|
The Internet : Opening up a new level of vulnerability
The internet as we know it today has opened up a world of opportunities for the masses. People now can access information or data that used to be halfway around the world, in a matter of seconds at any time, anywhere. At the same time, the internet makes it possible for the average person to easily contribute to the vast collection of data with the same speed and mobility as they can access it. Sadly enough, these two factors have also opened up an entirely new dimension in the privacy world. Some alarmists have even likened to internet as being one step closer to a “big brother” world where everyone’s personal information is readily available for the government or any other organization. Regardless of whether this is the case or not, the internet has surely changed the way we interpret what is our personal identity and privacy. |
|
As the history of the internet advanced so did the amount of personal data integration. As soon as the internet became available for the common people in the early nineties, there became new ways for your personal information to become available to all. This paper outlines the various aspects of the internet in which your data (besides what you physically type into a website or blog) is made available to others, be it in a positive matter or negative. It also outlines the various implications that each concept represents and then leads to various security features available for one to avoid unwanted leakage. |
|
Foreign Invasions of Your Privacy In this section I will outline the various ways that the internet has led to new ways of attempting to dive into your private world. |
|
Cookies Cookies are another name for what was dubbed “http cookies”. Cookies are an essential aspect of most web browsing since 1994. Cookies were initially created to hold data that a user enters onto a form on a website. Because it would be extremely expensive to hold all of this data on the mainframe that the website’s data is on, cookies came in to solve the problem. How a cookie works is quite simple, a user enters data into a website and this data gets stored onto a file (the cookie) on the user’s computer. When the user works around the website and needs access to this data again, the browser accesses the file on the computer for them. Cookies often run into privacy issues when you are using them with online purchases or entering delicate personal information such as social security numbers. If you enter this data and it is saved into a cookie, it theoretically can be made available at anytime in the future for the website you have used it on. One might possibly find this difficult to swallow as the website you have accessed in the past may theoretically use this information again without your permission. There is also the possibility of this data being stolen midway in between the travel from your computer to the server.
|
|
The largest aspect of cookies that can run into privacy issues is with third party cookies. Normal cookies are involved on the same internet domain and while they may contain sensitive data, they are not as large of an issue. A third party cookie is one that gets put on your computer from the advertisements on the websites that you are browsing. This becomes an issue because often these third party sites use these cookies to trace your web browsing of many other websites as well. This can lead to huge issues as these third party websites may be able to access very personal data that you enter on these other websites. Many cases of this have shown up, with even the US government being one of the perpetrators. |
|
Profiling/ISP’s Website profiling or data tracking can come from other sources, other than from the case of third party cookies mentioned before. One of the most controversial of these sources would be your internet service provider, or ISP. Your ISP is the company that provides your internet service, and everything you do on the net has to pass through them before it can enter into the great world wide net. Ethically this is a great responsibility thrust upon the ISP as they essentially could use this data in fraudulent manners. How much data the ISP actually collects is also an issue at hand. It seems only natural that an ISP should only need to collect enough data to provide their service of internet connectivity, but this is often not the case. Often browsing habits or website histories are recorded by an ISP, regardless of the nature of their intent, be it malicious or harmless. Possibly one of the biggest issues is when an ISP sells your data to an outside source for marketing or research reasons. One of the largest and most influential ISP’s in existence, AOL, got into trouble for this in the summer of 2006. Other sources, such as the web company Compete Inc, have stated that there are possibly other ISP’s that sell this data as well in the form of clickstream data. This data includes each website that a user views and the order that they view them. |
|
Adware/Malware/Spyware Adware, malware, and spyware are all very similar pieces of software in which they all collect personal information from a user without their consent. The three types of software are so similar in that people often confuse the three of them, which would not be too much of a stretch. Adware – According to wikipedia, adware is “advertising supported software, or any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or when it is being used.” Adware can sometimes be incorporated into “Shareware” software in which a user agrees to allow the adware program on their computer in exchange for free use of another program, or the shareware program. Spyware is similar but instead of installing a single form of advertisement on a computer, it collects personal data for marketing purposes. Most of this data is collected by a user’s keystrokes, the recording of browsing history, and sometimes by the scanning of a computer’s hard-drive. The rage of maliciousness that can arise from spyware can range from personal advertisements from the browsing history collected to the theft of passwords or other sensitive data. Malware – The term for any program that infiltrates or damages a computer be it viruses, worms, trojan horses and even spyware or adware.
