Hal Roberts writes,
I recently stumbled into a site where three chinese circumvention tools (dynaweb, gpass, firephoenix) are now publishing aggregate data and offering to sell individual data about the web browsing histories of their users. These tools together represent a big majority of the Chinese circumvention tool market, with a few million users in between them.
It's s pretty shocking finding merely that they are storing the data at all, let alone publishing and selling it. These tools are acting as virtual ISPs for their users. Selling the browsing histories of those users is like an ISP selling the browsing histories of its users, which is a big step beyond what companies like NebuAd and Phorm were / are trying to do. NebuAd and Phorm are at least adding a variety of pseudonymity and privacy layers to their tracking, whereas these tools are evidently directly storing (and selling) the full, individually identifiable browsing histories of their users. And the data about circumventing users is much more sensitive for obvious reasons than the data about most ISP users.