When you visit a web site, you do this by transmitting a request to that site. The site responds by sending you a page or pages, maybe with images, scripts, embedded media of one sort or another, and cookies.
Most web browsers, when they’re sending your request for a page, also send additional information, such as
For instance, your browser has told me:
On this page, I’ll tell you what I do with this information, and I’ll also give you some hints on how to keep from revealing information while you’re browsing if this sort of thing freaks you out.
How I Track You
I’m not interested in knowing who you are and which of my pages you’re visiting. This isn’t some sort of Orwellian thing where I’ll show up at your door one day and say, “excuse me, comrade, but I notice that you’re awfully interested in counterfeiting. Could you please explain yourself at the next eNeighborhood Watch meeting?”
I am interested in which of my pages are most and least popular, and in how people navigate around in my site, and in what outside pages refer people to my pages. I hope to use this information to make my site more useful and usable.
To this end, I keep a log of incoming requests and I send out cookies so
I can distinguish requests coming from different browsers. A typical
set of entries in my log looks something like this:
About This Cookie
The cookie I use has the following important characteristics:
How Do I Know What Links You Follow?
I said earlier that I collect some of the information that your browser sends me when you visit pages on my site. But my log also includes information about when you click a link on one of my pages to go visit a page on another site. How do I get this information?
Well, it’s kind of sneaky, actually. When I have a link on my site to a page somewhere else (and there are hundreds of these at this site), I craft the link in such a way that it really links to one of my own pages that then redirects immediately to the other page. By doing this, I’m able to take note of the fact that you’ve followed the link. Crafty, eh?
What I Don’t Do
I don’t make any attempt to match up your IP address — and potentially your physical location — with what pages you visit (the Orwellian scenario I mentioned earlier). I don’t think that’s a nice thing to do.
But that doesn’t mean that other people aren’t collecting this sort of information. Believe you me, they are.
Threats to Your Privacy
There are a number of sneaky ways that your browsing gets tracked. Your internet service provider may listen in on all of your web page requests and keep a database of what pages you visit — this could be matched up with whatever other information they have about you from your billing records, and sold to the highest bidder.
Some on-line companies specialize in tracking web surfers, and leave permanent cookies that they read in when you visit sites that participate in their program.
Companies like Netscape and Microsoft may introduce new “features” in their products that effectively keep track of which sites you’ve visited and report this list back to them.
The government, or some other criminal organization, may tap your line, install a “keyboard sniffer,” or hack into your computer to observe your browsing habits.
What you can do
Most browsers allow you to change the way you handle cookies so that you have to be asked before you accept them, or you don’t accept them at all. Read more about this here. You can also use a free proxy like JunkBuster that prevents your browser from sending out a lot of the information it otherwise gives away (it also can block annoying ads!)
Keep your eyes open. Privacy-snatchers are inventing new tricks all the time, and it’s a struggle to keep ahead of them — probably more of a bother than most people are willing to put up with. Keep in mind that the common feeling of anonymity that people feel when they’re on-line is in many cases just an illusion — and act accordingly!
|On This Day in Snigglery||December 15, 1999: The ToyWar begins — supporters of etoy successfully striking out at the commercial site eToys for hijacking their domain name. (See Hacktivism for more info)|