Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, providing to third-parties, and displaying of information pertaining to oneself via the Internet. Privacy can entail both Personally Identifying Information (PII) or non-PII information such as a site visitor’s behavior on a website. PII refers to any information that can be used to identify an individual. For example, age and physical address alone could identify who an individual is without explicitly disclosing their name, as these two factors are unique enough to typically identify a specific person.

Internet privacy forms a subset of [5]

Contents

Levels of privacy

People with only a casual concern for Internet privacy need not achieve total personally-identifiable information (P.I.I.) of the Internet user. In order to keep their information private, people need to be careful on what they submit and look at online. When filling out forms and buying merchandise, that becomes tracked and because the information was not private, companies are now sending Internet users spam and advertising on similar products.

There are many ways to protect individuals and their finances over the Internet, especially in dealing with investments. To ensure safety, meet with a broker in person or over the phone, to know a real person is dealing with the individual’s money. Second, ask questions. If the person on the phone seems uninterested, this is a red flag and should tell the individual that this individual is to not be trusted. Thirdly, protect all personal information. Refrain from giving out full name, address, or any other personal information that could be used to easily access your finances. Only give the information if shown that the company and the individual are legitimate. Do not ask for an e-mail with a finance statement. A written copy shows that individuals are not dealing with hackers. Lastly, investigate about the company individuals are investing with.[6]

There are also many government groups that protect our privacy and be safe on the Internet. The Federal Trade Commission (FTC) stresses that protecting individual’s social security number while dealing with things on the Internet is very important. Pay attention to the trash and e-mails that are received from the Internet. Hackers can easily access these important e-mails. Make difficult passwords so not just anyone can easily access information. Verify the sources to make sure they are safe and okay to give personal information. The Internet Crime Complaint Center (IC3) works in a partnership with the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) to help and receive criminal complaints related to the Internet. The US Department of State has a mission to reduce the crime on the Internet internationally. An example of this would be scams that happen from different countries on the Internet.[7]

Posting things on the Internet can be harmful to individuals. The information posted on the Internet is permanent. This includes comments written on blogs, pictures, and Internet sites, such as Facebook and Twitter. It is absorbed into cyberspace and once it is posted, anyone can find it and read it. This action can come back and hurt people in the long run when applying for jobs or having someone find person information.[8]

Risks to Internet privacy

In today’s technological world, millions of individuals are subject to privacy threats. Companies are hired not only to watch what individuals visit online, but to infiltrate the information and send advertising based on your browsing history. People set up accounts for Facebook as well as entering bank and credit card information to various websites.

Those concerned about Internet privacy often cite a number of privacy risks — events that can compromise privacy — which may be encountered through Internet use.[9] These methods of compromise can range from the gathering of statistics on users, to more malicious acts such as the spreading of spyware and various forms of bugs (software errors) exploitation.

Privacy measures are provided on several social networking sites to try to provide their users with protection for their personal information. On Facebook for example privacy settings are available for all registered users. The settings available on Facebook include the ability to block certain individuals from seeing your profile, the ability to choose your “friends,” and the ability to limit who has access to your pictures and videos. Privacy settings are also available on other social networking sites such as Google Plus and Twitter. It is the user’s prerogative to apply such settings when providing personal information on the internet.

In late 2007 Facebook launched the Beacon program where user rental records were released on the public for friends to see. Many people were enraged by this breach in privacy, and the Lane v. Facebook, Inc. case ensued.

Children and adolescents are very susceptible to misusing the Internet and ultimately risking their privacy. There is a growing concern among parents whose children are now starting to use Facebook and other social media sites on a daily basis. Website information collection practices is another growing concern as young individuals are more vulnerable and unaware of the fact that all of their information and browsing can and may be tracked while visiting a particular site. Individuals who use the Internet have to realize that they must play a role in protecting their own privacy. They must be informed about all of the risks involved while surfing the Internet and browsing. For example, if on Twitter, threats include shortened links that lead you to potentially harmful places. When you are in your e-mail inbox threats include email scams and attachments that get you to install malware and give up personal info. If on Torrent sites the threat includes malware hiding in video, music, and software downloads, and even while using your smartphone threats include geolocation, meaning that your phone can detect where you are and post it online for all to see. Certain measures that consumers are called to act upon include: updating virus protection, mind security settings, download patches, install firewalls, screen e-mail, shut down spyware, control cookies, deploy encryption, fend off browser hijackers, and block all pop-ups.[11]

The main concern that most people have with the options listed above are that they have no idea how to go about doing any of these things to ensure full protection. How can the average consumer who knows nothing about all of the security settings on their computer be expected to know how to run their own network security? This is a tough issue that most people hire professionals to take care of but one that most people should learn to research more about and take the time to increase their understanding of.[12]

In 1998, the Federal Trade Commission took into account the lack of privacy of children on the Internet, which resulted in the creation of the Children Online Privacy Protection Act (COPPA). COPPA limits the options gather information from children and created warning labels if potential harmful information or content was presented. In 2000, CIPA (Children’s Internet Protection Act) was developed to implement safe Internet policies such rules, and filter software. Aside from the creation of legislation, the awareness campaigns, parental and adult supervision strategies and Internet filters are alternatives in creating a safer Internet environment for children across the world.[13]

HTTP cookies

An HTTP cookie is data stored on a user’s computer that assists in automated access to websites or web features, or other state information required in complex web sites. It may also be used for user-tracking by storing special usage history data in a cookie, and such cookies—for example, those used by Google Analytics—are called tracking cookies. Cookies are a common concern in the field of Internet privacy. Although website developers most commonly use cookies for legitimate technical purposes, cases of abuse occur. In 2009, two researchers noted that social networking profiles could be connected to cookies, allowing the social networking profile to be connected to browsing habits.[14]

In the past, web sites have not generally made the user explicitly aware of the storing of cookies, however tracking cookies and especially third-party tracking cookies are commonly used as ways to compile long-term records of individuals’ browsing histories — a Flash cookies and zombie cookies, but modern browsers and anti-malware software can now block or detect and remove such cookies.

