their part. I wonder if the tracking pixel is loaded as part of “social login” or “social media integration”.

Yet another reason I don’t use that shit, and heavily block them across all sites.

sphars
3 replies
21h22m

Can anyone confirm if there are tracking pixels or similar on the emails themselves? I too never visit the website, I just look at the emails.

zzyzxd
0 replies
20h33m

USPS Informed Delivery emails have tracking pixels. But all the mail scans are just attachments to the emails. You can configure email client to not load any remote content and the they will still get rendered pretty nicely. I was pretty surprised to see those attachments in the first place, because some of the scans were quite large (a few hundreds KBs).

xyst
0 replies
20h31m

I can't say for sure, but haven't worried about it since I opted to _not_ load remote content in e-mail messages.

spike021
0 replies
21h1m

Some of the email themselves have ads too. For instance the latest one for me has a Chase banking ad.

ranger_danger
4 replies
18h40m

Friendly reminder that FedEx (and probably others) use onboard Flock cameras, who sells the video feeds to law enforcement without probable cause.

samatman
3 replies
17h44m

That which takes place in public has never been, and will never be, subject to 4th Amendment protections. Otherwise the police would need probable cause, and therefore a warrant, to look at you while walking down the street.

ranger_danger
0 replies
14h49m

Clearly it is a contested issue even within the court system, there have been verdicts made that go both ways on the same issue and many lawyers are noticing that your position is not shared by everyone in charge, and I do not think any of us are in a position to make such unfalsifiable claims.

https://www.aclu.org/news/privacy-technology/warrantless-pol...

https://news.bloomberglaw.com/us-law-week/police-turn-on-hid...

the court determined that no “search” had occurred prior to the entry in Tuggle’s home, so the Fourth Amendment did not apply. To reach this conclusion, the court had to set aside the dictionary and replace the normal meaning of “search” with a fuzzy definition that different courts interpret in different ways at different times.
ranger_danger
0 replies
17h33m

And FedEx delivers on private property 90% of the time, all day every day. This includes car license plates which they actively scan for, meaning your physical location is now being tracked and sold. Cameras always running.

ranger_danger
0 replies
4m

the police would need probable cause, and therefore a warrant, to look at you while walking down the street.

I cannot even begin to fathom this logic

ysacfanboi
3 replies
20h17m

This perhaps explains why I couldn't successfully submit the change of address forms while my ad and tracker blocker was on. Why is this legal?

jondwillis
0 replies
18h37m

Because we have failed to adapt our laws sufficiently to keep up with modern networked computing realities. And it is more profitable in the short term (the short term is ending, right about now, in my opinion) to continue to not update our laws.

We are going to start to see productivity drop at some point (now) from all of the corruption and inefficiencies that are stacking up to pay for said short-term profits.

djbusby
0 replies
16h9m

Lots of places have the ad/tracker code in paths that can't handle the error correctly. Like, they always think the object they need is there (window.google.tag or whatever).

We need to educate the Journeymen in the game to use try/catch and other methods so the hot-path don't die.

Not sure about the illegal part but, for sure a failure in test cases.

bredren
0 replies
13h30m

Really, you don’t want to fill out a permanent change of address form with the USPS.

They sell that information. Or license it. Or whatever they call it when they are holding booths at advertising and marketing trade shows.

You want to fill out a temporary change of address, renew it the one allowable time and then ghost USPS.

By then you should have updated your personal and business contact info with any group you care about.

USPS is one of the largest distributors of spam in the United States.

carom
2 replies
12h49m

Tangentially related, the government publishing my address whatsoever really upsets me. Voter records, property records, the DMV, and the USPS all in some way publish or sell citizens' addresses to private companies. I do not know why this is legal. I do not want anyone outside of the government knowing my address.

smcin
0 replies
8h47m

Sure, but the USPS is not a government-owned corporation (like Amtrak), it was made an "independent agency" of the US executive branch back in July 1971, over half a century ago; under Nixon [0].

The head of the USPS (Postmaster General, currently Trump appointee Louis DeJoy) reports to the Board of Governors [1] (9 governors + PG + Deputy PG) who are nominated by the President; the PG can be removed by an absolute majority of the board. The USPS is overseen by the Office of Inspector General (USPS-OIG), current head Tammy Hull [2] and has a "hotline" (actually a web form) for reporting complaints [3] which fall under its focus areas, which includes fraud, computer crime and employee misconduct. Seems like one place to start.

