Back in 2022, I wrote this rather grumpy post on Mastodon, the federated social media platform. @Edent@mastodon.socialTerence EdenMastodon enforces a "noreferrer" on all external links.I have mixed feelings about that.As a blogger, I want to see *where* visitors are coming from. I also like to see (and sometimes join in) with the conversations they're having.But, I get that people want privacy and don't want to "leak" where they're visiting from.Is it such a bad thing to tell a website "I was…
It’s not entirely clear, but it appears to be up to the instance operator.
Users can disable referer headers in their browser settings which overrides anything the instance operators can do.
Only nerds do stuff like mess with their browser settings through about:config. The bulk of activity is from people who don’t mess with those settings and don’t stay aware of what’s going on. Those are the ones who the info gatherers want to observe, so that’s why the system should be opt-in in every case, and it’s also why they want it to be the opposite.
If people dont care enough to mess with their browser settings thenselves, then they can either a. join a privacy-focused Mastodon instance whose admin will keep the “no referer” policy, or b. live with the fact that choices are being made for them. People need to take actions for themselves, we cant treat everyone like babies.
There’s legitimate interest in knowing where people come from, though, and asking on your own page “how did you get here?” is hardly going to work. Personally I don’t think it’s much of an issue if some random commercial site sees that I got there via lemm.ee, it’s not giving away much at all, not even whether I have an account here and certainly not as much as tracking cookies. OTOH I also think it could be done better, wich tech similar to Mozilla’s aggregate (i.e. you’re just a number in an anonymous mass) ad clickthrough thing. Sites would see “yep we got a number of visitors from lemm.ee, and that number from lemmy.world” but wouldn’t know which of their site impressions corresponded to which origin.
I fundamentally disagree, if shops started scanning people’s phones as they walked in to find where they had been last before they entered their shop people would be outraged, but somehow this has become accepted practice on the web.
You think malls don’t have data on shopper movement? That a random kiosk owner can’t distinguish people who come from high school from the after-church crowd from the office workers from the tinfoil-wearing nerd always coming at 2am so that they can minimise social interaction? That they will have coffee ready for the morning shift, and beer for the club crowd?
I know malls track peoples movements throught them and thats creepy as fuck too, though I dont think they tie IDs to individuals, just monitors where people move throughout them.
The rest of your post makes no sense, yes obviously peole can tell the diference between commuters wanting coffee and people on a night out getting drunk. But that is very different to having a label on everyone saying “came from my mistresses house” or “came from my weed dealer” on each person, which is more akin to the level of detail given by referal links.
“Knowing where people come from” does not imply ID’ing individual people, which is why I specifically mentioned that Mozilla technology. The legitimate interest is in aggregate data, and yes “lots of people come here from the brothel” is legitimate data. “This particular person did” is not: If you wear a suit and happen to come with the office crowd doesn’t mean you’re an office worker, you could be a travelling salesman.