With each passing day commercial interests seem to find new ways to harness the tools on which the web was built.

Policy initiatives such as the US’s now-defunct SOPA and in-progress CISPA now involve the sharing our online activities, raising the ire of groups from Anonymous to Wikipedia. There is, it seems, a never-ending battle to keep the internet free and open – a battle that’s becoming increasingly hard to ignore.

According to Google co-founder Sergey Brin, the stakes for the open web have never been higher. So it may come as no surprise the net’s next great threat is occurring not in the dark but right out in the open – via the appropriation of the hyperlink.

Companies have taken the thing we use to share as well as go places online and combined it with the opportunistically-purchased top-level domains of whatever countries whose domains happen to spell or sound-out something convenient.

Brands, companies and capitalism have existed on the internet since its inception, but are moving ever-more quickly for control. Apple notoriously protects its content and applications inside a “walled garden”.

Facebook does much the same by selectively separating the participation of its 800m users from the rest of the web.

While there’s little doubt capital investment is part of what’s made the internet a global success, there’s a new trick in town.

It’s called url shortening.

From .me .to .eu

Largely through the creative implementation of top-level domains of countries, short urls can mimic certain verbs and language signifiers. Whether it’s Tonga’s .to, Columbia’s .co or Montenegro’s .me, short urls – not unlike the Twitter #hashtag – are both a product of the age of text-speak and an adaptation to the constraints of 140 characters.

It began in 2002 with services such as tinyurl and bit.ly, expanding in 2009 to Facebook’s (fb.me), YouTube’s (youtu.be) and Google’s goo.gl. Now branded urls such as cokeurl.com are “just one way [companies] are “making happiness easier to share”.

In most cases “short urls” act like a typical hyperlink, save for a few characters, preserving valuable space. Yet these diminutive links represent a significant shift in the monitoring of our online activities.

The increasingly ubiquitous short url goes where no url has gone before, existing in a space that’s “neither public nor private”. And for precisely this reason it represents the next frontier as far as online tracking and privacy are concerned.

Twitter’s now mandatory t.co url wrapper demonstrates the sort of impact forced adoption of a url shortener on a social network can wield.

A cookie you can’t decline

On the one hand, t.co allows Twitter to check shared links against known malicious sites and notify users who attempt navigate to them, a service already provided by most modern web browsers.

At the same time, it allows Twitter to track the activities between users and the links they share – effectively into perpetuity. In this regard, short urls are the “new cookies”, a monumental development of the hyperlink in the sense they “survive the share”.

But there’s no need to panic just yet. Twitter, for example, is using t.co to analyse shared links on its service in aggregate to better understand what’s popular on Twitter for its new “Discovery” feature. This is a good thing for Twitter’s users.

Outbound link tracking, as Search Engine Land’s Danny Sullivan notes in a recent conversation, is nothing new. Sullivan concedes that are privacy issues, but these are relatively minor as he believes “most people share publicly” on Twitter.

It’s still somewhat problematic, though: how can short urls be neither private nor public? Would it be more appropriate to call them both? And what about short urls which we share in other, semi-public contexts?

When we click on a short url online, we’re being tracked — whether we like it or not. And unlike a hyperlink, it’s not just when we arrive to a site: with short urls, we’re tracked on our way to that site by a third party.

Companies have always been able to collect data related to what we share online, but short urls fill in the missing pieces: whom we share with, who’s paying attention to what we share, and how our connections arrive to what we share.

Disposable digital geography

It’s not just privacy that’s a concern here: there’s also the issue of cultural appropriation. Commercial interests, via short urls, now ironically use so-called “vanity domains” through arrangements with countries such as Columbia – .co – Montenegro – .me – and Tonga – .to – to push the limits of data collection and analytical tracking.

We could call the actions of large, mostly Western media organisations using the online “identities” of less affluent countries at their disposal open-source hijacking or even digital neocolonialism. They are capitalising on their users' activities by appropriating the hyperlink, a core function of the open web.

There is even a debate whether the use of domains for countries like Libya – .ly – is ethical or not.

The European Union seems to be well aware of the implications of this digital identity crisis, protecting its .eu domain as a “European Identity”. Advocate General Verica Trstenjak recently stated that only organisations “established in the EU can register trademarks … within the .eu domain”. Companies outside of the trading area cannot negotiate with agencies based within the union to register .eu domain names on their behalf.

While not entirely exploitative – by selling their top-level domains many countries generate substantial revenue which would otherwise not be possible – perhaps it is what might best be referred to as capit.url.ism.