The original developers of cookies intended that only the website that originally distributed cookies to users so they could retrieve them, therefore returning only data already possessed by the website. However, in practice programmers can circumvent this restriction. Possible consequences include:

  • the placing of a personally-identifiable tag in a browser to facilitate web profiling (see below), or,
  • use of cross-site scripting or other techniques to steal information from a user’s cookies.

Cookies do have benefits that many people may not know. One benefit is that for websites that you frequently visit that requires a password, cookies make it so you do not have to sign in every time. A cookie can also track your preferences to show you websites that might interest you. Cookies make more websites free to use without any type of payment. Some of these benefits are also seen as negative. For example, one of the most common ways of theft is hackers taking your user name and password that a cookie saves. While a lot of sites are free, they have to make a profit some how so they sell their space to advertisers. These ads, which are personalized to your likes, can often freeze your computer or cause annoyance. Cookies are mostly harmless except for third-party cookies.[17] These cookies are not made by the website itself, but by web banner advertising companies. These third-party cookies are so dangerous because they take the same information that regular cookies do, such as browsing habits and frequently visited websites, but then they give out this information to other companies.

Cookies are often associated with pop-up windows because these windows are often, but not always, tailored to a person’s preferences. These windows are an irritation because they are often hard to close out of because the close button is strategically hidden in an unlikely part of the screen. In the worst cases, these pop-up ads can take over the screen and while trying to exit out of it, can take you to another unwanted website.

Cookies are seen so negatively because they are not understood and go unnoticed while someone is simply surfing the Internet. The idea that every move you make while on the Internet is being watched, would frighten most users.[18]

Some users choose to disable cookies in their web browsers.[19] Such an action eliminates the potential privacy risks, but may severely limit or prevent the functionality of many websites. All significant web browsers have this disabling ability built-in, with no external program required. As an alternative, users may frequently delete any stored cookies. Some browsers (such as Mozilla Firefox and Opera) offer the option to clear cookies automatically whenever the user closes the browser. A third option involves allowing cookies in general, but preventing their abuse. There are also a host of wrapper applications that will redirect cookies and cache data to some other location.

The process of profiling (also known as “tracking”) assembles and analyzes several events, each attributable to a single originating entity, in order to gain information (especially patterns of activity) relating to the originating entity. Some organizations engage in the profiling of people’s web browsing, collecting the URLs of sites visited. The resulting profiles can potentially link with information that personally identifies the individual who did the browsing.

Some web-oriented marketing-research organizations may use this practice legitimately, for example: in order to construct profiles of ‘typical Internet users’. Such profiles, which describe average trends of large groups of Internet users rather than of actual individuals, can then prove useful for market analysis. Although the aggregate data does not constitute a privacy violation, some people believe that the initial profiling does.

Profiling becomes a more contentious privacy issue when data-matching associates the profile of an individual with personally-identifiable information of the individual.

Governments and organizations may set up honeypot websites – featuring controversial topics – with the purpose of attracting and tracking unwary people. This constitutes a potential danger for individuals.

Flash cookies

When some users choose to disable http cookies to reduce privacy risks as noted, new types of cookies were invented: since cookies are advertisers main way of targeting potential customers, and some customers were deleting cookies, some advertisers started to use persistent Flash cookies and [21] However, modern browsers and anti-malware software can now block or detect and remove such cookies.

Flash cookies, also known as Local Shared Objects, work the same ways as normal cookies and are used by the Adobe Flash Player to store information at the user’s computer. They exhibit a similar privacy risk as normal cookies, but are not as easily blocked, meaning that the option in most browsers to not accept cookies does not affect Flash cookies. One way to view and control them is with browser extensions or add-ons. Flash cookies are unlike HTTP cookies in a sense that they are not transferred from the client back to the server. Web browsers read and write these cookies and can track any data by web usage.[22]

Although browsers such as Internet Explorer 8 and Firefox 3 have added a ‘Privacy Browsing’ setting, they still allow Flash cookies to track the user and operate fully. However, the Flash player browser plugin can be disabled[26]

Evercookies

zombie cookie. However, modern browsers and anti-malware software can now block or detect and remove such cookies.

Anti-fraud uses

Some anti-fraud companies have realized the potential of evercookies to protect against and catch cyber criminals. These companies already hide small files in several places on the perpetrators computer but hackers can usually easily get rid of these. The advantage to evercookies is clear; not only do they resist deletion completely they can also rebuild themselves. One such company is Iovation Inc. Iovation Inc. testing this technology as a way to help e-commerce companies detect which customers are good and which are potential fraudsters.[29]

Advertising uses

There is controversy over where the line should be drawn on the use of this technology. Cookies store unique identifiers on a persons computer that are used to predict what you want. Many advertisement companies want to use this technology to track what their customers are looking at online. Evercookies enable advertisers to continue to track a customer regardless of if you delete your cookies or not. Some companies are already using this technology but the ethics are still being widely debated.

Criticism

Anonymizer nevercookies are part of a free Firefox plugin that protects against evercookies. This plugin extends Firefox’s private browsing mode so that users will be completely protected from evercookies.[30] Nevercookies eliminate the entire manual deletion process while keeping the cookies users want like browsing history and saved account information.

Device fingerprinting

[31] this technology will help not only the companies at risk but the people who are unaware their computers are being used.

It is difficult to surf the web without being tracked by device fingerprinting today. However, for people who do not want device fingerprinting, there are ways to attempt to block fingerprinting. The only ways to stop device fingerprinting cause web browsing be to very slow and websites to display information incorrectly. “There are not convenient options for privacy when it comes to device fingerprinting” said Peter Eckersely a staff scientist at the Electronic Frontier Foundation and privacy-advocacy group. Trying to avoid device fingerprinting is mostly just impractical and inconvenient. Fingerprints are tough to avoid because they are taken from data that are routinely passed from computers to websites automatically. Even if someone changes something slightly, the fingerprinters can still recognize the machine. There is one way to figure out that a device is being fingerprinted. The software JavaScript can be used to collect fingerprinting data. If it asks a browser for specific information, that could be a clue that a fingerprinter is working. Companies that are most known for conducting fingerprinting are advertisers.[32]

Advanced Detection Analysis & Predator Tracking (A.D.A.P.T.)

