Monday - May 15, 2006

Privacy - Part I

Privacy? What privacy? Who are you trying to kid? In today’s modern technological society, you have to be suffering from extreme delusions of isolation to actually believe that you have any privacy whatsoever ... and don’t blame the government. This started right in your own house and your neighborhood. Remember that card you filled out at your local Kroger/Winn-Dixie/Albertsons grocery store several years ago where they promised to give you 5-10% discounts on all future purchases in exchange for a little information about you? You present the card at checkout and get a break on prices. What you may not have realized is your purchases were recorded in a massive database back at corporate headquarters. Suddenly, you start getting spam in your snail-mail box asking you to try this or that product. Which is amazingly similar to something you bought at the grocery store last week. If it was tinfoil, you don’t need to make a hat out of it. Your grocery store has been doing data mining on your buying habits ... and that’s just the tip of the iceberg.

Credit card purchases, medical records, court records ... you name it. It’s all recorded electronically in databases somewhere. Data mining is nothing more than doing a little research into those records looking for trends and patterns. Those trends and patterns allow the researcher to literally get inside your head, boopsie. They practically know what you’re thinking and they tailor their marketing to your “preferences”. This has been going on for decades - at least as long as I can remember and I am an IT professional, having spent the last two decades doing database administration.

It’s called OLAP or On Line Analytical Processing. When you get right down to it, there are two fundamental types of database: OLAP and OLTP (On Line Transaction Processing). OLTP records transactions, i.e., purchases, history, records. This is the day to day database that allows companies to stay in business handling our interactions with vendors, government and each other. Everything that happens is recorded. This is nothing more than what has been going on since caveman days when the village holy man carved births, marriages and cave transfers in stone. Eventually, that created a large pile of stones so paper was invented. Eventually paper created too many file cabinets full of this information so it was all digitized and stored in computers electronically.

Then along came some genius who said, “hey, we have all this transactional data in our database - why don’t we examine the buying patterns to see if we can figure out how to sell more widgets.” That happened sometime during the Eisenhower administration. Over the decades since, databases have become larger and more efficent. OLAP engines and tools have also become more sophisticated. Believe me, the US government and the NSA are late players in the OLAP game. Wal-Mart was there long ago. Today, you or anyone, for that matter, can go on-line, pay $80 at LexisNexis and get all the information you want about anybody: residential history, friends, phone number, court records - you name it. And that’s just a start.

The internet has made it even more difficult to continue believing in privacy. Been surfing porn lately? Gotcha! Your browser is telling on you. In fact, when you surfed to this web site a record was created in the logs that shows: your IP address, your browser software and version, your operating system, your country of origin, your ISP, your screen size and display attributes and even the page you were at before you came here. That last is called a “referrer”. Does this mean the Ol’ Skipper is spying on you? Hell no! It’s a conspiracy between the Apache web server software at my end and your browser. The Apache web server just records whatever it is told about visitors ... and your browser is the biggest blabbermouth in existence.

For the most part, I ignore all of that and rarely look at the logs. There’s just too much data there to justify me wasting my time and besides, I really don’t care unless, for instance, I’m designing the web site and need to know what most visitors display size is so I can decide on a display size for this blog’s web pages. Or someone is harassing me and I need to find out who they really are. You need to be aware though that there are others out there who are perfectly willing to exploit this information for their own advantage - like “phishing schemes” and spam. Once again, they’re getting inside your head and no tinfoil hat in existence will protect you.

So why are you getting your nickers all in a wad because the NSA is looking at telephone records? Mind you, they’re not listening in to your calls. They can’t unless they get a warrant. However, your call records are in your telco’s database and are already being used for data mining by commercial companies - including your local telephone company and long distance provider. In other words, my fine feathered friends, you gave up all pretense of privacy long before the NSA started researching call records to find links to terrorists in order to protect your sorry butt. You have not surrendered your privacy to the government. The whole world knows all about you and has for decades. Now drink your Kool-Aid and try to stay calm. Part II of this series will be forthcoming later ....

Your Data, Naked on the Net
What’s jeopardizing your online privacy? Chalk it up to tech progress, site registrations, and the U.S. government.

- BUSINESS WEEK - February 6, 2006

The U.S. Justice Dept.’s demand for data on how Web surfers use Google and other search engines raises a disturbing question: Just how much do the Web sites you visit know about you? In general, they know a great deal about the aggregate behavior of visitors, and nothing about individuals unless they have chosen to identify themselves. But there are exceptions.

Operators of even the most modest Web sites can learn a lot about visitors, short of pinpointing their actual identities. I manage a site for a small nonprofit. The hosting service, Homestead Technologies, throws in analytical tools from Media Highway International’s RealTracker. I can tell the order in which visitors viewed pages, what Web sites they came from, and what search terms they used, among many other things. This information is invaluable for designing effective Web sites.

