<hero title="Web Privacy Wiki" description="This is a wiki about data privacy, anonymity, tracking, and its implications as Web 3.0 edges closer." imagename="Wikia-hero-image" cropposition="0.18860510805500982"></hero>What information about me is known?[]
There are over 4 billion indexed pages on the World Wide Web today.[1] With that many pages, there is just as much information about anything and everything imaginable. Since 1986 there has been upwards of 295 Exabytes, or 295 billion gigabytes, on the internet to date. [2] With all this data online, there is data on nearly every human being on the planet whether or not they have an online presence.
There are companies that dredge up all sorts of information about you, under the guise of {{#NewWindowLink: http://www.whitepages.com/ | white pages }}or people finders or background checkers or market research services, and then make your information available online. On these data collection sites, anyone can type in your name, e-mail, phone number or other identifying information (sometimes even your {{#NewWindowLink: http://en.wikipedia.org/wiki/Social_Security_number | Social Security number }} and find things like your date of birth, home address, previous residences, your home's valuation, the names of your relatives, your religion, your ethnicity, hobbies, places of employment, sites where you have accounts and a host of other scary details. Some provide links to things like your {{#NewWindowLink: wikipedia:List_of_social_networking_websites | social networking }} profiles or your {{#NewWindowLink: http://www.amazon.com | Amazon }} wish list. Many of these data brokers will display a good bit of information for free, and for a one-time, monthly or annual fee will provide lots of other information, including legal and criminal records. Anyone -- including friends, enemies, prospective employers, law enforcement and lawyers investigating cases -- can find a host of information about you on these Web sites, some of it accurate and some not so accurate.[3] As easily accessible it is to friends and employers, it is just as accessible to criminals and hackers and can cause a big scare when it comes to the possibility of identity theft.
What methods exist to improve privacy?[]
Fundamentally, all data on the Internet falls into two broad categories: private and {{#NewWindowLink: wikipedia: Encryption | encrypted }}, or non-encrypted, publicly readable clear text. Those two simple classes of data are continually shuttling around the Internet, either streaming in real-time or being persistently stored in archives as document and image files or in database records. The reality is, without some method of strong encryption, anyone with access to your personal store of data can read your clear text documents, emails and files, in addition to seeing any other intermingled {{#NewWindowLink: wikipedia: Binary_code | binary }} objects like photographs. When you sign onto {{#NewWindowLink: https://www.facebook.com/ | Facebook }} or {{#NewWindowLink: https://www.google.com/?gws_rd=ssl | Google }}, for example, you give both implicit and explicit permission to the respective {{#NewWindowLink: wikipedia: Internet_service_provider | Internet service provider }} to use part or all of the data associated with your activities in the manner specified by their {{#NewWindowLink: wikipedia:Privacy_policy | Privacy Statement }} and {{#NewWindowLink: wikipedia:Terms_of_service | Terms of Service agreement }}. With that said there are still ways in which one can improve their privacy online:[4]
Browser Settings[]
There are some easy things that can be done to configure a browser for better security and privacy. Among the basics, you can go into your Web browser's preference settings and set the browser not to accept 'cookies' from sites you haven't visited, also known as third-party cookies. Generally, you'll want to accept cookies from the sites you visit. {{#NewWindowLink: https://www.apple.com/safari/ | Safari }} blocks third-party cookies by default; you have to choose these settings in {{#NewWindowLink: http://windows.microsoft.com/en-us/internet-explorer/download-ie | Microsoft's Internet Explorer }}, {{#NewWindowLink: https://www.mozilla.org/en-US/firefox/new/ | Mozilla's Firefox }}, and {{#NewWindowLink: http://www.google.com/chrome/ | Google's Chrome }}. Also, the newest versions of Internet Explorer, Mozilla Firefox, Google Chrome and several others offer settings for "Do Not Track," a proposed header field that requests that a Web application disable its site and/or cross-site tracking of user activity.[4]
Cloud Storage Encryption[]
Storage of anything private and personal in the cloud should use the strongest form of encryption possible. Strengths of encryption come in various standards. {{#NewWindowLink: wikipedia:RSA_(cryptosystem) | RSA 2048-bit }} key encryption provides the best possible strength when used with public key infrastructure. The chance of cracking an RSA 2048-bit private key is not nil, but it would take so long that attempting it is not practicable using today's raw computing power. A strong {{#NewWindowLink: wikipedia:Cipher | cipher }} is the most important consideration.