‘ ‘Sentinel Tech Holding Corp’ ‘ , Sentinel Advanced Detection Analysis & Predator Tracking (A.D.A.P.T.), April 26, 2012

Sentinel is an Internet security program that focuses on safety in social communications online. Advanced Detection Analysis & Predator Tracking (A.D.A.P.T.) is one of their device fingerprinting technologies. This technology differentiates between legitimate and unsafe devices that are on a website at any given time. A.D.A.P.T. differentiates between legitimate and illegitimate devices by using device-fingerprinting technology. This way, even if someone is logging on to the website from the same account, if they are using a separate device, A.D.A.P.T. assigns a different fingerprint to that device. “A.D.A.P.T. has the capability of differentiating between 1.461 quindecillion (1048th) unique device fingerprints.” [33] By doing this, A.D.A.P.T. can stop illegitimate devices from accessing information on the website without taking any personal information from the user.

A.D.A.P.T. uses only HTTP and JavaScript to identify the device. It makes an accurate “fingerprint” of the device by using many different pieces of information including, operating system, browser, and PC characteristics. A.D.A.P.T. is concealed in that the user of the device has no idea that they are being “fingerprinted.” A.D.A.P.T. is a surveillance system so there is no actually tagging of the device.[33]

A.D.A.P.T. has two main features. The first is called A.D.A.P.T. DiffTM. This allows for the assessment of two different PC fingerprints to decide if this is a separate device than the one it is similar to, or if an upgraded version of a previous device. Sentinel copyrights this type of technology. The second feature is TimeDiff Linking (TDL). This feature uses time difference between the device and the server to determine if the device is legitimate.[33]

Tips For Privacy

Clean Out Old Accounts By:

Create New Passwords: Try and use creative, different, strong passwords for all accounts you use. Be sure to use different passwords for each account so if one is compromised the rest are safe. Also, always include a variety of letters, numbers, different cases, and symbols. [34]
Close Unnecessary Accounts: Having accounts that are unused are a liability due to hackers that can take advantage and infiltrate even more of your accounts. You should always try and get rid of them if possible to insure your complete safety and privacy. [35]
Shorten Your Internet Friends List: Since many internet users include a lot of important information about themselves online it is important to regulate who can see this. It is smart to only be friends with people you personally know and trust and delete the rest.
Go Paperless: We are mailed countless important documents, like bank statements or doctors bills, that can contain very private information such as social security numbers. If someone were to get ahold of this it could be devastating. So, in every way possible try and go paperless and manage your records online. [36]

Photographs on the Internet

 

 

‘No photos’ tag at Wikimania

Today many people have digital cameras and post their photographs online. The people depicted in these photos might not want to have them appear on the Internet.

Some organizations attempt to respond to this privacy-related concern. For example, the 2005 Wikimania conference required that photographers have the prior permission of the people in their pictures. Some people wore a ‘no photos’ tag to indicate they would prefer not to have their photo taken.[citation needed]

The Harvard Law Review published a short piece called “In The Face of Danger: Facial Recognition and Privacy Law,” much of it explaining how “privacy law, in its current form, is of no help to those unwillingly tagged.”[39]

Face recognition technology can be used to gain access to a person’s private data, according to a new study. Researchers at Carnegie Mellon University combined image scanning, cloud computing and public profiles from social network sites to identify individuals in the offline world. Data captured even included a user’s social security number.[41] Since these technologies are widely available, our future identities may become exposed to anyone with a smartphone and an Internet connection. Researchers believe this could force us to reconsider our future attitudes to privacy.

Google Street View

[44] But as the case of the Swiss politician illustrates, even supposedly compelling photographic evidence is sometimes subject to gross misinterpretation. This example further suggests that Google Street View may provide opportunities for privacy infringement and harassment through public dissemination of the photographs. Google Street View does, however, blur or remove photographs of individuals and private property from image frames if the individuals request further blurring and/or removal of the images. This request can be submitted for review through the “report a problem” button that is located on the bottom left hand side of every image window on Google Street View.

Search engines

Search engines have the ability to track a user’s searches. Personal information can be revealed through searches including search items used, the time of the search, and more. Search engines have claimed a necessity to retain such information in order to provide better services, protect against security pressure, and protect against fraud.[46]

Search engines also are able to retain user information such as location and the time spent using the search engine for up to ninety days. Most of the data retained by operators of the search engines use the data to get a sense of where needs must be met in certain areas of their field. People working in the legal field are also allowed to use information collected from these search engine websites. The Google search engine is given as an example to a search engine that retains the information entered for a period of three fourths of year before it becomes obsolete for public usage. Yahoo! follows in the footsteps of Google in the sense that it also deletes user information after a period of ninety days. Other search engines such as Ask! search engine has promoted a tool of “AskEraser” which essentially takes away personal information when requested.[49]

Google had publicly stated on January 24, 2012, that its privacy policy will once again be altered. This new policy will change the following for its users: (1) the privacy policy will become shorter and easier to comprehend and (2) the information that users provide will be used in more ways than it is presently being used. The goal of Google is to make users’ experiences better than they currently are.[50]

This new privacy policy is planned to come into effect on March 1, 2012. Peter Fleischer, the Global Privacy Counselor for Google, has explained that if a person is logged into his/her Google account, and only if he/she is logged in, information will be gathered from multiple Google services in which he/she has used in order to be more accommodating. Google’s new privacy policy will combine all data used on Google’s search engines (i.e., YouTube and Gmail) in order to work along the lines of a person’s interests. A person, in effect, will be able to find what he/she wants at a more efficient rate because all searched information during times of login will help to narrow down new search results.[51]