For previous 2022 discussion of controversies involving Postmaster General DeJoy and what it would take to remove the PG, see [4].

The PG has no term limit but most recent PGs averaged ~5 years. Historically it wasn't seen as a partisan appointment and wasn't replaced when an incoming President changed to the other party.

[0]: https://en.wikipedia.org/wiki/United_States_Post_Office_Depa...

[1]: https://about.usps.com/who/leadership/board-governors/

[2]: https://www.uspsoig.gov/

[3]: https://www.uspsoig.gov/hotline

[4]: "Can Biden fire US Postmaster General Louis DeJoy?" https://www.federaltimes.com/federal-oversight/2022/08/24/ca...

russianbandit
0 replies
12h6m

TBH I don’t even want the government knowing my address.

alsetmusic
2 replies
22h49m

When reached for comment, Facebook spokesperson Emil Vazquez provided a statement: “We’ve been clear in our policies that advertisers should not send sensitive information about people through our Business Tools. Doing so is against our policies, and we educate advertisers on properly setting up Business Tools to prevent this from occurring. […]

Seems pretty convenient to blame the people using the tool.

Our system is designed to filter out potentially sensitive data it is able to detect.”

And just how much attention is spent making that work well? Or is that really just an afterthought with no ongoing improvements so that they can say they tried?

zelphirkalt
0 replies
22h5m

I mean, filtering messages that contain _addresses_ ... That must be an almost impossible task to do for machines of a multi billion dollar company!

tqi
0 replies
21h22m

Is it also Apple's fault when people send inappropriate messages via imessage?

whalesalad
0 replies
17h21m

This is what happens when Trump "drains the swamp" and appoints dipshit leaders to critical infrastructure.

troupo
0 replies
22h32m

On top of all this people keep uncritically posting news like "Meta will not provide AI models to EU due to regulatory uncertainty"

Shit like this is the only "uncertainty"

ta988
0 replies
19h36m

Now go ask your bank that does the same... And your local government, and your dentist appointment tracking system and...

surfingdino
0 replies
8h23m

For all this spying the quality of products and services is going down, so what's the point?

soygem
0 replies
4h7m

TAD, Total Advertiser Death.

smolder
0 replies
10h4m

This may sound hyperbolic but I think the US is a failed state. Humanity is facing a mess because the hegemony is falling apart in the hands of extremely incompetent leadership. Generations of nepo-babies have led to incompetency. In very simple terms: today's rich are stupid.

markus_zhang
0 replies
22h14m

PAY ME!!!

kvetching
0 replies
8h30m

People would be horrified if they knew the extent to which basically every corporation shares data with everyone else for "business intelligence"

grendelt
0 replies
17h37m

Another reminder we still don't have an overarching, comprehensive data privacy law for US citizens ala GDPR.

falqun
0 replies
11h35m

"oh sorry, the computers at fault here, cant do nothing about it" - god I hate that line of reasoning. Its your system, so its your responsibility.

cute_boi
0 replies
22h44m

We’ve been clear in our policies that advertisers should not send sensitive information about people through our Business Tools. Doing so is against our policies, and we educate advertisers on properly setting up Business Tools to prevent this from occurring. Our system is designed to filter out potentially sensitive data it is able to detect.

Please stop denying the fact that you could have disabled usps when they sent the sensitive data. But why would facebook/meta do it when they need so data.

And, why is USPS even using meta etc..

XCSme
0 replies
19h31m

I am happy that my building has this pick-up box system: https://www.my-pup.com

When you order, you enter their own address and name, so neither the delivery company, nor the web shop, have your details.

AustinDizzy
0 replies
14h0m

This just highlights the pervasive privacy issues in adtech. Many platforms today even support server-side events tracking which bypasses client-side detection & prevention like an adblocker would do to a tracking pixel. The true scope is alarming: way beyond clicks and views, they track events like "MakeAnAppointment", "AddPaymentInfo", "LoanApplication", etc.

This is the real reason why TikTok is a national security risk. Their ad platform, widely used by Shopify, Adobe, Segment, WooCommerce, etc., collects intimate data on non-TikTok users: prescriptions, medical appointments, loan applications, credit card details. Millions who'll never use TikTok, Facebook, etc. are still subject to this data collection in the name of "converting users to customers".

https://abs.codes/blog/2024/03/tiktoks-all-seeing-eye-survei...

At the policy level, we urgently need a national data privacy act to address these types of systemic issues. At the technology level, things like zero-knowledge advertising could mitigate a lot of the user privacy risk.