|
|
Phishing Phishing is possibly one of the simplest ways that a person can steal your private information in that it’s relatively easy to enact, and also just as easy to avoid. Phishing is the process in which an individual fools another into giving up valuable data by making them think that they are an organization that the individual is affiliated with. This process most often takes place through emails in which the “phisher” sends an email to the victim which can include text or html that is almost a mirror image to something that the spoofed organization would have. |
|
According to Howstuffworks.com Phishing takes the following steps: 1. Planning – Phishers choose targets and find out how to obtain emails. 2. Setup – Creating a method to deliver the message and collect the data. 3. Attack – The actual sending of the phony message. 4. Collection – Recording of the scammed data. 5. Identity Theft – Use of the scammed data to make illegal purchases or commit fraud. Phishing was originally seen in late 1996 with AOL users in which Phishers posed as AOL employees messaging users by instant messenger or their email account attempting to get their passwords and/or credit cards. Since then it has expanded into a massive (while easily preventable) threat that an estimated ¼ of all those scammed cannot recover from. Pic to the right taken from http://www.antiphishing.org/index.html |
|
Protecting Yourself/Keeping Your Privacy In the following sections I will show how individuals in the past, and how they can in the future, react to the various possible privacy invasion attempts. |
|
Usernames/Screenames Usernames or screenames are not necessarily ways that you can physically prevent your private information from being invaded, but they are an important aspect of internet usage in which that you can create a more private world. With a username one can be discrete about who they really are and can obtain a larger level of anonymity than one could get in real life. Even a phone conversation or letter (your voice or handwriting can be recognized) has more of a sense of individuality or a more identifiable trait that you would exhibit by hiding yourself behind a username. An email address or a second life can also fit under this category. |
|
Privacy Laws Privacy laws are a huge aspect to be considered. Privacy laws are designed to preserve your personal privacy rights. To quote the OECD (Organization for Economic Co-operation and Development), privacy issues online arise “from the fact that all this computer-processable personal information, whether automatically generated or not, can potentially be collected , stored, detailed, individualized, linked and put to a variety of uses in places geographically dispersed all around the world, possibly without user knowledge or consent.” (OECD 11) Privacy laws help set a ground work for such things as what kind of data an individual/organization can collect on another, data usage limitations, data quality limitations (how accurate this data is), and various other security safety-nets. Interestingly enough many countries all have their own sort of privacy laws, even though the internet is a worldwide network that knows none of mankind’s physical borders. There are exceptions to this, such as within the European Union where most countries of that organization adhere to the same general laws. Most computer/network privacy laws began in the 1980s and have been continually updated with each new advancement in technology. |
|
Encryption Encryption is something that most people know about but really do not understand. The use of encryption has been around long before the internet or even our American society. There are various forms of encryption that are available with varying levels of difficulty to break. The basic concept of encryption comes about when you either want for nobody else to view the files you have on your computer, or only certain people in the process of sending it to another computer over the internet. All encryption processes take the data you own and scramble or code it to a point where only those that posses the key can descramble or decode this data. These keys can be one simple code multiple combinations of them. |
|
Firewalls Firewalls were named after the firewalls that are used in buildings that stop fires from entering in between a wall. A firewall is basically a piece of software on your computer, or a physical of hardware, that blocks any unwanted or suspicious activity from entering your computer. Computers on a network can be simultaneously hooked up to a hardware firewall in which the whole network can be protected. Each individual computer may have its own hardware or software firewall but it must be noted that when there is multiple they may interfere with each other and defeat the purpose. Firewalls were originally created to fend off viruses and have since then included a large list of possible intruders such as hackers, crackers or data flooding. |
|
Common Sense Technical mumbo jumbo can often take the backseat to one of the most important concepts of personal privacy. If you don’t physically give out your private information you are have high chances of never getting taken advantage of. Common sense allows for people to avoid situations brought forth from phising, adware, and many predators that may lurk on the internet. |
|
Conclusion The internet surely has revolutionized the data aspect of our lives. Our data can be sent from anywhere at anytime, and be accessed in the same manner. This can however come at a price, when your private information can fall into the wrong hands. As each advancement in internet technology has progressed, more and more features of it allowed for your personal information to be threatened. At the same time, there has been various security features in which one could take advantage of in order to maintain your privacy. The internet may be a scary world to some, in which our personal identity or privacy may seem to be threatened. Through the process of learning about the threats and the possible solutions, one can only begin to look past this and focus on the major technological advantages the internet imposes. In conclusion, to compare the real world to the virtual world in its level of the importance of awareness of privacy; I use the following quote from Seth Godin of Yahoo, “Sixty-six percent of all Web sites provide some privacy notice, do 66% of the entities you deal with offline provide you with a privacy notice?”
|
|
Works Cited Egendorf, Laura K. “The Information Revolution, Opposing Viewpoints”. Greenhaven Press. Farmington Hills, MI 2004.
“Privacy Online: OECD Guidance on Policy and Practice”. OECD Publications. Paris, France 2003.
Wilson, Tracy V. “How Phising Works”. Howstuffworks.com. May 1st, 2007. http://computer.howstuffworks.com/phishing1.htm Walton, Timothy J. “Internet Privacy Law”. 2000. http://www.netatty.com/privacy/privacy.html
“Protecting your Privacy on the Internet.” Australian Government Office of the Privacy Commissioner. May 1st, 2007. http://www.privacy.gov.au/internet/internet_privacy/
“Fact Sheets and Other Publications”. Privacy Rights Clearinghouse. May 1st, 2007. http://www.privacyrights.org/fs/index.htm Brain, Marshall. “How Internet Cookies Work”. Howstuffworks.com. May 1st, 2007. http://computer.howstuffworks.com/cookie1.htm “ISPs Sell Browsing History”. Omninerd.com. May 1st, 2007. http://www.omninerd.com/2007/03/18/news/1181 Blodget, Henry. “Compete CEO: ISPs Sell Clickstreams for $5 A Month”. SeekingAlpha.com. March 13th, 2007. http://internet.seekingalpha.com/article/29449
|
Please wait while we load