We don’t ask visitors to register, and the only identifying information recorded in the data is a 12-digit Internet address. This normally only links the visitor to a large organization, such as their Internet service provider, employer, or school, and provides no clue to individual identity.

DIFFERING POLICIES.  The situation is somewhat different on sites where you have registered. These can link your activity to whatever identifying information you have supplied, anything from a made-up user name and possibly fake e-mail address to your real name, address, and credit-card information if you have divulged them. Once you give out that data, your life can be an open book. You can block the collection of personal information by setting your browser to reject files called “cookies,” but this will cause many Web sites to work badly or not at all.

The extent to which Web sites use the data they collect is limited by their privacy policies, which the Federal Trade Commission can force sites to honor. If you live in the European Union, the EU Privacy Directive gives you much stronger legal protections than you get as a U.S. resident.

Privacy policies vary greatly. Google (GOOG) promises not to share any personally identifiable data with third parties without explicit consent. But BusinessWeek Online, like many commercial sites, reserves the right to share information (other than credit-card data) with “selected outside companies whose products or services we feel may be of interest to you” unless an individual explicitly opts out.

WASHINGTON EYE.  There are, unfortunately, two factors that could put your privacy at much greater risk than you would anticipate. One is advanced technology, the other a growing government appetite for information. Progress in mathematics and computer science is making it possible to assemble tiny, disparate bits of information into a comprehensive picture of an individual. For example, studies have shown that 87% of the U.S. population can be uniquely identified via only a date of birth, sex, and five-digit residential zip code. Someday you may be identifiable just from your tastes in books, movies, and sports, as revealed by your Web browsing.

Government inquisitiveness is a much more immediate risk to privacy. The request that Google is fighting seeks only search terms, but the Justice Dept. could have asked for the Internet addresses that went with them. Then it could ask Internet service providers and other network operators to identify the people those addresses were assigned to, pinpointing the source of the request. And it’s not just the government: The music industry has used similar techniques to identify the users of illegal download services.

There’s not a whole lot you can do to prevent this data from being collected. You can use an anonymous proxy service, such as Anonymizer, but it can interfere with your use of the Web and can’t guarantee to hide your identity in all circumstances. Or you can live with the fact that what you do on the Web cannot be regarded as truly private.

Posted by The Skipper     on 05/15/2006 at 10:41 AM   
Filed Under: • Homeland-Security •  
• Comments (3) • Trackbacks(0)  Permalink •  

DISCLAIMER

THE SERVICES AND MATERIALS ON THIS WEBSITE ARE PROVIDED "AS IS" AND THE HOSTS OF THIS SITE EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, TO THE EXTENT PERMITTED BY LAW INCLUDING BUT NOT LIMITED TO WARRANTIES OF SATISFACTORY QUALITY, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO THE SERVICE OR ANY MATERIALS.

Not that very many people ever read this far down, but this blog was the creation of Allan Kelly and his friend Vilmar. Vilmar moved on to his own blog some time ago, and Allan ran this place alone until his sudden and unexpected death partway through 2006. We all miss him. A lot. Even though he is gone this site will always still be more than a little bit his. We who are left to carry on the BMEWS tradition owe him a great debt of gratitude, and we hope to be able to pay that back by following his last advice to us all:

1. Keep a firm grasp of Right and Wrong
2. Stay involved with government on every level and don't let those bastards get away with a thing
3. Use every legal means to defend yourself in the event of real internal trouble, and, most importantly:
4. Keep talking to each other, whether here or elsewhere

It's been a long strange trip without you Skipper, but thanks for pointing us in the right direction and giving us a swift kick in the behind to get us going. Keep lookin' down on us, will ya? Thanks.

THE INFORMATION AND OTHER CONTENTS OF THIS WEBSITE ARE DESIGNED TO COMPLY WITH THE LAWS OF THE UNITED STATES OF AMERICA. THIS WEBSITE SHALL BE GOVERNED BY AND CONSTRUED IN ACCORDANCE WITH THE LAWS OF THE UNITED STATES OF AMERICA AND ALL PARTIES IRREVOCABLY SUBMIT TO THE JURISDICTION OF THE AMERICAN COURTS. IF ANYTHING ON THIS WEBSITE IS CONSTRUED AS BEING CONTRARY TO THE LAWS APPLICABLE IN ANY OTHER COUNTRY, THEN THIS WEBSITE IS NOT INTENDED TO BE ACCESSED BY PERSONS FROM THAT COUNTRY AND ANY PERSONS WHO ARE SUBJECT TO SUCH LAWS SHALL NOT BE ENTITLED TO USE OUR SERVICES UNLESS THEY CAN SATISFY US THAT SUCH USE WOULD BE LAWFUL.

Copyright © 2004-2015 Domain Owner