No Peekin'

Don't like the thought of someone snooping around your personal information? Solutions are at hand.

Not too long ago, a software engineer named Phil Zimmerman invented what has come to be regarded as the industry standard for encryption software - PGP, or Pretty Good Privacy. At the time his creation came out, it caused a tremendous furore in the United States - after all, went the reasoning, encryption powerful enough to resist the might of the US government ought to be restricted and/or have “back doors” built into it so as to allow government agencies to intercept suspicious transmissions…

A few years later, with the Web becoming all pervasive and digital retailers sprouting like mushrooms, the privacy issue raised its ugly head again. What, asked Joe Customer, happens to the information online supermarkets collect about me when I click my way through their digital aisles? What happens to my credit card number, and whom is my email address shared with? When the answers finally came, many were found to be morally unacceptable - and some, illegal.

As the above examples illustrate, privacy has, and always will be, a concern in the new digital age. When information can be replicated endlessly, with each iteration an unblemished copy of the original, and when the means of transmission of information are accessible to everyone with a phone line, a PC and a modem, it becomes difficult, if not impossible, to prevent sensitive information from being distributed far and wide. And so, this week, we’re going to take a look at some Web sites that hope to shed some light on the concerns of privacy advocates, and on the issues that every connected citizen in the digital age needs to be aware of. Take a look!

http://www.w3.org/P3P/

The official Platform for Privacy Preferences project [P3P] Web site is maintained by the W3C, the governing body that formulates various standards related to the World Wide Web. The P3P project allows Web sites to express their privacy policy to users in a standard manner; it also ensures that the various clients used by Web site visitors are able to determine the privacy policy of the sites automagically.

The interesting part about this project is that privacy policies are also stored in machine-readable format which allows Web browsers to automatically understand the privacy policy of a site, and take a decision for the visitor on the basis of his/her personal preferences.

http://www.epic.org/

EPIC is the Electronic Privacy Information Centre, a public interest research center in Washington, D.C., which was established in 1994 to bring into focus the online community’s right to privacy. The Web site of the organization has a plethora of links to help users understand the concept of privacy, and the issues involved in protecting oneself on the Web.

The site also keeps users updated on privacy news, including cases filed by people for privacy violations. A number of online guides and practical privacy tools are included, and cover topics like encryption programs, anonymous remailers, and anonymous Web browsing. The Web site also has excellent archives and articles on computer security, cryptography policies, free speech, and freedom of information laws.

http://www.truste.org/

You’ve probably seen the banner on your favourite e-commerce site - “Rated By TrustE!”. But who’s TrustE when it’s home?

TrustE is an organization which helps Web sites to formulate their privacy policies, and clearly brief visitors about how the information collected from them will be used. It’s goal is to ensure that the Web site visitor knows “how the information will be used, with whom it will be shared, who is gathering the information, what options the user has, what security procedures are in place to prevent misuse or loss and how users can correct information to control its dissemination”.

Periodic reviews by TrustE’s independent evaluators ensure that affiliated Web sites do not violate the privacy policy, and that users are assured of the confidentiality of their personal information.

http://www.eff.org/

The Electronic Frontier Foundation is an organization focusing entirely on the issues related to the protection of civil liberties in cyberspace. Packed with interesting articles and opinions on the rights and responsibilities of the modern cyber-citizen, the EFF Web site is recommended for everyone with a keen interest in the politics of the Information Age. Users are invited to support the EFF’s various campaigns, and the site also includes an archive of information of encryption, electronic surveillance, and freedom of speech.

http://www.pgp.com/ http://www.pgpi.org/

The encryption program that started it all, PGP is now considered the de facto standard for data protection. Freely available, this packages supports RSA encryption algorithms, encrypted and signed email, and secure client-to-client connections. While the program was initially available only within the United States due to federal export restrictions on cryptographic software, an international version with weaker encryption is now available to users in other countries. The site also has documentation, tutorials, FAQs, and links to related Web sites

http://www.anonymizer.com

This Web site offers a wide range of services designed to let users surf the Web without disclosing too much information about themselves. Using the premium and free services offered by the site, users can prevent unauthorized parties from viewing their personal information.

Programs like the Anonymizer Window Washer allow users to wipe their tracks by clearing their browser’s cache, cookies and document list, while Anonymizer Email allows users to send mail out without being identified. http://www.myprivacy.org/

A novel effort by a firm named PrivaSeek Inc, MyPrivacy.org aims to create a user-friendly service designed to allow Web surfers to centralize their personal preferences at one single Web site. The firm hopes to partner with major Web sites, and help them honour user preferences regarding online personalization. In this manner, the site ensures that Netizens are in complete control of their personal information whenever they visit affiliated Web sites. The end goal: “to make the Web experience simple, safe and secure”.

http://www.stack.nl/~galactus/remailers

A simple site that comprehensively deals with the three burning issues confronting privacy advocates - anonymity, privacy and security. Each section has loads of information on its subject, and teaches users how to secure their privacy when surfing the Web. In particular, the section on anonymity includes instructions and explanations of how to be anonymous on the Web, with tools like pseudonymous servers and Mixmaster remailers.

Hopefully, these sites should help you understand some of the issues and controversies surrounding online privacy. And while you’re generating your own one-terabyte PGP key, we’ll leave you with a thought from Andy Grove, the head of Intel, who postulated that “only the paranoid survive”…

Darwin would roll in his grave if he heard that ;-)

This article was first published on 19 May 2000.