Internet Privacy FAQ
Dan Wallach, Rice University
(Now translated to Belorussian!)
Whenever you consider issues of privacy, it's important to ask who wants to
learn what about whom. The risks to your security and privacy vary widely, depending
on who you consider to be the one trying to learn secrets about you.
Privacy at Work
- What can my employer learn about net surfing behavior?
- In general, your Internet connection to the outside world from your desktop
machine is completely controlled by your employer. This means they have the
technical means to observe each and every Web page you visit as well as read
each and every e-mail you send and receive. If you have hobbies or personal
activities that you would rather your employer didn't know about, then don't
do them at work.
- Isn't it illegal for my employer to listen in like this?
- Good question. Many employers consider the fact that you're using their
computers and their connection to imply they have a right to say how you can
use them. Other employers grant you a measure of privacy, but you still have
no intrinsic right to privacy (although laws vary from state to state on this).
- I separate my work and private e-mail by using a free e-mail service,
such as GMail, HotMail or Yahoo! Mail. Is that good enough?
- As above, if you're viewing it on your computer at work, your employer could
potentially see it. It's generally a good idea to keep your work and personal
identities separate. Especially if you post to Usenet newsgroups, blogs, or
whatnot, it can be beneficial to post from a more generic account, and perhaps
not with your real name. This helps you avoid the need to add the typical
``I speak only for myself, not my employer'' disclaimer.
- I am an employer. Should I monitor my employees?
- When in doubt, contact a lawyer. An important consideration is how aggressive
you want to be with your monitoring. If you install a commercial product that
attempts to filter ``objectionable'' content from your employees, you start
to put yourself into a legal grey area. If you explicitly ban some Web sites,
then you're implicitly endorsing the rest. If you only allow good sites and
ban everything else, you make it difficult for your employees to use the web
as the general-purpose problem-solving resource that it is. If you explicitly
watch over the shoulders of your employees, you could well be sued over something
that you missed. Conversely, if you treat your employees like adults and trust
their own discretion, you may be able to assume a ``common carrier'' style
of defense. You can't sue the phone company because somebody is making harassing
phone calls to you over their lines.
Privacy While Surfing the Web
- What's the deal with cookies?
- Cookies are a way that a Web site can tag you with a unique number. The
next time you visit, they get that number back and can recall who you were.
Many popular Web sites use cookies for perfectly benign purposes. Cookies
get trickier when they are used across Web sites. All of the online advertising
companies do this sort of thing. When a Web site wants to have advertisements,
they include an image that is loaded from the advertiser rather than from
their own Web site. Now, the advertiser can potentially track all the
Web sites you've visited, and customized advertisements just for you.
- As an example, let's say you have a new baby. You start surfing to various
Web sites to learn about products for your child. Although you never explicitly
told anyone about your child, the advertiser might assume you have
a new baby because you've visited certain kinds of sites, and they they might
feed you baby-related advertising anywhere you surf. While this example
doesn't sound too bad, imagine if somebody borrows your computer and visits
some X-rated Web sites.
- That sounds pretty bad, but they still don't know who I am in real life,
right?
- If, at any point, you visit a Web site and buy something with a credit card,
giving them your real name and address, and that Web site feeds your
name and address to the advertiser, now your online activities can be tied
to your real-world identity.
- That should be illegal.
- But it isn't. Europe generally has much stronger privacy laws than we do,
and Web sites that want to sell products in Europe generally have to follow
the stronger European regulations. Still, you have very little legal basis
to complain about all this information gathering unless a company's behavior
is contradicting any policy it may have posted in public.
- Well, I'll forget the Web and just do my thing in the real world.
- Although they're not called cookies, the real world has all the same problems.
When you fill out a product registration card or send in for a rebate, you're
putting your name on that product vendor's mailing list. When you buy a house,
your name and address are a matter of public record, and you'll start receiving
mail to sell you all the things a new house needs (a security system, window
blinds, yard service, etc.). Every time you buy something with your credit
card (or one of those loyalty coupon cards at the supermarket), all that information
can potentially be attributed back to you at a later date. My cable TV company
asked for my social security number before they would hook me up. What do
you suppose they plan to do with it? At least with the online world, you can
take steps to preserve your privacy. In the real world, pretty much the only
thing you can do is pay cash, which isn't always possible. (In fact, after
having a baby and buying baby products at the supermarket, their automated
coupon machine is regularly offering me baby formula coupons, even if I'm
not purchasing any baby products on a given shopping trip. For the loyalty
card, the supermarket asked me for my address. Are all the baby product mailings
I get a result of this? Who knows?)
- How can I only do business with vendors that respect my privacy?
- Read their privacy policies. Virtually all online vendors have privacy policies
these days. For a good example, read the privacy
policy of Intuit. Intuit makes a clear difference between data that can
be identified with your name and data that they collect for aggregate statistics
only. For an example of a more dodgy policy, here's an excerpt from a defunct
dot-com company:
[Defunct company] does not sell, rent, or trade your personal
information with others. However, when one or more of our business partners
co-sponsor a service, promotion and/or contest, we may share some or all
of the information collected in connection with such service, promotion
or contest with the co-sponsor(s).
So, they don't give out your personal information except when they feel like
giving it to a business partner. That's not very reassuring.
- How can I take my privacy into my own hands with these Web sites?
- Many of these sites will ask you for your name, your e-mail address, and
various demographic information about you (your income level, your age, etc.).
Lie. Make up numbers. Make up a fake e-mail address. Unless you believe the
Web site is giving you something specific for which they need to know your
income (e.g., tax advice), then you can tell them anything you want. Unless
you want to receive e-mail from the Web site (e.g., Amazon.com will
e-mail you to say your shipment has been delayed), then make up an address
(although try to be careful to make sure it's not actually somebody else's
valid e-mail address). If a web site wants an email address to verify who
you are, perhaps for a password to sign in, you can always make yourself a
secondary account with one of the web mail providers.
