July/August 2000

Privacy on the Internet: From Cookies to Bugs

Privacy on the Internet (or the growing lack thereof) is a hot topic. It is being reported on and discussed by everyone from research and advocacy organizations to the nightly national TV news to Congress. Click by click you reveal more of your buying habits, health inquiries, and more.

As we all know, the use of personal data to sell to consumers isn't new — we all receive junk mail and telemarketing calls. But now the ever-increasing power and declining costs of information technology are making it possible to gather, store, and analyze detailed personal data on an unprecedented scale, both online and off.

Web sites are adding privacy policy statements that are suppose to tell you how the company uses the data gathered. But as a Consumer Reports investigation found, if the site discloses anonymous information to an ad network, this may be matched with personally identifiable information you disclose at other sites.

As an additional level of assurance, the privacy policy may contain a privacy "seal of approval" from TRUSTe or BBBOnline. But since these seals are fairly new, the value of these seals hasn't been proven.

Keep your personal data private

Here is what you need to know and some of the steps you can take to stop the flow of personal data.

Block Selected Cookies. A cookie is a small file that a Web site stores on your computer containing information it can use to "recognize" you if you return to that site. Not all cookies are bad for you. Cookies are used to process an online purchase and to remember passwords at sites that you have subscribed to.

The bad cookies come from the third parties, mostly "ad network" companies. In Netscape Navigator 4.x you can easily block these cookies. Go the Edit menu, select Preferences, then Advanced. Under the Cookies section, choose "Accept only cookies that get sent back to the originating server." If you want to track cookies for a while, you can also turn on the "Warn me before accepting a cookie" option.

It is more difficult to block selected cookies in Microsoft Internet Explorer. Instructions for doing this are given in the "Are You Being Bugged?" article listed below.

You can also install special software that can block banner ads, ad-network cookies, and more:

Guard Dog by McAfee,
Norton Internet Security by Symantec,
AdSubstract by interMute, Inc., or
Internet Junkbuster Proxy by Junkbusters.

When you change your cookie settings in the browser or add blocking software, any cookies that are already on your system continue to work. You can use the Winmag Cookie Viewer program, listed below, to view cookies and then delete those you don't want. When I used this program, I found over 180 cookies and deleted over 120.

Stop the Spam. Spam is unsolicited commercial e-mail. When you receive spam or junk e-mail, don't reply, even if it is to ask the sender to remove you from its lists. Responding confirms your e-mail address and invites more spam. You should send a complaint e-mail to your Internet Service Provider (ISP). It should contact the spammer's ISP.

If you register at Web sites or visit newsgroups or chat rooms during at-home usage, you may want to use a special e-mail address just for surfing the Web. Junk mailers gather information from these areas. Another option is to add text such as "no-spam" to your e-mail address (example: no-spam-jdoe@isp.com) when registering or visiting newsgroups or chat rooms.

Watch out for Web Bugs. A Web Bug is a graphics on a Web page or in an HTML-formatted e-mail message that can use a previously set cookie and send that information to a server. An HTML-formatted e-mail message appears very much the way it would in your browser, complete with graphic images that are retrieved from a Web site. That Web site then sends back a cookie that is stored on your PC. If you use Netscape Messenger or Outlook Express to read a newsgroup, then Web Bugs will also work inside of newsgroup HTML messages.

The best defense against Web Bugs is to turn off cookies. You can make additional e-mail setting changes in Eudora, Netscape, and Outlook. Lotus Notes users should not need to make any setting changes as the Web Client runs under your browser settings and the Full Client is reading mail on the server. In Eudora 4.x make sure that the "Use Microsoft's viewer" and "Allow executables in HTML Content" options under Tools, Options, Viewing Mail are NOT checked. Netscape Messenger and Outlook Express users should follow the instructions given in the "Are You Being Bugged?" article.

Keep informed. Before you provide any personal information to a Web site, read the privacy statement. You can look up ratings and privacy policies for thousands of sites at Enonymous.

You can get more helpful tips and stay abreast of the latest privacy developments, such as a controversial e-mail surveillance system proposed by the FBI, by visiting these sites:

Junkbusters is an excellent source of information about a wide variety of privacy issues including unsolicited commerical e-mail and paper junk mail, web ads, and telemarketing.
Electronic Privacy Information Center is a source of information regarding civil liberties issues and protecting privacy, the First Amendment and constitutional values.
Privacy Rights Clearinghouse offers consumers an opportunity to learn how to protect their personal privacy.
The Center For Democracy & Technology works to promote democratic values and constitutional liberties in the digital age. CDT provides Operation Opt-Out, a single place to remove your name from a variety of marketing and profiling lists.

Sources:

"Are You Being Bugged?" Dave Methvin. Winmag.com, September 21, 1999.
"Cookie Viewer v2.7," Karen Kenworthy. Winmag.com, March 6, 2000.
"Special report: How to protect your privacy, Part 1." Consumers Reports, May 2000.
"The Privacy Challenge – How to Keep Them from Knowing Too Much About You," Robert Ellis Smith. Bottom Line-Personal, March 15, 2000.

~ Pam Peters

Additional Resources

Compilation of recent news items from the Edupage newsletter.

Carnivore 2.0: More on the Perils of FBI Internet Surveillance and Why It's Even Worse in Australia, by Robert X. Cringely, July 20, 2000.

[ Return to CIT Information newsletter Index ]

Originally Posted: July 31, 2000

CIT Information is published by Communications and Information Technology - Computing section, Institute of Agriculture and Natural Resources, University of Nebraska-Lincoln. Newsletter articles may be copied and distributed for nonprofit, educational purposes only and the source must be acknowledged. Direct all correspondence to the editor, Pamela K. Peters (E-mail: pkpeters@unlnotes.unl.edu; Phone: 402/472-5630; FAX: 402/472-5639).

The University of Nebraska-Lincoln is an affirmative action - equal opportunity employer.