Quantcast
Channel: Nusecure
Viewing all articles
Browse latest Browse all 89

Privacy on the Web (Part 2)

0
0

We  look at the privacy items in this manner to discuss something many of us have done and will probably do in the future.  We have filled out online forms that capture our personal "public" data with a promise by the company gathering the data to protect it.  We know from experience that our privacy was a major concern for these companies since we received many emails extolling the virtues of products that we might be interested.  
We were aware that our data was being sold to marketing firms or directly to companies that were interested in our buying or browsing habits.  This grew into an industry that specialized in blanketing consumers with emails that we now call spam.  Early on in our internet experience, we typically weren't given the ability to opt out of our data being "shared" with partners of the company that we gave our data.  We started to wise up to the game the companies were doing and they had to devise another method of gathering data on us without being obvious.


Web sites began to use pieces of data called cookies that were sent by the server and returned to create a state of connection in an otherwise stateless transaction.  They intended to "assist" us in quickly loading pages from a site that we were visiting and the cookies were eliminated when the browser was closed.  Persistent cookies, now called tracking cookies, were originally used to assist in connecting to a site and would report to the server about how we initially connected.  Tracking cookies can also report back to the server every time a new page is requested, which can be stored on the server as a log file to assist companies tracking browsing history?


Since cookies can also remember login data for a particular web site to ease the process for the user when returning, they can store data that might compromise the privacy of the user.  In 2000, the U.S. government set strict rules for their sites regarding the usage of these cookies.  Daniel Brandt, a privacy activist discovered that many government sites were setting tracking cookies on computers that were visiting their websites.  These agencies discontinued the use of these cookies but by later directive can use these cookies if the server gives the user the ability to refuse the cookies.


The European Union thought by many to be the strictest in controlling data collected by the cookies, isn't without issue with their directive that states that setting cookies can't be stored unless the user is informed that the cookie is being stored.  Their directive says that the user must have the ability to refuse the cookie unless the cookie is needed for technical reasons.  All this is useful information about cookies but we all know that our browsers are full of them, mostly tracking cookies.  Users began to realize that cookies weren't always our friend in relation to our privacy data. Hence another security software industry was born.  We now have many types of spyware removal tools to remove the "bad" cookies.  I am certain that the majority of us use some form of spyware removal to improve the performance of their browser if not for increased security and privacy.

This brings us back to our discussion of privacy and the laws that are constantly being hailed as the silver bullet for our privacy.  I have studied a few state privacy laws and very few devote much time on browser based privacy.  But we need not fear out federal government has a solution to the privacy problem related to tracking cookies.  They don't address the myriad of personal privacy issues raised by the enormous amount of data collected about us by all the federal, state, and local governments.


They have come up a proposal that should be a world beater, a Do Not Track mechanism that would be similar to the Do Not Call List.  This proposal would create a tool integrated in the browser that would allow the user to opt out of tracking cookies from web sites.  We all remember when the banking industry was told to give us the ability to opt out of their "sharing" our private data.  They created letters that were sent to all customers whenever a new account or feature is signed up for by a user, we all know how well that worked.
This approach from a high level sounds great but I suspect that if the tool works to prevent cookies to be installed on you system then the companies that desire or need to collect that information will find another way of obtaining it.  These companies may take a page from the banking industry, the healthcare industry did, and create a document that is so verbose with legalize that no one will read it.


It seems to me that as an article stated; some technology companies are going to devise a stopgap method in an attempt to forestall additional regulation.  This may be true but the allure of the advertising dollars being spent online, over 5 billion dollars, the data will still be collected.  We also have to deal with the element on the web that will see the potential for making money and find a way around the mechanism that is supposed to protect us.  I guess those of us that have been waiting patiently for a real privacy law from congress will have to continue our vigil.


Viewing all articles
Browse latest Browse all 89

Latest Images

Trending Articles





Latest Images