CSU - DCE 0791 - Webmaster Privacy Class - Fort Collins, CO Copyright © XTR Systems, LLC Privacy...

CSU - DCE 0791 - WebmasterPrivacy Class - Fort Collins, CO

Copyright © XTR Systems, LLC

Privacy Issuesof the

World Wide Web

Instructor: Joseph DiVerdi, Ph.D., M.B.A.



Privacy Landscape

• Privacy is Currently a Concern to – Private Citizens– Organizations– Governments

• Privacy Means Different Things– Personal Information– Intellectual Property– State Secrets

• Many, If Not Most, Citizens are poorly or misinformed About Privacy Issues



Privacy Landscape

• Privacy is Certainly to Be a Growing Concern– As Internet-Based Communications & eCommerce

Increase in Usage & Popularity

• Because of the Vast Amount of Data That Can be Collected Using the Internet

• Because of its Ubiquity– Private Citizens World-Wide Have Expressed

Concerns Over Their Right to Privacy

• However, Many Do Not Understand the True Risks or How to Defend Against Them



Privacy Landscape

• A shopper– Browsing through various stores– In a physical shopping mall– Stopping to glance at a specific item

• In a specific store

– Does not have to worry that his or her every move is recorded



Privacy Landscape

• Current Web-site & eCommerce Technology – Makes it Technologically Feasible– For Data to be Recorded About Every Item – Clicked-on by a Visitor– Browsing Through

• An Electronic Shopping Mall or• Visiting a Web Site



Privacy Landscape

• Designers & operators of web sites who disregard the privacy of their users do so at their own peril

• Users of web services who are not concerned with privacy may soon find they have none

• Users who feel that their privacy has been violated may avoid certain sites and may even avoid the Web



Relevance to Webmaster

• Consider:– You are the Webmaster of a commercial site

which generated gross annual revenues of $2 million until customers concluded that the site provided insufficient privacy of their personal information

– You are a web development consultant who has responsibility for a $200,000 contract to develop a site (any site) which has received numerous privacy violation complaints



Legislator Weighs In

• “Privacy is a basic American value, in the Information Age and in every age. It must be protected. We need an electronic bill of rights for this electronic age.”



Legislator Weighs In

• “Privacy is a basic American value, in the Information Age and in every age. It must be protected. We need an electronic bill of rights for this electronic age.”– Vice-President Albert Gore, July 1998



Web Privacy in Brief

• Web Security is a complex topic, encompassing:– Log files– Cookies– Personally Identifiable Information– Anonymizers– Unanticipated Disclosure– Data Encryption– Key Escrow (Agencies)– Key Recovery (Agencies)



Federal Trade Commission

• 1998 Report to Congress• Articulated Core Principles of privacy

protection for Adults widely accepted in the USA, Canada, and Europe:– Notice– Choice– Access– Integrity & Security– Enforcement



Core Principles

• Notice– Users should be made aware of an entity’s

information practices before any personal information is gathered

• Choice– Users should be given the opportunity to consent

or deny any secondary uses of information• Other than the processing of the immediate transaction• Including mailing notices or data transfer to third parties



Core Principles (con’t)

• Access– Users should be able to access their personal data

and review it without significant delays and should also be able to easily correct inaccurate personal information in a timely manner

• Integrity & Security– The data regarding users’ personal information

should be processed in a fashion so that the data is accurate and that data needs to be kept confidential as it is transmitted, processed, & stored by the entity



Core Principles (con’t)

• Enforcement– Users should have recourse if any of the above

core principles are violated



FTC Report



Personal Information

• E-mail address• Postal address• Telephone number• Social Security Number• Date of Birth or Age• Gender• Education• Interests• Hobbies



EU Directive of Oct 1998

• Personal data on the Internet shall be:– Processed Fairly & Lawfully– Collected & Processed for Specified, Explicit,

Legitimate Purposes– Accurate & Current– Kept No Longer Than Deemed Necessary to Fulfill

the Stated Purpose




• Users have the following rights:– Access to Personal Information– Correction, Erasure, & Blocking of Information– Objection to Usage– Able to Oppose Automated Individual Decisions– Access to Judicial Remedy & Compensation




• This Directive Affects Many US Companies – All of Which Transact Business in the EU– Gives EU Member Countries a Global Reach With

an Attached Liability for Non-Compliance– Requires Non-EU Companies Compliance to

Conduct eCommerce in Europe



Log Files

• Every time a Web browser views a site’s page, a record is kept in that site’s server’s log files

• Log files are under the control of the person or organization that controls the Web server– Webmaster?

• Log files are subject to subpoena



Log Files (con’t)

• Each time a page is requested or CGI script run from a web server, the server records the following information in its log files:– Hostname or IP address of requesting computer– Time of day of the request– Requested URL– Time to transfer requested file– User name if HTTP authentication is used– Any errors which occurred– Requesting web browser identifier and OS– Previous web page accessed, i.e., referring link



Access Log File Contents

dnvr-dsl-gw8-c212.dnvr.uswest.net - - [20/Jul/2000:00:59:20 -0600] "GET /magnetometer/ HTTP/1.0" 200 228

dnvr-dsl-gw8-c212.dnvr.uswest.net - - [20/Jul/2000:00:59:21 -0600] "GET /magnetometer/cgi/lister.pl HTTP/1.0" 200 5970

dnvr-dsl-gw8-c212.dnvr.uswest.net - - [20/Jul/2000:00:59:22 -0600] "GET /magnetometer/gif/MacPerl.gif HTTP/1.0" 200 2002

dnvr-dsl-gw8-c212.dnvr.uswest.net - - [20/Jul/2000:00:59:22 -0600] "GET /magnetometer/gif/top.gif HTTP/1.0" 200 3178

freedu-7-118.libertysurf.se - - [20/Jul/2000:04:04:14 -0600] "GET / HTTP/1.1" 200 2211

freedu-7-118.libertysurf.se - - [20/Jul/2000:04:04:15 -0600] "GET /jpeg/banner.jpeg HTTP/1.1" 200 14268

freedu-7-118.libertysurf.se - - [20/Jul/2000:04:04:45 -0600] "GET /magnetometer/cgi/lister.pl HTTP/1.1" 200 5989

freedu-7-118.libertysurf.se - - [20/Jul/2000:04:04:46 -0600] "GET /magnetometer/gif/MacPerl.gif HTTP/1.1" 200 2002

freedu-7-118.libertysurf.se - - [20/Jul/2000:04:04:46 -0600] "GET /magnetometer/gif/top.gif HTTP/1.1" 200 3178

freedu-7-118.libertysurf.se - - [20/Jul/2000:04:04:48 -0600] "GET /magnetometer/gif/sm_perl_id_313_wt.gif HTTP/1.1" 200 2524

otc18.otc.colostate.edu - - [20/Jul/2000:09:28:10 -0600] "GET / HTTP/1.0" 200 2211

otc18.otc.colostate.edu - - [20/Jul/2000:09:28:10 -0600] "GET /jpeg/banner.jpeg HTTP/1.0" 200 14268

otc18.otc.colostate.edu - - [20/Jul/2000:09:28:17 -0600] "GET /classes/index.html HTTP/1.0" 200 2017

otc18.otc.colostate.edu - - [20/Jul/2000:09:28:17 -0600] "GET /magnetometer/gif/sm_perl_id_313_wt.gif HTTP/1.0" 200 2524

otc18.otc.colostate.edu - - [20/Jul/2000:09:28:19 -0600] "GET /classes/DCE0791/index.html HTTP/1.0" 200 2810

otc18.otc.colostate.edu - - [20/Jul/2000:09:28:22 -0600] "GET /classes/DCE0791/materials.html HTTP/1.0" 200 3903

otc18.otc.colostate.edu - - [20/Jul/2000:09:28:39 -0600] "GET /classes/DCE0791/materials/imaging_class.ppt HTTP/1.0" 206 1



Referring Link

• When a URL is requested several pieces of information are supplied to the server with the request including the current URL, either– The currently viewed page– The word “bookmark”– Nothing, if the URL was typed into the “location”

• The HTTP specification declares that the sending of this information should be an option under the user’s control but no Web browser has implemented this control



Referring Link Uses

• To gauge the efficacy of companies’ advertisements paid for on certain web sites– Click on an ad and the current URL is supplied to

the ad’s server - cha-ching!

• To measure how customers move through a site

• By search engines to determine viewers’ predilections– Strong correlation exists between interests and

viewed URLs



Referring Link Problems

• Its presence represents a revelation of personal information– The URL that the user previously viewed

• Cryptographic protocols, e.g., SSL, are often used to embed personal information in URLs but the subsequent request may result in the passing of that information to another site and without encryption



(Infamous) Cookies

• Introduced by Netscape in Navigator v2.0• Original purpose was to enable a server to

track a browser through multiple HTTP requests– Necessary for applications, e.g., shopping cart– Allows storage of a user’s preferences in cookie

• Intended to improve privacy– Removed the requirement for the server to

request and store personal information in a central data bank



Cookie Issues

• Rule of unintended consequences• Initial implementation allowed any site to

request all cookies from a browser thereby revealing (lots of) personal information

• Quick change to browser to permit delivery of cookies to a particular server (identified by domain) that were issued by that server



More Cookie Issues

• Web developers (webmasters?) soon realized that cookies could be “attached” to files other than HTML, e.g., GIF. Combining this capability with the delivery of banner images from advertising companies allowed those advertisers continued access to detailed tracking information

• Advertisers claim that such tracking permits interested-targeted delivery and reduction of repetitious display

• There is an opportunity for abuse



Cookie File Structure

Domain Expire Path Secure Expiration Vendor Specific Fields

hotwired.lycos.com FALSE /webmonkey/99/09 FALSE 970380000 Lycos_Webographics Sampledwww.macfixit.com FALSE /cgi-bin/ultimate FALSE 968113043 lastLogin 2451426.2017www.macfixit.com FALSE /cgi-bin/ultimate FALSE 968113043 LastLoginDT 09-04-1999%2008%3A17%20PMwww.admission.com FALSE /html FALSE 972187149 admission EN%26US.netscape.com TRUE / FALSE 1293840002 UIDC 199.45.180.157:0912144896:401606.adobe.com TRUE / FALSE 1924905604 AWID 199.45.180.157:10771:912192070:677www.direct-jobs.com FALSE / FALSE 2137622378 CFTOKEN 11642676www.direct-jobs.com FALSE / FALSE 2137622379 CFID 122728www.damark.com FALSE / FALSE 2145830703 ST_USER 0913838850898991.imgis.com TRUE / FALSE 1074483659 JEB2 8F799D77DAA0A516CEA8F4B23004E025.zdnet.com TRUE / FALSE 1041310803 cgversion 4.zdnet.com TRUE / FALSE 1041310806 browserCEA8F4B2383B0D81.yahoo.com TRUE / FALSE 1271361603 B 8vl686iata7fn.ngadcenter.net TRUE / FALSE 2145801606 NGID 2061691f-20905-917899077-5



Controlling Cookie Use

• It is possible for users to control the actual use of cookies in a browser

• Open Navigator or Communicator• Go to Edit->Preferences->Advanced



Anonymizers

• A server designed to act as a certain type of proxy– Browser sends requested URL to anonymizer with

anonymizer’s URL– Anonymizer processes request and makes

request to requested URL using its own address information

– Information from destination site is returned to anonymizer

– Anonymizer passes information back to original browser



Anonymizers (con’t)

• Vary in sophistication and capabilities• Some can’t handle forms• Many have problems with active content• Hinder personalization• Fairly simple to implement• Reasons for use:

– Personal Values - “…should be able to surf anonymously…”

– Advertising on the anonymizer– Monitor use and users of anonymizer - fraudulent

and/or oxymoronic



Moral High Ground

• Simple but workable policy:– Do not require users to register in order to use site– Allow users to register using their email address if

they wish to receive information– Do not share a user’s email address with any

other entity without that user’s explicit permission or as lawfully required

– Whenever an email message is sent to a user, explain how the address was obtained, and how it can be removed from the mailing list



Moral High Ground (con’t)

• Do not make log files publicly accessible• Delete log files when no longer needed• If log files must be retained online for

extended periods of time, remove personally identifiable information

• Encrypt log files if possible• Do not distribute personal information about

users• Discipline or terminate employees who violate

privacy policy



Moral High Ground (con’t)

• State site’s Privacy Policy on home page• Allow site to be audited by impartial external

professionals if questions regarding policies arise



Quick Survey

• Change your browser’s preferences to require warning when a cookie is requested

• Take a look right now at some sites (fewer than one dozen) using a browser to determine whether they state the site’s privacy policy

• Make some notes for discussion• When you are done restore the previous

cookie preferences

CSU - DCE 0791 - Webmaster Privacy Class - Fort Collins, CO Copyright © XTR Systems, LLC Privacy...

Documents

Transcript of CSU - DCE 0791 - Webmaster Privacy Class - Fort Collins, CO Copyright © XTR Systems, LLC Privacy...