2006-06-17

Privacy

(recovered from livejournal)

I'm becoming more and more concerned about privacy issues on the web, especially the so called "user-tracking" problem. Let's say that provider A is controlling the web sites A1, A2 and A3. User Stella is browsing through the web, hopping thru websites Z -> A1 -> D -> E -> A2 -> A3. Provider A can track a good proportion of Stella's web-browsing activities, by examining the logfiles of the webservers hosting the sites A1, A2, A3 (plus any info coming from referer sites or followed-links). The logfiles contain (among other things) browser identification info (OS, version etc.), the actual page requested (along with any URL-submitted parameters), and the IP address of the public host that seemed to have requested the page in question.

I'm not really interested in what the provider does with this data (user-modelling, data mining etc.). What I'm concerned about is the possibility that a single entity could control such a number of websites that it would be feasible for this entity to reconstruct part of a (random) user's web-surfing route.

Of course the number of sites that a provider would need to control seems at first look daunting. If you even consider that the sites must be of varying subjects, so as not to follow just the people that have clustered around a specific domain of interest, this makes the user-tracking task look even more daunting.

But, let's imagine the following scenario:

A company offers the following services:
a) Search Engine
b) Ads (or other site-embedable objects like website usage statistics, maps etc.)
c) Blog-space
d) Webmail
e) Social Networking
....
If you're beginning to see the pattern here then maybe it's time to pass some legislation regarding the effective web presence (or omnipresence for this matter) of entities with common interests...

..or maybe it's high time we start looking for anonymizing proxies :P

Current Mood: worried
Current Music: Husnu Senlendirici - Husnu Klarnet

No comments: