Date: Jan. 2, 2002
Link: http://www.oreilly.com/catalog/websec2/chapter/ch08.html
Source Author or Organization: Simson Garfinkel, Gene Spafford, O'Reilly & Associates

The Web's War on Your Privacy is a chapter excerpted from the O'Reilly & Associates book Web Security, Privacy & Commerce, 2nd Edition, by Simson Garfinkel with Gene Spafford.

The book explores the privacy issues that arise as "You watch the Web, and the Web watches you." A great deal of information about Web site visitors is stored in various computer logs, often more than the visitor or even site owners or maintainers are aware of. Information that can be deduced from or massaged out of Web server log files is valuable to marketers and other dater miners.

This chapter analyzes legal precedents for the level and type of privacy we may expect, from original to modern, and distinguishes between personal, private and personally identifiable categories of personal information. It then illustrates the volume and types of information harvestable from computer logs, cookies, Web bugs and user information we voluntarily enter into forms, for example when registering at Web sites for access.

Garfinkel and Spafford illustrate the degree of personal identification and volume of personal information this data can yield to the increasingly sophisticated techniques of data miners. For example, few Web users realize supplying a birthdate and zip code identifies them as one of only eight possible people. With one more innocuous piece of data, a data miner can "triangulate" the exact identity.

Garfinkel and Spafford also point out Privacy Foundation guidelines that can curb abuses when required and enforced. Later chapters in the book identify technologies and techniques for combating abuses.