When you visit a web site with typical
web browser software such as Mozilla or Internet Explorer,
your software does not normally volunteer any information
that can be used to identify you directly. Your email address
is notgiven to the web server. Your web browser does hand
over the following information:
1.Your current IP address. This is the address
your computer currently has assigned to it on the Internet,
and looks like this (just an example): 10.250.55.22. When
you dial out and connect to your ISP, you are assigned a temporary
IP address, and your address typically changes again when
you call in later. Your IP address can only be used to identify
you if your ISP chooses to cooperate with the investigation,
which they may be forced to do in a legal proceeding. Under
the USA Patriot Act and the DMCA, the government can force
companies to hand over such information, and even before those
laws there were already cases of ISPs handing over such information
in response to a subpoena. Your ISP's records can be used
todetermine who called into what account at what time, and
what address was assigned to them during that time.
Some users do have "static" (unchanging)
IP addresses, which run a greater risk of revealing your identity.
2.The page you came from, known as the "referring
URL." This is a useful convenience for webmasters and
does not normally compromise your privacy, as the site still
does not know who you are. There are products available that
will block reporting of this and other information, however.
3.Miscellaneous information less important
to your privacy, such as the name of your web browser software.
4. Cookies. Web sites that wish to know whether
the same person has returned again another day have the ability
to set a user-identifying "cookie" which is recorded
by your computer. In theory, this is harmless because the
site only knows that you are the same person, returning again
-- not your name. However, the trouble begins when you give
your true identity to one site that requires cookies. Now,
that site does know your real name, and they can pass this
information to other sites you visit, which can then set a
cookie of their own to establish their own lasting awareness
of your actual identity.
These are the pieces of information that
are given out under normal circumstances. Security bugs in
your web browser software can be another source of potentially
serious privacy problems. When a serious security bug is found
in a web browser, it can be explited to run any program on
your computer.
Taking the following steps can enhance your
privacy:
Read the privacy policies of web sites before
giving them any personal information. Remember, however, that
companies can be acquired, and the acquiring company may not
be bound by the privacy policy.
Install security fixes for your browser. Always obtain these
directly from the organization that created your browser!
In the case of Microsoft Internet Explorer, make sure you
are using the free Windows Update service. In the case of
Mozilla and/or Netscape, I recommend keeping up with the latest
stable version available from mozilla.org.
Set your browser to ask first before accepting cookies. In
some cases you may need to go ahead and accept them, but most
sites will let you in without them.
Use a personal proxy server that strips out as much identifying
information as possible.
Consider using a public anonymizing proxy server. Of course,
this is not perfect. As of this writing you can find a useful
list of such proxy servers at the multiproxy and anonymous
proxy list site (warning: fairly annoying ads).
Use a proxy server shared by many members of the same organization,
giving them all the same apparent IP address; make sure this
proxy server is configured to log no information at all.
Of course, there are many other ways to compromise your privacy
on the web, but these also apply to traditional off-line businesses.
Giving your personal mailing address, email address and phone
number to a company that later goes bankrupt and sells its
assets, including its customer lists, is a common way to find
yourself on many new unwanted mailing lists.
|
