WE KNOW WHO YOU ARE, WHAT YOU LIKE, WHAT YOU EAT, WHICH BRANDS YOU DRESS WITH, YOUR FAVOURITE AUTHORS, ALL YOUR FRIENDS, YOUR RELATIONSHIPS, YOUR CONTACTS, YOUR DEPTS, SALARY, BANK ACCOUNT, AND WE EVEN KNOW YOUR DEEPEST SECRETS ;) !!! WELCOME TO THE INTERNET ERA!
Privacy, does it still mean anything within this internet era?
In the following paragraphs we will try to summarize the privacy issue related to internet vulnerabilities, tools used, policies, acts, procedures, and best practices in this regard.
Let us start by discussing the diverse risks that internet users are subject to and the various tools that different types of companies (marketing, advertising, statistics, and even government bodies) use to collect such personal information.
The first tool that comes to mind is surely the use of Cookies. “Cookies are files that Web sites place on visitors' computers that let those sites identify, authenticate and store information about individuals.” (Festa1, 2000) Having the ability to record information (it could be simply an ID) enables the website to identify the person/computer and therefore create a profile of his/hers. Such profile could include the username, password, search queries, “historical trends… usage patterns, impact of any cast distribution,” (Castro/Wessels/Fomenkov/Claffy, 2008) other visited websites, links chosen, etc…
These profiles can be further extended if the cookies contained information that related to a larger network of websites. For instance, Passport, “Microsoft's Internet-wide single sign-on service” (Grossman, 2007) (MSN, Hotmail …), or Google’s single sign-on ID to its different sites (Gmail, Blogger…), My Yahoo … all provide their proprietary company network with a vast milieu of information about the same person/user.
With such networks of information, these sites have grown tremendous ability to relate and, therefore, store information about users in their databases with the highest level of entity integrity using these single sign-on tools (and their likes).
Moreover, it seems that Microsoft (amongst others) wasn’t satisfied with all the information it already can retrieve about internet users through its IE browser: “The feature in IE 5 and above, referred to by Microsoft as "persistence," is designed to let Web pages remember information such as search queries entered by visitors.” (Festa1, 2000) that they created CardSpace.
“CardSpace, identification technology that is built into Windows Vista and is available for download for XP” (Grossman, 2007) is another type of information collection tool that can invade your privacy. Being a tool that is integrated with your operating system, it can allow even further profiling by sending information related to your offline activities such as software installations, type of computer used, other browsers installed …
However, I’d consider the email vulnerability to be the most serious of all privacy invasions. Surfing my Gmail I keep on getting advertisements that are related to the mails’ subjects I am reading. Well, that makes me wonder what kind of profile they have about me! What attributes it contains? How big it is? Does it include attachments, pictures…? How far would they go?
With such concerns, phishing scams, which “are usually perpetrated through spam e-mail messages that direct consumers to phony Web sites that are often exact replicas of legitimate Web sites and that ask for passwords and sensitive personal or financial information.” (Microsoft.com, 2004), and web bugs, “which send messages back to the sender when previewed or opened” and “can also place a cookie on the hard drive, providing the IP address for pop-up ads” (The Office of the Privacy Commissioner of Canada, 2004), become of much less importance.
Other types of intrusions come in the form of “Internet Relay Chat” (The Office of the Australian Privacy Commissioner, n.d.), “WAP gap” (Ghosh and Swaminatha, 2001) amongst other types of tools/ways where your privacy is at stake.
