-
- THE trouble with computers is that they
can't help remembering all the things they're not supposed to. As you wander
around the Internet you leave a trail behind you as sites log your visits,
store details to your hard drive in the form of little files called cookies,
and try to sell you things.
-
- Those banner ads you see at the top of
many Web pages aren't always randomly chosen: the fancier ad agencies claim
to track you (without necessarily knowing your real-world identity) from
site to site, serving up ads to match your interests as reflected in your
choice of websites.
-
- If you want to see exactly how much a
website can find out about you when you arrive there, the Anonymizer site
has a page that will show you. Sites can pick up the name and address of
the host you're browsing from (usually your ISP), the operating system
and browser you're running, and the plug-ins you've got installed. If you
are esoteric enough to have configured your browser to log on to FTP sites
(about 10 per cent of users do this), the site can pick up your email address
without your typing a word.
-
- There is a remedy: the time-honoured
Net tradition of rebelling against authority. Because large numbers of
people on the Net combine a taste for privacy with technical ability, there
are plenty of tools out there to help you make it a little harder for other
people to build up a profile of you, while at the same time making your
home on the Net a much pleasanter place to be.
-
- You are, of course, giving something
up if you do this. For one thing, you make it harder for your friends to
find you. For another, advertising helps pay for the free content we consume
on the Web, and selling your information helps the bottom line of many
businesses whose products you buy. However, it's difficult for consumers
to make good decisions regarding their privacy, because often we don't
understand the consequences of giving out information. In the platinum
rush of the Internet market, privacy policies change unexpectedly when
companies change their business models or get bought out.
-
- Some of the tools developed to protect
privacy are designed to get around censorship laws and protect real-world
identities. You can debate the ethics of this, but it's important to remember
that while for us privacy is a luxury, in many parts of the world it is
essential for survival.
-
- Controlling the Web
-
- If you're a Netscape user, try Intermute,
which not only blocks ads, but stops the twin scourges of blinking and
animations, kills unwanted noises, blocks those loathesome pop-up windows,
and even lets you enable Java and Javascript on a site-by-site basis.
-
- The Anonymizer site lets you browse anonymously
by inserting itself as a protective layer between your browser and the
websites you visit, so that the site can not pick up information about
you or your computer. The service itself keeps no logs that can be examined
later. Another research project at the Bell Labs in America attempts to
improve on anonymous browsing by using a collection of proxy servers (called
"crowds") through which users redirect their inquiries; there
are logs, but the requests are randomly directed among the servers, so
you can't tell who initiated which request.
-
- Also worth looking at is Guard Dog, which
examines cookies, warns you if your email address is being sent out, and
ensures that Java applets stay in their sandbox. Or try out the Canadian
company Zero Knowledge's Freedom software, which incorporates encryption
and allows not only anonymous surfing, but blocks spam and controls cookies.
-
- Junk email
-
- Curiously, the problem many online users
think is the most pestilent, junk email, is not all that threatening to
your personal privacy. Yes, it's annoying, and yes, everyone would like
to kill the originators. But this stuff is so poorly targeted that you
can't claim the perpetrators know anything about you.
-
- Still, who needs it? To reduce the amount,
avoid using your main email address in ways that make it easy for junk
emailers to collect. That means: if you want to post to Usenet or publish
your email address on the web, use a different address from your main one,
so that the junk email will go there instead of cluttering up your primary
inbox. Set up an email address with Bigfoot, which blocks spam. On AOL,
avoid using your main screen name in chat rooms and in the system's member
directory, where it can be harvested. Use email software, such as Eudora
Pro, that incorporates rules and filtering, so you can delete junk automatically,
and either delete your email address from your browser or insert the "junk"
address.
-
- Think before you post
-
- People forget how much of what they say
online on Usenet or websites or in chats is logged somewhere. The posting
you wrote at midnight in a drunken rage may disappear off the site where
you posted it - but how many hard drives is it lurking on, waiting to embarrass
you when you announce your engagement to a Royal? Before you click the
"send" button, think: would you want your boss, your spouse,
or your taxman to read what you just wrote?
-
- On Usenet, you can prevent your postings
from being entered into the databases maintained by archive services such
as Deja News by adding the following header line:
-
- x-no-archive:yes
-
- If you really want to sever the links
between your postings and your real-world identity, you need an anonymous
remailer that allows posting to Usenet; these strip the identifying information
off your postings and replace it with generic headers that can't be so
easily traced (or, in some cases, at all).
-
- Beware registration
-
- This ought to be blindingly obvious:
you do not have to supply all the information websites ask for on registration
forms, most of the time. Most sites' forms have a mix of mandatory fields
and optional ones, but not all are careful about marking which is which.
Skip to the submit button and see what kind of error message you get. Sometimes
you'll just go through anyway; at other times the error page will tell
you exactly which fields are required. Fill those out, and no more.
-
- Surveys of Web users conducted by the
Graphics Visualization Unit at Georgia Tech show that more than half of
respondents give false information on registration forms at least occasionally.
-
- The situation is different, of course,
as soon as you start buying goods online. You can't order books from Amazon
without giving a valid shipping address, and you can't pay by credit card
without including your home address, a telephone number, and an email address
for it to confirm the order (a valuable security precaution). However,
even though you do have to supply these details, you can still limit the
amount of extra information you hand over: you do not have to fill out
the optional surveys some sites offer. Always read a site's privacy policy
carefully and decline to do business with those that don't give you a chance
to opt out of marketing schemes. Create an email address you use only for
online shopping to siphon off idiotic announcements. You can protect your
credit cards by using only one account for online shopping, and keeping
a deliberately low limit.
-
- Confidentiality
-
- One of the most important technologies
for protecting data, particularly personal email and other confidential
communications, is encryption, the art of scrambling data so it can't be
read except by the sender and the intended recipient. The best-known program
for encrypting email is PGP (for "Pretty Good Privacy"), and
it's readily available from many sources around the Net. PGP is now a commercial
product, but free, full-strength, international versions continue to be
developed, and PGP integrates reasonably conveniently with standard email
software such as Eudora. The only drawback is that both you and your correspondents
need to use it, otherwise, you're back to sending plain text across the
public networks for bored system administrators, hackers, and law enforcement
types to read.
|