Key  

Collection Technologies

Key
Main
   Info About You
   Past Problems
      Usage
      Accuracy
      Access
      Profiling
   Current Trends
      Who Has Access?
      Technologies
      Use of Information
   Future Policy
      Statistics
      Case Studies
      IITF Policy
      Recommendations
   Relevant Links
   Bibliography
   About the authors

Cookies

The current buzzord when discussing fear of electronic data gathering is Cookie. This is a euphemism for the technology currently used by websites to keep track of their users. Ostensibly, the purpose of the cookie is to help the web site customize itself to the users' needs. To do this, information is copied into the cookie file of the visitor and on later visits, the site checks the cookie to see whether the user has visited before and what his or her preferences are as far as interests are concerned. Cookies can be used to determine what types of ads to show or not show to a given user, and is currently used for to handle shopping carts for online commercial services

However, cookies have a much darker potential. Although they are not currently used as trackers, they can be with only slight modification be used to keep track of all pages accessed at a certain site. Keep in mind that the site also keeps a copy of the information it sends to your computer. So, even though it is spread out around the world, cookies are a means of collecting a humongous database of information on the habits of all the people that visit a particular site. Should this be implemented with something like a net search engine, or USENET newsgroup accesses, a database can easily be compiled of a particular user's tastes and interests.

This means of tracking, however, is easily countered. The easiest solution is to use a web browser such as Mosaic that do not use cookies. Or if using Netscape 3.0 or higher, you can choose to get a prompt that allows you to choose whether a cookie is received or not. Applications like the shareware program Cookie Monster are available that automatically delete the cookie file after each browser session, or you can just choose to do that yourself. Despite the hype, cookies are not currently that much a threat to online privacy due to the limited nature of data currently transmittable. On top of this, only a very small amount of technical knowhow is required to screen out the effect of cookies.

ActiveX / JavaScript

A more insidious threat to privacy than cookies comes in the form of browser features such as ActiveX and JavaScript. Although they each have many benefits in adding functionality to web pages, such as the ability to open new windows, bring up interactive applets, and basically do much more than standard web pages, they do carry a risk. In order to do all of these interesting things, these language features require some access to system resources, which means that with sufficient hacking effort, ActiveX and JavaScript code can be used to access the information on your computer without your knowledge, and do whatever it wants with that information. A recent bug that came up with an earlier version of JavaScript allowed access to a browser's e-mail address in its preferences file, so web sites could pull your e-mail address out of your computer without any knowledge on your part. Although that bug has been fixed, the same potential remains for collection of vast amounts of user knowledge without any user notification.

Opt In / Opt Out

Another way of collecting personal information commonly used on the Internet is the use of submitted registration forms to collect information about users of a service. Although most conscientious services provide a button to check off whether you wish that information to be made available or to be used in any way other than plain registration, this is not always the case. Even with a box checked to opt out of letting the information be distributed, there is no real way to know what is going to be done with the information submitted, or who might try to steal the information in transit or even how many sites will get access to that information once the submit button is clicked.

While methods of information collection as mentioned above that occur without the user's consent are clearly immoral, they are a real problem on the Internet that can't be ignored. There are many simple steps to deal with these problems though, cookies can be denied, ActiveX and JavaScript can be disabled in the browser settings, and registration forms can be falsified, encrypted or sent only to at least somewhat reliable and accountable services. As an even more extreme means, all Internet access can be done from a service that effectively makes the user anonymous by routing through an anonymous server for web access es and e-mails. But, then the tradeoff becomes a choice between enjoying the added features and services that the technologies provide, and how much you wish to prevent the disemmination of your personal information.

Previous Sources Next