Autonomía digital y tecnológica

Código e ideas para una internet distribuida

Linkoteca. email


Urchin Tracking Module (UTM) parameters are five variants of URL parameters used by marketers to track the effectiveness of online marketing campaigns across traffic sources and publishing media. They were introduced by Google Analytics’ predecessor Urchin and, consequently, are supported out-of-the-box by Google Analytics. The UTM parameters in a URL identify the campaign that refers traffic to a specific website, and attributes it to the browser’s website session and the sessions after that until the campaign attribution window expires. The parameters can be parsed by analytics tools and used to populate reports. Example URL, UTM parameters highlighted, after the question mark (?):

https://www.example.com/page?utm_content=buffercf3b2&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer

Confidential Mode will push users further into Google’s own walled garden while giving them what we believe are misleading assurances of privacy and security.

It’s important to note at the outset that because Confidential Mode emails are not end-to-end encrypted, Google can see the contents of your messages and has the technical capability to store them indefinitely, regardless of any “expiration date” you set. In other words, Confidential Mode provides zero confidentiality with regard to Google.

But that’s only the beginning of the problems with Gmail’s new built-in IRM. Indeed, the security properties of the system depend not on the tech, but instead on a Clinton-era copyright statute. Under Section 1201 of the 1998 Digital Millennium Copyright Act (“DMCA 1201”), making a commercial product that bypasses IRM is a potential felony, carrying a five-year prison sentence and a $500,000 fine for a first offense. DMCA 1201 is so broad and sloppily drafted that just revealing defects in Google IRM could land you in court.

We believe that using the term “Confidential Mode” for a feature that doesn’t provide confidentiality as that term is understood in infosec is misleading.