Google’s privacy policy explains information they collect and why they collect it, how they use the information, and how to access and update information. Google will collect information to better service its users such as their language, which ads they find useful or people that are important to them online. Google announces they will use this information to provide, maintain, protect Google and its users. The information Google uses will give users more relevant search results and advertisements. The new privacy policy explains that Google can use shared information on one service in other Google services from people who have an a Google account and are logged in. Google will treat a user as a single user across all of their products. Google claims the new privacy policy will benefit its users by being simpler. Google will for example be able to correct the spelling of a user’s friend’s name in a Google search or notify a user they are late based on their calendar and current location. Even though Google is updating their privacy policy, it’s core privacy guidelines will not change. For example, Google does not sell personal information or share it externally.[52]

Google’s new privacy policy raises many concerns and issues for users and public officials. The main concern/issue involves the sharing of data from multiple sources. Because this policy gathers all information and data searched from multiple engines when logged in to Google, and uses it to help assist users, privacy becomes an important element. Public officials and Google account users are worried about online safety because of all this information being gathered from multiple sources.[53]

Some users do not like the overlapping privacy policy, wishing to keep the service of Google separate. The update to Google’s privacy policy has alarmed both public and private sectors. The European Union has asked Google to delay the onset of the new privacy policy in order to ensure that it does not violate E.U. law. This move is in accordance with other foreign nation’s, where surveillance is scrutinized more heavily, objections to decreasing online privacy.[56]

An additional feature of concern to the new Google privacy policy is the nature of the policy. One must accept all features or delete existing Google accounts.[59]

Some solutions to being able to protect user privacy on the Internet can include programs such as “Rapleaf” which is a website that has a search engine that allows users to make all your search information and personal information private. Other websites that also give this option to their users are Facebook and Amazon.[60] Other search engines such as DuckDuckGo don’t store personal information. Scroogle anonymized Google searches from 2002–2012.

Privacy issues of social networking sites

The advent of the MySpace. These social networking sites have seen a boom in their popularity starting from the late 2000s. Through these websites many people are giving their personal information out on the internet.

These search warrant.

Internet service providers

Internet users obtain Internet access through an Internet service provider (ISP). All data transmitted to and from users must pass through the ISP. Thus, an ISP has the potential to observe users’ activities on the Internet.

However, ISPs are usually prevented from participating in such activities due to legal, ethical, business, or technical reasons.

Despite these legal and ethical restrictions, some ISPs, such as British Telecom (BT), are planning to use deep packet inspection technology provided by companies such as Phorm in order to examine the contents of the pages that people visit. By doing so, they can build up a profile of a person’s web surfing habits,[citation needed] which can then be sold on to advertisers in order to provide targeted advertising. BT’s attempt at doing this will be marketed under the name ‘Webwise’.[citation needed]

Normally ISPs do collect at least some information about the consumers using their services. From a privacy standpoint, ISPs would ideally collect only as much information as they require in order to provide Internet connectivity (IP address, billing information if applicable, etc.).

Which information an ISP collects, what it does with that information, and whether it informs its consumers, pose significant privacy issues. Beyond the usage of collected information typical of third parties, ISPs sometimes state that they will make their information available to government authorities upon request. In the US and other countries, such a request does not necessarily require a warrant.

An ISP cannot know the contents of properly-encrypted data passing between its consumers and the Internet. For encrypting web traffic, https has become the most popular and best-supported standard. Even if users encrypt the data, the ISP still knows the IP addresses of the sender and of the recipient. (However, see the IP addresses section for workarounds.)

An Tor can be used for accessing web services without them knowing your IP address and without your ISP knowing what the services are that you access.

While signing up for internet services, each computer contains a unique IP, Internet Protocol address. This particular address will not give away private or personal information, however, a weak link could potentially reveal information from your ISP.[61]

General concerns regarding Internet user privacy have become enough of a concern for a UN agency to issue a report on the dangers of identity fraud.[63]

T-Mobile USA doesn’t store any information on web browsing. Verizon Wireless keeps what websites a subscriber visits for up to a year. Virgin Mobile keeps text messages for three months. Verizon keeps text messages for three to five days. None of the other carriers keep texts of messages at all, but they keep a record of who texted who for over a year. AT&T Mobility keeps for five to seven years a record of who text messages who and the date and time, but not the content of the messages. Virgin Mobile keeps that data for two to three months.[64]

HTML 5

citation needed] This causes a threat to the privacy of the users.

Many people control the settings on their computers in order to adjust the privacy threats presented to them. However, every computer is different and therefore the setting changes may be less obvious to users. It is also noted, that with more privacy threats come faster speed on internet use. Users must decide and balance the want of speed while using the internet and the threat to their privacy that comes along with it. While the new code allows users to do more on the internet, it also presents a risk to their privacy with its ability to store so much information.[65]

Big Data

Spotify or Global-Positioning Systems.

Other potential Internet privacy risks

  • Malware is a term short for “malicious software” and is used to describe software to cause damage to a single computer, server, or computer network whether that is through the use of a virus, trojan horse, spyware, etc.[66]
  • Spyware is a piece of software that obtains information from a user’s computer without that user’s consent.[66]
  • A web bug is an object embedded into a web page or email and is usually invisible to the user of the website or reader of the email. It allows checking to see if a person has looked at a particular website or read a specific email message.
  • Phishing is a criminally fraudulent process of trying to obtain sensitive information such as user names, passwords, credit card or bank information. Phishing is an internet crime in which someone masquerades as a trustworthy entity in some form of electronic communication.
  • Pharming is a hacker’s attempt to redirect traffic from a legitimate website to a completely different internet address. Pharming can be conducted by changing the hosts file on a victim’s computer or by exploiting a vulnerability on the DNS server.
  • Social engineering
  • Malicious proxy server (or other “anonymity” services)

Public views

While internet privacy is widely acknowledged as the top consideration in any online interaction,[69] Coupling this with the increasingly exhaustive license agreements companies require consumers to agree to before using their product, consumers are reading less about their rights.

Furthermore, if the consumer has already done business with a company, or is previously familiar with a product, they have a tendency to not read the privacy policies that the company has posted.[69] The less readily available terms and conditions are, the less likely the public is to inform themselves of their rights regarding the service they are .

