FUD For Thought: HTML 5 Databases Will Swallow Your Soul, Eat Your Children

ArsTechnica posted an interesting article about the use of HTML 5 databases for ad trafficking purpose. While the article does offer some objectivity in the form of a reasonable explanation of why ad networks track, other elements of the article seem to suggest that HTML 5 databases are somehow a greater threat to privacy than existing cookie based tracking. Here are a few examples:

We found that clearing cookies and the Safari databases still resulted in a recreation of the database with the same ID.

The nefarious behavior implied is that tracking ids stored in an HTML 5 database cannot be deleted even when clearing all cookies and databases entries. I tried, but was unable to replicate this behavior on my iPhone (Safari on my mac had no databases). Therefore I am going to guess that the sentence is simply saying that deleted first party tracking entries can be re-spawned using data stored in second party sites partnered with the advertising network (i.e. accuweather). If so, this same mechanism already exists cookie technology.

It did not, however, stop Ringleader Digital’s partner sites from recreating the cookies and Safari databases with a new persistent RLDGUID.

Again, this exists with current cookie technology and is not some sort witchcraft introduced with HTML 5 databases.

Others can do it too

Yes, other ad networks use HTML5 databases to store tracking data, just like they already do with cookies.

I don’t think the article is all bad and agree that users should be aware about how they are being tracked, but I think this article tends to take a FUD approach when a constructive argument could have been made. The real question that needs to be asked is not why and how ad networks will use HTML 5 databases to store tracking information, but rather what are the features needed by browsers to help users block them.