Of course for most web-developers, “There are a number of trackers available to help you get an idea of who is surfing your website. These trackers will record:
-- The user's IP address
-- Which ISP they use
-- What country they are located in
-- What operating system they use
-- What browser they are using
-- what page they looked at immediately prior to visiting your page” (Missy, 2002)
such trackers include Big Tracker, SiteMeter, StatCounter, etc… or simply the use of simple built-in functions in PHP, ASP,… can do the trick. Having discussed most of the tools and ways by which internet privacy is risked, let us discuss briefly the opinions regarding this issue: privacy dilemma vs. ground-breaking evolution. In some recent survey “by TNS Global on behalf of consumer privacy organization TRUSTe s almost three-quarters said that they are aware that their browsing history "may be collected" for advertising purposes.” (Cheng, 2008) Most of which, however, didn’t mind it but preferred to have “more of a say in how their information is used” (Cheng, 2008); they (91 percent) were moreover, “willing to act in one way or another to help ensure better privacy when it comes to targeted advertising if presented with the proper tools.” (Cheng, 2008)
But is that the case? "No matter how much we assure anonymity, there is still significant discomfort with the idea of tracking," TRUSTe executive director Fran Maier said in a statement.” (Cheng, 2008)
In general, “Privacy advocates don't disparage the use of cookies…, but when third-party Web sites, such as advertisers, start handing out unique identifiers that track computers from site to site, those advocates cry foul.” (Festa2, 2000) Usually such advocate cries are responded to carelessly by company executives with simple statements such as: "This feature has a trade-off, like almost every other feature on the Web--in this case, between functionality and a minor, potential privacy exposure," said Michael Wallent, product unit manager for IE at Microsoft.”(Festa1, 2000)
But if you were like Kim Cameron, wanting simply: “to re-engineer the Internet so it has what he calls an ‘identity layer’. Because: ‘There is no mechanism for knowing who you're talking to.’ ” (Grossman, 2007) Then such issues will surely fall under the category of evolution; solid one.
Now, not to take sides, I prefer to say that internet users today still have a say, they could, by following very strict rules, protect their privacy to a major extent. Many organizations were created, many policies were devised, many lists of best-practice exist (check references section for some of these). But the question is really how far are such policies being followed? How influential these organizations are? What level of privacy such practices will provide?
Finally, I believe such collection of personal information surely has some advantages when it falls in trusted hands (Microsoft.com, 2004) however the risks are big if otherwise.
References:
1. Paul Festa1, Staff Writer, CNET News (September 11, 2000 1:50 PM PDT) IE feature can track Web surfers without warning [Article-Online] Available From: http://news.cnet.com/2100-1023-245556.html
2. Sebastian Castro, Duane Wessels, Marina Fomenkov, Kimberly Claffy (October 2008)A Day at the Root of the Internet [Paper] Available From: ACM Digital Library - ACM SIGCOMM Computer Communication Review Volume 38, Number 5
3. Wendy M. Grossman (Wednesday, 16 May 2007, 3:06 PM) Microsoft man seeks to re-engineer the Web Speakers' Corner Kim Cameron, Microsoft [Article-Online] Available From: http://www.theinquirer.net/en/inquirer/news/2007/05/16/microsoft-man-seeks-to-re-engineer-the-web
4. Microsoft- REDMOND, Wash. (July 21, 2004) Microsoft Teams With National Cyber-Forensics and Training Alliance To Fight Cybercrime: NCFTA Provided With Full-Time Microsoft Analyst and More Than $46,000 in Software[Article-Online] Available from: http://www.microsoft.com/presspass/press/2004/jul04/07-21NCFTAPR.mspx
5. The Office of the Privacy Commissioner of Canada (July 25, 2004) Protecting Your Privacy on the Internet- Canada’s new privacy law: Surfing the Net can be fun and educational. [Online] Available from: http://www.privcom.gc.ca/fs-fi/02_05_d_13_e.asp
6. The Office of the Australian Privacy Commissioner (n.d.) Protecting your Privacy on the Internet [Online] Available from: http://www.privacy.gov.au/internet/internet_privacy/
7. Anup K. Ghosh and Tara M. Swaminatha (February 2001) SOFTWARE SECURITY AND PRIVACY RISKS IN MOBILE E-COMMERCE: Examining the risks in wireless computing that will likely influence the emerging m-commerce market. [Research Paper] Available from: ACM Digital Library - COMMUNICATIONS OF THE ACM /Vol. 44, No. 2.
8. “Missy” (Sep 20, 2002 14:03 PDT) identify web surfers [Online] Available from: http://answers.google.com/answers/threadview/id/67353.html
9. Jacqui Cheng (March 31, 2008 - 09:55PM CT) Web surfers know advertisers are watching—and don’t like it [Article-Online] Available from: http://arstechnica.com/news.ars/post/20080331-web-surfers-know-advertisers-are-watchingand-dont-like-it.html
10. Paul Festa2 - Staff Writer, CNET News (September 13, 2000 2:30 PM PDT) Microsoft quietly shadows Web surfers across MSN sites [Article-Online] Available From: http://news.cnet.com/2100-1023-245680.html
Posts
No comments:
Post a Comment