- Also, as a side note, if you receive a spam message that includes some
kind of ``send e-mail to remove@CompleteIdiotsRUs.com to remove yourself'',
don't do it. All you're doing there is telling them that you have a valid
e-mail address and you'll get more junk later from them. For more information
about spam, visit the Coalition Against Unsolicited
Commercial E-mail.
- What about reconfiguring my browser to increase my privacy?
- There are a number of things you can do to improve your browsing experience.
I'm going to describe what I do for my browser. Firefox and many other
browsers allow you to configure your browser to accept cookies only from the
originating Web site (see the image, below).
You can get to this dialog box from the Tools -> Options... menu item.
You'll notice I've checked the middle option under "Cookies". This options
defeats some kinds of third-party tracking. The "ask me every time"
option gives you a dialog box every time a cookie is set and gives you the
chance to say "no". If you were visiting, for example, myspace.com
and got the example below, it's probably a legitimate MySpace cookie, so you'd
want to allow it. If you got something unrelated, you'd probably want to deny
it.
-
- A more aggressive option is to install the AdBlock
plugin for Firefox. AdBlock is a reason, all by itself, to use Firefox instead
of any other browser. For most advertisements on web pages, you can right-click,
scroll down to "AdBlock Image" and you'll get a dialog box like
this:
-
- You were visiting MySpace and this advertisement is clearly coming from
somewhere else. You could replace everything after "overture.com"
with an asterisk (*) and hit "okay". Then, no matter where you visit,
ads from Overture would simply not appear on the page. Even better, you can
hit Control-Shift-A (or select Tools -> Adblock -> List
All Elements) and get this gem:
-
- Now, you can see everything inside your web page, including the bits that
were removed by AdBlock. The ads that were removed are highlighted in red.
In addition to removing advertisements from Web pages and making your pages
load faster, AdBlock also effectively filtering out many of the cookies used
by advertising companies. If they can't get their advertisements into your
browser, they can't get their cookies there, either. AdBlock isn't perfect,
but it's well worth the effort to learn it. (Incidentally, if you accidentally
block something that you actually want, you can go to the main screen and
delete it from the list.)
-
Other risks?
- I'm worried about the government knowing what I'm doing.
- Prior to 9/11 and the PATRIOT Act, I would have said that the government
is the least of your worries (at least in the United States). Certainly, the
private sector keeps an awful lot information about U.S. residents. More recently,
many people have legitimate concerns about unwarranted wiretaps, among other
issues. Still, if you really want to prevent the full force of America's clandestine
spying apparatus from watching over your shoulder, you're going to need more
help than I can offer you here.
- I'm worried about the privacy of my health information.
- And so are a lot of other people, especially with today's HMOs' and insurance
companies' penny pinching. There's not a lot you can do about it, but they
are starting to take privacy seriously.
- I'm worried ``hackers'' will mess with me or my computer. (Or) I'm scared
``hackers'' will steal my credit card number.
- Probably the most serious risk these days is that hackers might break into
a Web site where you've purchased a product and will be able to steal your
credit card number. Note that this attack has absolutely nothing to do whether
your conversation with the Web site was encrypted or not. That only protects
the data from ``eavesdroppers''. Once a Web site has your credit card and
stores it on their computer, the encryption is long since decrypted. The only
good general advice is to only do business with larger and more established
sites. Because they have more to loose, they spend more effort protecting
their sites. Also, keep in mind that most credit cards offer a zero-deductible
for any Internet-related fraud. You should always read your monthly credit
card statements, and you should challenge any charges that you did not make.
Unless an online vendor can prove that they really did business with you,
they have to eat the loss.
Further information
There are a lot of documents out there that try to cover this topic. If you
want a picture of just how bad privacy could become and why it's important to
actively do something about it, I heartily recommend reading Database
Nation, by Simson Garfinkel (O'Reilly & Associates, January 2000).
Privacy isn't just about hiding things. It's about self-possession,
autonomy, and integrity. As we move into the computerized world of the twenty-first
century, privacy will be one of our most important civil rights...
- It's not about the man who wants to watch pornography in complete anonymity
over the Internet. It's about the woman who's afraid to use the Internet
to organize her community against a proposed toxic dump - afraid because
the dump's investors are sure to dig through her past if she becomes too
much of a nuisance.
- It's not about people speeding on the nation's highways who get automatically
generated tickets mailed to them thanks to a computerized speeding trap.
It's about lovers who will take less joy in walking around city streets
or visiting stores because they know they're being photographed by surveillance
cameras everywhere they step.
- It's not about the special prosecutors who leave no stone unturned in
their search for corruption or political misdeeds. It's about good, upstanding
citizens who are now refusing to enter public service because they don't
want a bloodthirsty press rummaging through their old school reports, computerized
medical records, and email.
- It's not about the searches, metal detectors, and inquisitions that have
become a routine part of our daily lives at airports, schools, and federal
buildings. It's about a society that views law-abiding citizens as potential
terrorists, yet does little to effectively protect its citizens from the
real threats to their safety.
- Database Nation, Simson Garfinkel (quote used with permission)
Some good links
- CookieCentral
- General information about cookies, how they're used, and pointers to a number
of utilities to help you manage your cookies.
- EPIC, EFF,
ACLU
- There are a number of political organizations that concern themselves with
your privacy. They're worth supporting.
Dan Wallach, CS
Department, Rice University
Last modified:
Tue 21-Feb-2006 13:23