I came across this call for proposals for "Ideas For a Better Internet" today. A group of Stanford and Harvard Law and Computer Science group are soliciting submissions on ways to "make the Internet more secure, more accessible, more open, or just plain better" -- and then they're going to try to make the best ideas happen!
I'd encourage every who has any ideas to jot them down and send them in (it's only 350 words max). It's a great opportunity to hopefully get a couple innovative projects off the ground.
I have one recent idea on this front -- I think many benefits could be realized by middleman ISP's taking a more active role in privacy protection. Here's what I submitted:
Recent innovations in web browsers such as Firefox and Internet Explorer are starting to address some of the growing obstacles facing privacy on the internet. Regulatory possibilities, such as a do-not-track protocol that relies on advertising agencies respecting users' privacy wishes, may also help mitigate increasing concerns. However, some of the best privacy protections might come from the middleman -- ISPs.
A few examples of privacy protections that could be implemented at the ISP-level are as follows:
Removal or falsification of geodetic information from any images uploaded
Removal of "tracking" information, such as third-party cookies by advertising agencies (perhaps through the use of a community-maintained filter list)
Automatic redirection to HTTPS services, where supported
The major benefit of this approach from a technological perspective is the inherent platform independence (from the perspective of an internet customers). With the proliferation of alternative web browsers such as those on mobile devices, it is not always possible for users to take advantage of browser-based privacy protections. An ISP-based solution would work for all devices.
ISP-level solutions are also advantageous from a policy perspective. Conflicts of interest often arise in the actual implementation of browser-based tools. For example, Microsoft owns a subsidiary advertising agency, which may already have resulted in watered down privacy protections in IE.
If there is ever to be regulation of privacy, ISPs are also the ideal candidate to bring legal requirements to fruition. Whereas jurisdiction will always be an issue for browser software developers and for advertising companies, who can be located anywhere in the world, an ISP is always local to the jurisdiction of the internet user.
As far as implementation goes, ISP-level filtering would involve a web-based interface and underlying filtering/firewalling technologies (which could be based off of existing client-level solutions). It may also be possible to leverage existing filtering technologies already used by ISPs for traffic shaping.
If implemented, this will be advantageous over existing privacy technologies in its platform compatibility, the lower level of conflicts of interest, and the feasibility of regulatory enforcement.