Concerns of Internet privacy and real life implications

While dealing with the issue of internet privacy, one must first be concerned with not only the technological implications such as damaged property, corrupted files, and the like, but also with the potential for implications on their real lives. One such implication, which is rather commonly viewed as being one of the most daunting fears risks of the Internet, is the potential for identity theft. Although it is a typical belief that larger companies and enterprises are the usual focus of identity thefts, rather than individuals, recent reports seem to show a trend opposing this belief. Specifically, it was found in a 2007 “Internet Security Threat Report” that roughly ninety-three percent of “gateway” attacks were targeted at unprepared home users. It should be noted that the term “gateway” attack was used to refer to attack which aimed not at stealing data immediately, but rather at gaining access for future attacks.[70]

But how, one might ask, is this still thriving given the increasing emphasis on internet security? The simple, but unfortunate solution, according to Symantec’s “Internet Security Threat Report,” is that of the expanding “underground economy.” With more than fifty percent of the supporting servers located in the United States, this “underground economy” has become a haven for internet thieves, who use the system in order to sell stolen information. These pieces of information can range from generic things such as a user account or email to something as personal as a bank account number and PIN (personal identification numbers).[70]

While the processes these internet thieves use are abundant and unique, one popular trap unsuspecting people fall into is that of online purchasing. This is not to allude to the idea that every purchase one makes online will leave them susceptible to identity theft, but rather that it increases the chances. In fact, in a 2001 article titled “Consumer Watch,” the popular online site PC World went as far as calling secure e-shopping a myth. Though unlike the “gateway” attacks mentioned above, these incidents of information being stolen through online purchases generally are more prevalent in medium to large sized e-commerce sites, rather than smaller individualized sites. This is assumed to be a result of the larger consumer population and purchases, which allow for more potential leeway with information.[71]

Ultimately, however, the potential for a violation of your privacy is typically out of your hands after purchasing from an online “e-tailer” or store. One of the most common forms in which hackers receive private information from online “e-tailers” actually comes from an attack placed upon the site’s servers responsible for maintaining information about previous transactions. For as experts explain, these “e-trailers” are not doing nearly enough to maintain or improve their security measures. Even those sites that clearly present a privacy or security policy can be subject to hackers’ havoc as most policies only rely upon encryption technology which only apply to the actual transfer of a customer’s data. However, with this being said, most “e-tailers” have been making improvements, going as far as covering some of the credit card fees if the information’s abuse can be tracked back to the site’s servers.[71]

As one of the largest growing concerns American adults have of current internet privacy policies, identity and credit theft remain a constant figure in the debate surrounding privacy online. However, it is important to recall that these issues are not the only prevalent concerns our society has. Based on a Pew Research Center study conducted in 2001, it appears that child pornography, hackers acquiring access to business and government networks, and “prank” computer viruses also demand constant attention in regards to privacy concerns. Though some may call it a modern-day version of McCarthyism, another prevalent issue also remains members of our own society sending disconcerting emails to one another. It is for this reason in 2001 that for one of the first times ever the public demonstrated an approval of government intervention in their private lives.[72]

With the overall public anxiety regarding the constantly expanding trend of online crimes, in 2001 roughly fifty-four percent of Americans polled showed a general approval for the FBI monitoring those emails deemed suspicious. Thus, it was born the idea for the FBI program: “Carnivore,” which was going to be used as a searching method, allowing the FBI to hopefully home in on potential criminals. Unlike the overall approval of the FBI’s intervention, “Carnivore” was not met with as much of a majority’s approval. Rather, the public seemed to be divided with forty-five percent siding in its favor, forty-five percent opposed to the idea for its ability to potentially interfere with ordinary citizen’s messages, and ten percent claiming indifference. While this may seem slightly tangent to the topic of internet privacy, it is important to consider that at the time of this poll, the general population’s approval on government actions was declining, reaching thirty-one percent versus the forty-one percent it held a decade prior. This figure in collaboration with the majority’s approval of FBI intervention demonstrates an emerging emphasis on the issue of internet privacy in society and more importantly the potential implications it may hold on citizens’ lives.[72]

Laws and regulations

Global privacy policies

Google has long been attacked for their lack of privacy in the U.S. as well as abroad. In 2007, however, the tables began to turn. Peter Fleischer, a Google representative, addressed the U.N. in France regarding privacy issues and expressed that the current international privacy policies were not adequately protecting consumers. Instead of continuing to enforce broken and ineffective Internet privacy laws, the Google representative proposed that the United Nations establish a global privacy policy that would efficiently protect consumers privacy while causing the least possible amount of negative impact on web browsers such as Google. At that time, Google was under investigation by the European Union for violating the global privacy policies that were already in place. The greatest issue related to Internet privacy internationally is that of data collection. At this point in time, the U.S. and the European Union had separate sets of privacy policies, making it increasingly difficult for companies such as Google to exist globally without violating such policies. Google is just one example of a large company whose primary goal is to make money by serving their product, web browsing, to consumers. Consumers, however, are concerned with the quality of that product and their privacy. Online data collection by search engines allows Internet businesses to track consumer’s online roadmap, everything from the sites they visit to the purchases they make. This poses problems globally to those who are web users around the world, especially in a world where there is no overarching privacy policy. The general consensus of this issue regarding international privacy violations at the time of Fleischer’s U.N. address is that, since the Internet is global, the privacy policies should also be global and unified.

Data protection regulation

Currently, as of March 2012, the need for a set of unified privacy policies has been met by the European Union with proposed legislation. The Data Protection Regulation is a proposed set of consistent regulations across the European Union that will protect Internet users from clandestine tracking and unauthorized personal data usage. This regulation will further protect user’s privacy rights in two key ways: clearly defining the term “personal data” and increasing punishments for those who violate user’s online privacy. In Article 4(2) of the proposed legislation, the definition of personal data is expanded significantly to include any information online that could be traced to an individual. In Articles 77 and 79 of the proposed legislation, appropriate punishments are outlined for many possible violations of user’s privacy rights by controllers and effective enforcement of data protection is guaranteed. The Data Protection Regulation will also hold companies accountable for violations of the regulation by implementing a unified legislation outlining specific repercussions for various types of violations based on severity. The CDT, the Center for Democracy & Technology, has carefully evaluated this proposed legislation in detail and officially issued an analysis on March 28, 2012. The Center for Democracy & Technology is a nonprofit organization that advocates for Internet freedom and online privacy through government public policy. Analyses such as this interpret the governmental propositions for Internet users and promote democracy by allowing all the opportunity to agree or disagree with the proposition prior to its ruling. This analysis is posted publicly on the Internet, in compliance with the mission of CDT, and addresses each section of the Data Protection Regulation and the potential pitfalls of each article. The two major issues the CDT addresses in this analysis of the Data Protection Regulation are the inflexible rules against profiling users based on their Internet usage and the parental consent policy in regards to controlling the online information of children. The European Union seems to be following the lead of the Obama administration’s recently implemented privacy bill and global Internet privacy policies are on the horizon.

Internet privacy in China

One of the most popular topics of discussion in regards to Internet privacy is China. The main concern with privacy of Internet users in China is the lack there of. China has a well known policy of censorship when it comes to the spread of information through public media channels. Tor anonymity network, which was designed to circumvent network suveillance in multiple countries. User privacy in China is not as cut-and-dry as it is in other parts of the world. China, reportedly, has a much more invasive policy when Internet activity involves the Chinese government. For this reason, search engines are under constant pressure to conform to Chinese rules and regulations on censorship while still attempting to keep their integrity. Therefore, most search engines operate differently in China than in the other countries, such as the US or Britain, if they operate in China at all. There are two types of intusions that occur in China regarding the internet: the alleged intrusion of the company providing users with Internet service, and the alleged intrusion of the Chinese government. The intrusion allegations made against companies providing users with Internet service are based upon reports that companies, such as Yahoo! in the previous example, are using their access to the internet user’s private information to track and monitor user’s Internet activity. The claims made against the Chinese government lies in the fact that the government is forcing Internet-based companies to track users private online data without the user knowing that they are being monitored. Both alleged intrusions are relatively harsh and possibly force foreign Internet service providers to decide if they value the Chinese market over internet privacy.

Legal threats

Used by government agencies are array of technologies designed to track and gather Internet users’ information are the topic of much debate between privacy advocates, civil liberties advocate and those who believe such measures are necessary for law enforcement to keep pace with rapidly changing communications technology.

Specific examples:

  • Following a decision by the European Union’s council of ministers in Brussels, in January, 2009, the UK’s Home Office adopted a plan to allow police to access the contents of individuals’ computers without a warrant. The process, called “remote searching”, allows one party, at a remote location, to examine another’s hard drive and Internet traffic, including email, browsing history and websites visited. Police across the EU are now permitted to request that the British police conduct a remote search on their behalf. The search can be granted, and the material gleaned turned over and used as evidence, on the basis of a senior officer believing it necessary to prevent a serious crime. Opposition MPs and civil liberties advocates are concerned about this move toward widening surveillance and its possible impact on personal privacy. Says Shami Chakrabarti, director of the human rights group Liberty, “The public will want this to be controlled by new legislation and judicial authorisation. Without those safeguards it’s a devastating blow to any notion of personal privacy.”[73]
  • The FBI’s Magic Lantern software program was the topic of much debate when it was publicized in November, 2001. Magic Lantern is a Trojan Horse program that logs users’ keystrokes, rendering encryption useless.[74]

