Attack of the Web Snoop

By Seth Ross

Most civilized people agree that privacy is a fundamental human right. Every individual has the right to be left alone, to be secure in his or her personal life, and to freely surf and communicate over the Internet without having to worry about leaking private information to untrusted and possibly hostile parties.

Sadly, the fundamental right to privacy is under withering assault on the Internet. Through a combination of greed and ignorance, the Internet - one of our civilization's greatest inventions - is now being deployed as the greatest privacy-destroying technology ever.

You may think you're alone in your thoughts as you surf the web. But as Deep Throat says on the X-Files, "There's always someone watching, Mr. Mulder."

The Internet is eliminating personal privacy as corporate web sites track and profile visitors, maintain cookie "dossiers", and correlate visitor identities and interests with third-party marketing databases. This is offensive, because you are what you browse. Unknown third parties are observing the web pages you view, the searches you make, and the things you buy. In general, they're getting inside your head. It's just as if someone analyzed every book you read or movie you watched - only more cross-referenced and precise.

Do you think I'm being alarmist? Over-the-top? The list of sites that have been caught destroying Internet user privacy is long and growing. Consider the following recent news items (many of them sparked by Internet consultant Richard M. Smith):

• Last month, DoubleClick was skewered in the press for planning to correlate visitors to the 2500 sites in its ad network to large off-line consumer databases. The furor was such that the company was forced to back off, at least for now. Smith has posted an interesting explanation of how banner ad network tracking works.
• Leading medical sites have been dinged for selling highly sensitive information about their visitors. Last month, an investigative report by a healthcare trade group found that visitors to health-related web sites are not anonymous, even if they think they are, and personal information shared with these sites is highly vulnerable.
  
• Last month, H&R Block's online tax filing service exposed some customers' sensitive financial records to other customers.
• Last October, Smith disclosed that the RealJukeBox player software was surreptitiously sending off information to RealNetworks about users' music-listening habits, along with a unique player ID number that can reveal user identity. The company quietly changed its privacy policy in November to disclose this controversial practice.
• Amazon.com subsidiary Alexa was caught sucking up personal information back in December.

Anyone browsing the web faces a severe threat model, one far worse than the Distributed Denial of Service attacks covered in the past two issues. You have to assume that all your travels on the web are recorded and stored in one or more databases. You have to assume that personal information - from your name and address to the things you buy - is captured and linked to those databases. Assume that your boss/spouse/parents/insurer/credit card company will gain access to this information about you. Assume that your credit card company and the credit bureaus will know when you surf to a bankruptcy or credit repair site. Be prepared for credit rejections based on your browsing habits. Assume that your health insurance company will know when you surf to a medical site and look up a disease or health condition that you're concerned about. Be prepared for higher insurance rates based on your browsing habits.

All major sites post privacy policies full of high-minded language about privacy that boil down to a harsh truth: We can do whatever we want with our information on you, including the most personal financial and health-related information.

Take Yahoo! for example. Here's an excerpt from its policy:

Yahoo! may disclose or access account information when we believe in good faith that the law requires it and for administrative and other purposes that we deem necessary to maintain, service, and improve our products and services.

Note the weasel language about "other purposes we deem necessary". Essentially, Yahoo! can disclose your personal information whenever and however it sees fit.

Or this excerpt from the privacy policy for Microsoft's Passport system:

Microsoft Web sites will disclose Personal Information if required to do so by law or in the good-faith belief that such action is necessary to (a) conform to the edicts of the law or comply with legal process served on Microsoft or the site; (b) protect and defend the rights or property of Microsoft, this Web site, or participating Web sites; and, (c) act under exigent circumstances to protect the personal safety of users of Microsoft, this Web site, or the public.

Note the company's problematic language about defending its rights. Judging from the company's extensive legal problems, Microsoft has a very broad view of its rights.

These and many other major sites also bear seals from "trust" organizations like TRUSTe. While these seals are designed to improve consumer confidence, they in fact are meaningless. According to TRUSTe:

When you see our TRUSTe seal, you can be assured that the Web site will disclose:

• What personal information is being gathered about you
• How the information will be used
• Who the information will be shared with, if anyone
• Choices available to you regarding how collected information is used
• Safeguards in place to protect your information from loss, misuse, or alteration
• How you can update or correct inaccuracies in your information.