Tom Regan
Privacy -- or the lack thereof -- on the 'Net
|
But the reality of the new economy is that many sites need to know SOMETHING about what their users are doing, looking at or avoiding, because this information provides valuable marketing research that can be used to attract advertisers. Once again, take the case of csmonitor.com -- we provide the daily edition of one of the world's great newspapers for free on the Web. But if we want to continue to provide this service, we've also got to be able to generate some revenue. And while most Web revenue models are about as successful as the Edsel, selling ads is still seen as one of the best ways to move toward this goal.
So people use cookies to gather information. Many people don't like this, lots more don't really care about it one way or the other -- as long as they know what's happening, and how that Web site they are visiting will use all this information. And this is where many, many, Web sites fall down.
Reading the recent report of the Electronic Privacy Information Center which surveyed the privacy practises of the top 100 e-commerce sites on the Web was a sobering experience. EPIC survey found that NOT ONE of the 100 sites adequately addressed all the elements of Fair Information Practices. Eighteen of the top sites didn't even bother to publish a privacy policy, while 86 of the sites used cookies. Worse, 35 of the sites had profile-based advertisers on their sites.
Profile-based advertising is as close as you can come to 'legitimate' surveillance on the Web. Here's what EPIC had to say about it in their report, 'Surfers Beware':
"Profile-based advertising, also known as online profiling, is a technique that marketers use to collect information about online behavior of Internet users and to facilitate targeted advertising. Profile-based advertising could easily be considered a form of online surveillance. Profile-based advertising relies on "cookies," identifying tags that are stored on the computer of a person who visits a web site. These cookies are often placed on computers without the knowledge of individuals when banner advertisements appear. Actually clicking on a banner advertisement is not necessary to generate a cookie."
Unfortunately, this tendency towards 'on the sly' surveillance will only increase as investors and shareholders pressure e-commerce companies to produce something more than snazzy IPOs. But again, we come back to the question of revenue. Many of these e-commerce sites provide valuable services that people want -- having these services disappear would not be in the best interest of the consumer, or even sometimes the general public.
The solution? All Web sites, whether it be information providers like csmonitor.com or e-commerce sites like amazon.com need to provide clear, straight-forward privacy policies on their site that spell out in detail what the site does with any gathered information. (Sites interested in pursuing this policy can find a great
But Web sites that deal with a great deal of personal information, like government sites or universities or credit card sites, also need to be smart about privacy. For instance, as reader Glen Roberts wrote to me,"A point you have seemed to miss in your (earlier) article is those who intentionally put "privacy" information on intentionally public websites and then are outraged when someone looks at it... ie: the U.S. Senate publishing the SSNs of top military officers on the Library of Congress web page (not to mention in print)."
Meanwhile, what can we do to protect our privacy? To start you can carefully read the privacy policies of sites that you regularly visit. If you don't like what you see -- or if you don't see a privacy policy at all -- write the company that run the site and tell them that you won't do business with them until they correct these oversights, and that you're going to do your best to tell as many people as possible not to use their sites.
There are also lots of good tools now available, both commercial and open source, that will give you a degree of anonymity on the Web. Two of the more interesting commercial appliations are 'enonymous advisor,' which creates anonymous surfing profiles and rates the privacy policies of Web sites as you visit them, and Freedom.net, which allows anonymous Web surfing, e-mail, chat and news.
Meanwhile, there are some great freeware and shareware tools available from the EPIC site that include cookie busters, anonymous remailers, e-mail and file privacy, to name just a few.