Your Privacy

When you visit a web site, you do this by transmitting a request to that site. The site responds by sending you a page or pages, maybe with images, scripts, embedded media of one sort or another, and cookies.

Most web browsers, when they’re sending your request for a page, also send additional information, such as

• The type of browser you’re using
• What page you’re coming from, if you made the request by clicking a link on a page
• What sorts of plugins you support
• Cookies your browser has picked up from the same site

For instance, your browser has told me:

• your “user agent” is “Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)”
• your machine can be found on the internet at 207.246.240.100

On this page, I’ll tell you what I do with this information, and I’ll also give you some hints on how to keep from revealing information while you’re browsing if this sort of thing freaks you out.

How I Track You

I’m not interested in knowing who you are and which of my pages you’re visiting. This isn’t some sort of Orwellian thing where I’ll show up at your door one day and say, “excuse me, comrade, but I notice that you’re awfully interested in counterfeiting. Could you please explain yourself at the next eNeighborhood Watch meeting?”

I am interested in which of my pages are most and least popular, and in how people navigate around in my site, and in what outside pages refer people to my pages. I hope to use this information to make my site more useful and usable.

To this end, I keep a log of incoming requests and I send out cookies so I can distinguish requests coming from different browsers. A typical set of entries in my log looks something like this:

(04/01 15:53.05) [0501970860] IN: http://www.skepdic.com/tifraud.html -> /scams.php
(04/01 15:53.14) [1433761299] IN: http://www.xs4all.nl/~boom/bsites.html -> /barbie.php
(04/01 15:53.19) [0501970860] IN: /scams.php -> /index.php
(04/01 15:53.31) [1433761299] OUT: /barbie.php -> http://www.brillomag.net/No1/blo.htm

What that means to me is that a browser that I’ve given the cookie “501970860” (an arbitrary number) has come from the page at http://www.skepdic.com/tifraud.html and requested the Scams & Frauds page at this site. Then someone from another browser, with the cookie “1433761299”, visiting from http://www.xs4all.nl/~boom/bsites.html requested the Barbie Liberation Organization page. Then, whoever was visiting the Scams & Frauds page earlier (I can tell it’s the same browser because the cookie is the same), went from that page to our home page, and whoever was visiting the BLO page clicked a link on that page to go visit the Hacking Barbie page at another site.

About This Cookie

The cookie I use has the following important characteristics:

It’s an arbitrary number.

The way it’s chosen is that if you don’t already have the cookie, I try to set it to a number selected by a random number generator.

It’s completely optional.

If you or your browser rejects the cookie, you still have complete and fully-featured access to the site. I called the cookie “OptionalCookie” so that if your browser asks you whether or not you want to accept it, it’s easier to tell that there’s no penalty for saying “no.”

It isn’t permanent.

If you exit your browser, the cookie should vanish (this depends on how well the programmers of your browser did their jobs).

How Do I Know What Links You Follow?

I said earlier that I collect some of the information that your browser sends me when you visit pages on my site. But my log also includes information about when you click a link on one of my pages to go visit a page on another site. How do I get this information?

Well, it’s kind of sneaky, actually. When I have a link on my site to a page somewhere else (and there are hundreds of these at this site), I craft the link in such a way that it really links to one of my own pages that then redirects immediately to the other page. By doing this, I’m able to take note of the fact that you’ve followed the link. Crafty, eh?

What I Don’t Do

I don’t make any attempt to match up your IP address — and potentially your physical location — with what pages you visit (the Orwellian scenario I mentioned earlier). I don’t think that’s a nice thing to do.

But that doesn’t mean that other people aren’t collecting this sort of information. Believe you me, they are.

Threats to Your Privacy

There are a number of sneaky ways that your browsing gets tracked. Your internet service provider may listen in on all of your web page requests and keep a database of what pages you visit — this could be matched up with whatever other information they have about you from your billing records, and sold to the highest bidder.

Some on-line companies specialize in tracking web surfers, and leave permanent cookies that they read in when you visit sites that participate in their program.

Companies like Netscape and Microsoft may introduce new “features” in their products that effectively keep track of which sites you’ve visited and report this list back to them.

The government, or some other criminal organization, may tap your line, install a “keyboard sniffer,” or hack into your computer to observe your browsing habits.

What you can do

Most browsers allow you to change the way you handle cookies so that you have to be asked before you accept them, or you don’t accept them at all. Read more about this here. You can also use a free proxy like JunkBuster that prevents your browser from sending out a lot of the information it otherwise gives away (it also can block annoying ads!)

Keep your eyes open. Privacy-snatchers are inventing new tricks all the time, and it’s a struggle to keep ahead of them — probably more of a bother than most people are willing to put up with. Keep in mind that the common feeling of anonymity that people feel when they’re on-line is in many cases just an illusion — and act accordingly!