Close behind, however, are the questions of where you should use encryption and with what method. If you have any data stored on the Internet that you would like to ensure never gets seen by anyone other than yourself, then this is a good candidate for encryption. The strongest and safest method today for encryption of cloud data is {{#NewWindowLink: wikipedia:Zero-knowledge_proof | Zero Knowledge }}. Zero knowledge means that your cloud ISP will have no knowledge of what is being stored on their site. The private key to unlock your data will be created by you on your local drive. Thus only you will have the ability to unlock the data -- not even the cloud ISP will be able to do so.[4]
Two-Factor Authentication[]
With {{#NewWindowLink: wikipedia:Two_factor_authentication | two-factor authentication }}, in addition to entering a password, the system will send to your phone a unique ID number that must be input for authentication as well. Using such a method means the "man-in-the-middle" cannot and will not know what is on your personal phone and so cannot intercept such information. Google Gmail now offers a free two-step authentication service. The goal is to avoid having your login stream (which includes your password) from being intercepted by a "man-in-the-middle" attack. Criminals equipped with programs called {{#NewWindowLink: wikipedia:Packet_analyzer | packet analyzers }} (also known as "sniffers") can see your streaming data and steal your password.[4]
Encryption for Chat and Email[]
With Google Talk and Google Hangouts, one can set the chat session to {{#NewWindowLink: wikipedia:Off-the-Record_Messaging | "off the record" }} (OTR) to ensure that the chat session is never permanently stored on Google's chat servers. Also, installing {{#NewWindowLink: https://www.pidgin.im/ | Pidgin }} for both Windows and {{#NewWindowLink: https://www.linux.com/ | Linux }} -- it's a popular multiprotocol messaging software application -- along with its "off the record" plugin will ensure that your chat session will remain encrypted and private. This ensures that an additional encryption layer is added to the stream using OTR, regardless of what the underlying protocol provides.
The same encrypted vs. nonencrypted concept applies to email. If you don't want your email read, then it is imperative that you encrypt it. The good news is that encrypting email is technically feasible using {{#NewWindowLink: https://www.gnupg.org/ | GnuPG }}, {{#NewWindowLink: http://www.symantec.com/products-solutions/families/?fid=encryption | PGP }} or {{#NewWindowLink: wikipedia:S/MIME | S/MIME }} standards, for example. The bad news is that few software applications are in circulation that make preparing and sending encrypted email "drop-dead" simple and foolproof in terms of usability by the general public.[4]
Surf the Internet Anonymously[]
Lastly, you may consider using a {{#NewWindowLink: wikipedia:Proxy_server proxy }} for your Internet surfing -- though even that won't guarantee complete anonymity. A more difficult-to-trace method for surfing the Web is called Tor. Essentially, when you install Tor software, you log onto a {{#NewWindowLink: wikipedia:Peer-to-peer | peer-to-peer }} (P2P) network representing millions of people, much in the way {{#NewWindowLink: http://www.bittorrent.com/ | BitTorrent }} works. It is encrypted and fully decentralized, meaning not only that it is self-sustainable but also that there is no central server which, if shut down, will stop its Internet activities. What happens in the Tor scenario is that your {{#NewWindowLink: wikipedia:IP_address | IP }} travels in a random path along the Tor encrypted tunnel and reaches a random endpoint, where your traffic then jumps on the Internet using one of the P2P computing devices as its proxy. That endpoint proxy could be a node anywhere in the world.[4]
How does increased privacy effect Web 3.0?[]
In the emerging Web 3.0 world, privacy will likely become a principal feature on which consumers base decisions about which products and services to use. Here’s why: Web 3.0 technologies will be able to understand your likes, dislikes and preferences based on your online activity, and proactively offer you information and services tailored to your interests; it will develop an online identity by which information is delivered to you.
For example, as the weekend approaches and on the basis of your prior activity, an application may suggest a movie based on reviews you read, and, if you want, purchase tickets for you and take steps to identify restaurants that you (or the friends in your social network) have “liked” and book a reservation, calculating the time it likely will take for you to enjoy your meal using previous data it may have about whether you eat early or late.
As the companies that provide these kinds of services gain access to more data and have the ability to know even more about us, we anticipate that the traditional division between {{#NewWindowLink: wikipedia:Competition_law | competition law }} and {{#NewWindowLink: wikipedia:Consumer_protection | consumer protection law }} (which includes privacy) may begin to erode. As privacy becomes a principal feature on which consumers base decisions regarding search, browsing, social media, mobile and other services, we expect to see the {{#NewWindowLink: wikipedia:Information_technology | IT }} ecosystem provide a variety of approaches to privacy. Indeed, this already happens today. In some cases, privacy might be thought of as a proxy or form of “price” (especially when the underlying product might be free to use). In other words, consumers might decide to “pay” for certain “free” or subsidized products, services or features with their privacy, which in turn can translate into dollar revenue for the product or service provider.[5]
Privacy Nightmares![]
- ↑ De Kunder, M. (n.d.). The size of the World Wide Web (The Internet). Retrieved April 1, 2015, from http://www.worldwidewebsize.com/
- ↑ Mearian, L. (2011, February 24). Scientists calculate total data stored to date: 295 exabytes. Retrieved April 1, 2015, from http://www.computerworld.com/article/2513110/data-center/scientists-calculate-total-data-stored-to-date--295--exabytes.html
- ↑ Johnson, B. (2013, July 24). How can I find out what information exists about me online? - HowStuffWorks. Retrieved April 1, 2015, from http://computer.howstuffworks.com/internet/tips/information-about-me-online-.htm
- ↑ 4.0 4.1 4.2 4.3 4.4 4.5 Schmitz, D. (2013, July 30). 5 Ways to Improve Your Privacy Online. Retrieved April 1, 2015, from http://www.technewsworld.com/story/78590.html
- ↑ Passman, P. (2011, March 31). Competition and Consumer Protection in a Web 3.0 World. Retrieved April 2, 2015, from http://blogs.microsoft.com/on-the-issues/2011/03/31/competition-and-consumer-protection-in-a-web-3-0-world/