See also

References

  1. ^ “Toor2122 – Steve Rambam – Privacy Is Dead – Get Over It”. Video.google.com. August 1, 2006. http://video.google.com/videoplay?docid=-383709537384528624. Retrieved September 13, 2010.
  2. ^ Pogue, David (January 2011). “Don’t Worry about Who’s watching”. Scientific American 304 (1): 32. http://www.scientificamerican.com/article.cfm?id=dont-worry-about-whos-watching.
  3. ^ “The Value of Privacy by Bruce Schneier”. Schneier.com. http://www.schneier.com/blog/archives/2006/05/the_value_of_pr.html. Retrieved 2011-11-25.
  4. ^ Bruce Schneier (May 18, 2006). “The Eternal Value of Privacy by Bruce Scneier –”. Wired.com. http://www.wired.com/politics/security/commentary/securitymatters/2006/05/70886. Retrieved 2011-11-25.
  5. ^ E. E. David and R. M. Fano (1965). “Some Thoughts About the Social Implications of Accessible Computing. Proceedings 1965 Fall Joint Computer Conference”. http://www.multicians.org/fjcc6.html. Retrieved 2012-06-07.
  6. ^ Naylor,C., Woods, M., & White, C. (2009). Investment Fraud Over the Internet. http://www.in.gov/sos/securities/files/0865-1007_InvestmentFraudBroch-FINAL_WEB.pdf.
  7. ^ Vincent, Nicole. (2011,October 18). Preventing Identity Theft and Cyber Crimes.http://onguardonline.gov/blog/preventing-identity-theft-and-other-cyber-crimes.
  8. ^ No Author. Washington State Office of the Attorney General. (2008). Families and Educators: Information is Permanent. http://www.atg.wa.gov/InternetSafety/FamiliesAndEducators.aspx.
  9. ^ Matt Schafer (August 2, 2010). “Privacy, Privacy, Where for Art Thou Privacy?”. Lippmannwouldroll.com. http://lippmannwouldroll.com/2010/08/02/privacy-privacy-where-for-art-thou-privacy/. Retrieved October 17, 2010. “As consumers have became wise to the use of cookies, however, the industry has began using both normal cookies and local shared objects (a.k.a. flash cookies) in the event that users would delete the normal cookies.”
  10. ^ Mediati, N. (2010). The Most Dangerous Places on the Web. PC World, 28(11), 72–80.
  11. ^ Youn, S. (2009). Determinants of Online Privacy Concern and Its Influence on Privacy Protection Behaviors Among Young Adolescents. Journal Of Consumer Affairs, 43(3), 389–418.
  12. ^ Larose, R., & Rifon, N. J. (2007). Promoting i-Safety: Effects of Privacy Warnings and Privacy Seals on Risk Assessment and Online Privacy Behavior. Journal Of Consumer Affairs, 41(1), 127–149.
  13. ^ M, Valcke. “T. Computers & Education”. Elsevier Ltd. http://0-www.sciencedirect.com.sculib.scu.edu/science/article/pii/S0360131511000273. Retrieved 3 February 2012.
  14. ^ Krishnamurthy B, Wills CE. (2009). On the Leakage of Personally Identifiable Information Via Online Social Networks.
  15. ^ “New net rules set to make cookies crumble”. BBC. 2011-03-08. http://www.bbc.co.uk/news/technology-12668552.
  16. ^ “Sen. Rockefeller: Get Ready for a Real Do-Not-Track Bill for Online Advertising”. Adage.com. 2011-05-06. http://adage.com/article/digital/sen-rockefeller-ready-a-real-track-bill/227426/.
  17. http://web.ebscohost.com/ehost/detail?vid=14&hid=106&sid=1d665348-3f95-431a-8b34-490220a8407f%40sessionmgr115&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=aph&AN=17039447. Retrieved 2011-11-22.
  18. ^ http://0-vnweb.hwwilsonweb.com.sculib.scu.edu/hww/results/getResults.jhtml?_DARGS=/hww/results/results_common.jhtml.35
  19. ^ Trust and Privacy Online: Why Americans Want to Rewrite the Rules. Pew Internet & American Life Project. Released Aug. 20, 2000
  20. ^ Soltani, Ashkan. “Flash Cookies and Privacy”. University of California, Berkeley. http://www.aaai.org/ocs/index.php/SSS/SSS10/paper/download/1070/1505. Retrieved 3 February 2012.
  21. ^ Heyman, R., & Pierson, J. (2011). Social media and cookies: challenges for online privacy. The Journal of Policy, Regulation and Strategy for Telecommunications, Information and Media, 13, 30–42.
  22. ^ Benninger, Corey. “A Look At Flash Cookies and Internet Explorer Persistence”. McAfee, Inc.. http://www.foundstone.com.au/us/resources/white-papers/foundstone/wp-ajax-storage.pdf. Retrieved 3 February 2012.
  23. ^ How to disable Flash in Firefox
  24. ^ Adobe Flash uninstaller
  25. ^ Adobe security advisories
  26. ^ Oracle Java security advisory
  27. ^ http://technolog.msnbc.msn.com/_news/2010/09/22/5157641-evercookie-is-one-cookie-you-dont-want-to-bite
  28. ^ schneier
  29. ^ Valentino-DeVries, Jennifer (December 1, 2010). “‘Evercookies’ and ‘Fingerprinting’: Are Anti-Fraud Tools Good for Ads?”. The Wall Street Journal. http://blogs.wsj.com/digits/2010/12/01/evercookies-and-fingerprinting-finding-fraudsters-tracking-consumers/.
  30. ^ http://www.securityweek.com/nevercookie-eats-evercookie-new-firefox-plugin
  31. ^ http://www.networkworld.com/newsletters/2009/042009bestpractices.html
  32. ^ Valentino-DeVries, Jennifer (November 30, 2010). “How to Prevent Device Fingerprinting”. The Wall Street Journal. http://blogs.wsj.com/digits/2010/11/30/how-to-prevent-device-fingerprinting/. Retrieved Feb. 6 2012.
  33. ^ ‘ ‘Sentinel Tech Holding Corp’ ‘ , Sentinel Advanced Detection Analysis & Predator Tracking (A.D.A.P.T.), April 26, 2012
  34. http://www.truste.com/products-and-services/consumer_privacy/privacy_tips#btt. Retrieved 11/25/12.
  35. ^ “Top 5 Online Privacy Tips”. Net-Security. http://www.net-security.org/secworld.php?id=8798. Retrieved 11/23/12.
  36. ^ McCandlish, Stanton. “EFF’s Top 12 Ways to Protect Your Online Privacy”. Electronic Frontier Foundation. https://www.eff.org/wp/effs-top-12-ways-protect-your-online-privacy. Retrieved 11/25/12.
  37. ^ In the Face of Danger: Facial Recognition and the Limits of Privacy Law. (2007). Retrieved from Harvard, Harvard Law Review: http://www.harvardlawreview.org/issues/120/may07/note_4397.php.
  38. ^ Facebook’s Privacy Policy. (2010). Retrieved from Facebook: http://www.facebook.com/policy.php.
  39. ^ Heussner, M. K. (2010). Celebrities’ Photos, Videos May Reveal Location. Retrieved from ABC: http://abcnews.go.com/technology/ celebrity-stalking-online-photos-give-location/ story?id=11162352&page=1.
  40. ^ “Online photos can reveal our private data say experts”. BBC News. August 3, 2011. http://www.bbc.co.uk/news/technology-14386514.
  41. ^ “More Than Facial Recognition – Carnegie Mellon University”. Cmu.edu. http://www.cmu.edu/homepage/society/2011/summer/facial-recognition.shtml. Retrieved 2011-11-22.
  42. ^ http://www.guardian.co.uk/technology/2009/nov/29/google-street-view
  43. ^ http://news.cnet.com/8301-10784_3-9943140-7.html%7CShankland
  44. ^ c Elwood, S., & Leszczynski, A. (2011). Privacy, reconsidered: New representations, data practices, and the geoweb. Geoforum, 42, 6–15.
  45. ^ (December 2010) Online Privacy: Using the Internet Safely. Retrieved from http://www.privacyrights.org/fs/fs18-cyb.htm
  46. ^ (August 2006) CNET news. Retrieved from http://news.cnet.com/2100-1030_3-6103098.html
  47. ^ Dye, Jessica. “Consumer Privacy Advocates Seek Search Engine Solution”. EContent. http://0-vnweb.hwwilsonweb.com.sculib.scu.edu/hww/results/getResults.jhtml?_DARGS=/hww/results/results_common.jhtml.35. Retrieved 2011-10-20.
  48. ^ Pariser, Eli. “The Troubling Future of Internet Search”. The Futurist. http://0-vnweb.hwwilsonweb.com.sculib.scu.edu/hww/results/getResults.jhtml?_DARGS=/hww/results/results_common.jhtml.35. Retrieved 2011-10-20.
  49. ^ Blakeman, Karen. “What Search Engines Know About You”. Online (Weston, Connecticut). http://0-vnweb.hwwilsonweb.com.sculib.scu.edu/hww/results/getResults.jhtml?_DARGS=/hww/results/results_common.jhtml.35. Retrieved 2011-10-20.
  50. ^ Cain Miller, C. (2012, January 25). A New Policy On Privacy From Google. The New York Times, p. B3
  51. ^ Steinhauser, G. (2012, February 3). Google’s Privacy Policy Changes Prompt EU Probe. The Huffington Post. Retrieved from http://www.huffingtonpost.com/2012/02/ 03/google-privacy-policy_n_1253467.html
  52. ^ Miller, Claire (January 24, 2012). “Google To Update Privacy Policy to Cover Wider Data Use”. New York Times. http://bits.blogs.nytimes.com/2012/01/24/google-to-update-its-privacy-policies-and-terms-of-service/?scp=2&sq=google’s%20new%20privacy%20policy&st=cse. Retrieved Feb. 6 2012.
  53. ^ Reuters. (2012, February 1). Google defends change to privacy policies. Chicago Tribune. Retrieved from http://www.chicagotribune.com/business/breaking/chi-google-defends-change-to-privacy-policies-20120201,0,3821438.story
  54. ^ James Canter, “E.U. Presses Google to Delay Privacy Policy Changes” ‘The New York Times,’ February 3, 2012
  55. ^ Jay Perry, “Facebook vs. Canada. It’s about to get ugly.” ‘Techi,’ May 22, 2010
  56. ^ Robert McMillan, “Google Relents, Will Hand Over European Wi-Fi Data” ‘PCWorld,’ June 3, 2010
  57. ^ “Google privacy policy is subject of backlash” ‘The Washington Post.’
  58. ^ EPIC – In re Facebook. (n.d.). EPIC – Electronic Privacy Information Center. Retrieved January 25, 2011/
  59. ^ Jillian York “A Case for Pseudonyms” EFF.org, July 29, 2011
  60. ^ World, PC. “People Search Engines: Limit the Information They Can Collect”. PC World. http://0-vnweb.hwwilsonweb.com.sculib.scu.edu/hww/results/getResults.jhtml?_DARGS=/hww/results/results_common.jhtml.35. Retrieved 2011-10-20.
  61. ^ “Online Privacy: Using the Internet Safely | Privacy Rights Clearinghouse”. Privacyrights.org. http://www.privacyrights.org/fs/fs18-cyb.htm. Retrieved 2011-11-22.
  62. ^ “UN warns on password ‘explosion'”. BBC News. 2006-12-04. http://news.bbc.co.uk/1/hi/technology/6199372.stm. Retrieved 2011-11-25.
  63. ^ Peter Fleischer, Jane Horvath, Shuman Ghosemajumder (2008). “Celebrating data privacy”. Google Blog. http://googleblog.blogspot.com/2008/01/celebrating-data-privacy.html. Retrieved 12 August 2011.
  64. ^ “Document Shows How Phone Cos. Treat Private Data”. Associated Press. September 29, 2011. http://www.npr.org/templates/story/story.php?storyId=140931876. Retrieved 2011-09-29. “T-Mobile USA doesn’t keep any information on Web browsing activity. Verizon, on the other hand, keeps some information for up to a year that can be used to ascertain if a particular phone visited a particular Web site. According to the sheet, Sprint Nextel Corp.’s Virgin Mobile brand keeps the text content of text messages for three months. Verizon keeps it for three to five days. None of the other carriers keep texts at all, but they keep records of who texted who for more than a year. The document says AT&T keeps for five to seven years a record of who text messages who —and when, but not the content of the messages. Virgin Mobile only keeps that data for two to three months.”
  65. ^ Vega, T. (2010, October 10). New web code draws concern over privacy risks. The New York Times. Retrieved from
  66. ^ http://technet.microsoft.com
  67. ^ http://onlinelibrary.wiley.com/store/10.1111/j.1745-6606.2001.tb00101.x/asset/j.1745-6606.2001.tb00101.x.pdf?v=1&t=h1pz2kin&s=ec33c6ed7a0fec7e4d5e18c726b3942364daf3bd
  68. ^ Menn, J. (Feb. 19, 2012), Data Collection Arms Race Feeds Privacy Fears. Reuters.http://www.reuters.com/article/2012/02/19/us-data-collection-idUSTRE81I0AP20120219
  69. ^ http://onlinelibrary.wiley.com/store/10.1002/dir.20009/asset/20009_ftp.pdf?v=1&t=h1pz629d&s=a78473ef1ef6eca684ea4d34dfcb37039775d127
  70. ^ b Krapf, E. (2007). A Perspective On Internet Security. Business Communications Review, 37(6), 10–12.
  71. ^ b Kandra, Anne. (2001, July). The myth of secure e-shopping. PC World, 19(7), 29–32.
  72. ^ http://www.pewinternet.org.
  73. ^ Post. “Police set to step up hacking of home PCs”. London: Timesonline.co.uk. http://www.timesonline.co.uk/tol/news/politics/article5439604.ece. Retrieved 2011-11-25.
  74. ^ “FBI ‘Lantern’ Software Does Log Keystrokes”. Rumormillnews.com. http://www.rumormillnews.com/cgi-bin/archive.cgi?noframes;read=15391. Retrieved 2011-11-25.

Further reading

External links

This article uses material from the Wikipedia article Internet Privacy, which is released under the Creative Commons Attribution-Share-Alike License 3.0.