FIT 100
LAB 18: Privacy in the Internet Age
Do you really have any?
Spring 2001
Optional Reading for Lab 18:
How information is gathered about your Internet
connection:
http://www.privacy.net/analyze/analyzehow.asp
Introduction:
Privacy has always been a fairly complex
issue, even before the advent of the Internet and the World Wide Web. Let’s think about the issue of student
information that is maintained by schools and universities. Arguments about the legality and ethics of
revealing certain student information or even how to protect that information
from unauthorized access went on long before the connectivity revolution. Now the complexity of the issues surrounding
privacy increases at the same rate as the advent of new technologies. A person no longer has to reply to a “prize
letter” to reveal personal information about themselves and their buying
habits. All they need to do is visit a
web site on line.
Information about what and where a person
searches is gathered when they visits various sites on the web, especially
e-commerce sites. The information
gathered about you is most often stored in a text file known as a cookie, and
it is placed on your own computer and then accessed every time you return to
the web site that created it. There are
also many other ways of gathering personal information about you, about where
you search on the Internet and about your various buying habits.
This lab will look at a web site that offers
simple demonstrations of how information is gathered about individuals and
stored for use at a later time.
Objectives:
·
To
look at the issues surrounding privacy and online gathering of personal
information.
·
To
understand the concept of cookies as they relate to gathering information about
a user.
·
To
understand that “surfing” the web is not, and never has been, an anonymous
activity by the user.
Some recent news about online privacy in Washington
State:
An excerpt from EPIC Alert, the newsletter of the Electronic Privacy Information Center of Washington, D.C.:
“A Washington State Court has found a compelling interest in protecting
Social Security numbers (SSNs) from public dissemination, and has
ordered a website operator to remove lawfully obtained SSNs from an
Internet site. In City of Kirkland v. Sheehan, a website operator
posted police officers' personal information on Justicefiles.org, an
Internet site critical of law enforcement. The personal information
included names, addresses, phone numbers, and Social Security numbers.
The court found that the site operator posted the information "to
cause at least some degree of fear and apprehension in the minds of
law enforcement personnel." The website operator promised to remove
the personal information if the officers' departments would adopt
civilian police oversight boards.
The City of Kirkland brought suit to enjoin the website operator from
posting the officers' personal information, alleging that the activity
invaded the officers' privacy interests. The web site operator
claimed a First Amendment right to post the personal information,
which apparently had been culled from public records.
The King County Superior Court allowed the website operator to
continue posting the names, addresses, and other information relating
to the police officers. The court held that the First Amendment
protected the publication of lawfully obtained personal information
for political purposes, absent a credible specific threat of harm.
However, the court enjoined the site operator from publishing the
officers' Social Security numbers. The court reasoned that SSNs,
unlike names and addresses, do not "facilitate or promote substantive
communication." Further, access to Social Security numbers allows
others to "obtain access to and to control, manipulate or alter other
personal information." Accordingly, the court held that the
government has a compelling interest in preventing the dissemination
of SSNs that overrides the operator's right to publish.
The decision in City of Kirkland v. Sheehan is available at:
http://www.politechbot.com/docs/justicefiles.opinion.051001.html ”
****************************************************************
For this lab we will visit two areas at the Privacy.Net web site, a consumer information organization. Each of these pages will give you some insight on the information that can be gathered about you simply based on your IP address.
http://www.privacy.net/analyze/
This page does an analysis of your Internet
connection and displays basic information that can be gathered about you (and
the computer you use) with nothing more than an IP address.
How do companies track you as you visit various
sites on the Internet? The
demonstration here gives you and idea of how your movements are tracked as you
surf the Net.
http://www.privacy.net/cookies/
A demonstration of how text files called “cookies”
are created to hold information about user preferences and time of visit, among
other things.
To Do:
(Work
in pairs to answer the questions of this exercise-turn in one sheet of paper
with both names on it)
Analysis of an Internet connection
1. Link to http://www.privacy.net/analyze/
and take a look at the information that is pulled from about the computer in
front of you.
·
Using the information
given, what is the Screen Width and Height?
·
What is the viewable
width and height?
2.
Who (what entity)
registered the domain of the computers in this lab?
3.
Who owns the network?
4.
What other
information has been gathered about you, the current user?
5.
Has Privacy.Net been
visited by this computer before? When?
6.
Link to the related
page called “How this analysis works”.
********************************************
Read the first couple paragraphs there. When you are done, link back to the analysis
page by clicking the “Click here to take the analysis”. What information has changed on the page?
7.
Now, go to the
following page:
http://faculty.washington.edu/gbwhit23/100Labs/Lab18.html
and click on the Privacy.Net link. This
will take you back the analysis page.
Note that there has been a change of information. The URL above that linked you back to
Privacy.Net is now listed as the page visited just previous to this one. What if this analysis page had the
information about the last 50 sites you visited?
Creating Internet Cookies
8. Visit the following site: http://www.privacy.net/cookies/. Read through the directions and create a
cookie that will hold information about you.
When you are done, close the browser.
Open a new browser and enter the site again.
·
Is the cookie information
correct? (does it display the proper “cookie” that you selected?)
·
Go to C:\Windows\Cookies
on your computer. Look at the cookie
files placed there. Notice they are
just text files. Go the most recently
placed cookie and open it. Can you
decipher the information that has been placed there? Close the file when you are done.
·
Change your cookie
information on the browser and then go look and the text file again. What has changed?
Tracking on the Internet
9. Go to http://www.privacy.net/track/. Follow the steps provided to get a
demonstration of how companies place advertising on a web page that can track
users across multiple sites. You will
visit several fake sites during this demonstration. Link to four or five sites and then back to the demo.
10. At each point in the demonstration, you should be
able to link to your profile as it is being built. After you finish, and have done all 5 steps, including giving
your email address, your profile will look something like this:
This
information has been gathered, but an actual cookie was not placed on your
machine for it.
11. What other information could be gathered about you
just from a visit to an online shopping site?
Or a site that requires registration just to view its contents?
12. What are some ethical issues surrounding the
ability of companies and organizations to gather data about you simply by your
passage through their virtual doorways?
13. How would you feel if the same data could be gathered
about you when you walked into a shopping mall or restaurant?
14. Turn in your comments to your TA before you leave
the lab today.