So many of the Web’s most popular services—e-mail and search as well as photo and video sharing—may be free, but that doesn’t mean they come without a cost. That price is information about the people using those services as well as their online behavior—intelligence that Facebook, Google, Microsoft and other Internet companies exchange for advertising revenue. The trade-off of privacy for free services is generally acceptable to most Web users, who are used to incessant advertising—and at times even benefit from personalized attempts to sell them products and services.
The darker side of bartering in personal data, however, is that Web users lose control over who has access to their information, which is often shared well beyond the scope of their original understanding. Google uses automated scanning to filter spam and deliver targeted advertising to its Gmail users, claiming they have “no expectation of privacy” when using its free e-mail service. Facebook, meanwhile, recently settled a $20-million class action settlement following a lawsuit over the social network’s lucrative "Sponsored Stories" program that shares users' "likes" of certain advertisers with friends without paying them or allowing them to opt out.
In addition to nuisance ads, unsolicited e-mails and unintended endorsements, this oversharing creates other, more serious threats to privacy, says Seth Schoen, senior staff technologist with the Electronic Frontier Foundation (EFF). Personalized ads could reveal to others a Web user’s sensitive or embarrassing medical condition, particularly if that user shares a computer with others or surfs the Web in a public place. “The better the ad personalization gets, the more significant those consequences could be,” Schoen adds.
Information collected via the Web could also be problematic for a person during legal proceedings. A lot of people don’t realize that subpoena power in civil cases is broader than it is in criminal cases, Schoen says. Internet service providers (ISPs) and other companies doing business on the Web can be forced to turn over most information they have about their users or customers as part of a lawsuit such as an employment dispute or divorce.
Another threat to privacy involves how well Web companies entrusted with their customers’ personal information secure that data from being lost or stolen and used to steal a person’s identity. The Privacy Rights Clearinghouse, a nonprofit that tracks data breaches, reports that nearly 1.8 million data records have been lost or stolen this year from businesses, government agencies and health care facilities. “The risk comes simply from the companies collecting and storing personal information, and it’s not a very unlikely or hypothetical concern,” Schoen says.
Despite this bleak outlook for privacy, there are tools available to Web users designed to protect personal information from prying eyes. None of these tools alone ensures complete privacy or protection from cyber snooping, but they do offer a way to trim the data trails that curtail one’s privacy.
E-mail, social networks and other online services often request contact and payment information when users sign up. There are no rules, however, that prevent users from disguising their actual e-mail addresses, phone numbers and credit card numbers as a privacy precaution. Abine, Inc., offers a Web browser plug-in for Firefox and Google Chrome called MaskMe that gives people the ability to create aliases for this type of personal information.
The free version of MaskMe creates an alternate e-mail address whenever a Web site asks for a user’s e-mail. E-mails from that site can be accessed via a MaskMe in-box or forwarded to a user’s regular e-mail account. The “premium” version of MaskMe—$5 per month—enables masked phone numbers, credit cards and access to the MaskMe iOS and Android apps, which let users view info about their Abine accounts from their mobile devices.
Abine’s other services include DoNotTrackMe and DeleteMe. The former is a plug-in that prevents Firefox, Internet Explorer, Chrome and Safari browsers from sharing user information with data-collection companies. DeleteMe is a subscription service that removes personal information from the largest people search databases—also known as “information brokers”—on the Web, including Spokeo.com, Intelius.com and WhitePages.com, says Andy Sudbury, Abine co-founder and chief technology officer.
Web browsers store the information about browsing sessions—including pages visited as well as documents and images downloaded—in temporary cache memory to speed up the Web browsing experience. These pieces of info, however, remain available for anyone else subsequently using that same computer. Most popular browsers—including Safari, Chrome, Internet Explorer, Firefox and Opera—now feature some type of “private” mode that prevents the browser from storing information about browsing sessions.
Schoen points to private browsing as a very useful tool but notes that it has very specific limitations. “The purpose of private browsing mode is to avoid leaving a history of one's browsing in the browser history on the computer you were using—to prevent other people who also use that computer from seeing what you were doing,” he says. Private browsing, however, has no effect on the data that's transmitted over the Internet. Even when a browser is in private mode, an ISP will still know when and where it customers went online as well as the sites they visited. Likewise, those sites will retain any information they obtained from users during those visits.
More than a decade ago, the U.S. Naval Research Laboratory initiated The Onion Routing project—now referred to simply as Tor—to develop software for preserving one’s privacy while using the Web. “Onion routing” refers to the practice of encasing data and its routing instructions in multiple layers of encryption, making it more difficult to trace a user’s Internet activity.
Tor, which the EFF funded for a few years before privacy-promoting nonprofit The Tor Project took over stewardship of the work in 2006, includes a browser that routes users’ Web surfing activity through a network of relays run by volunteers worldwide, a process that makes it difficult to pinpoint a particular user’s location. Tor Browser, which is actually a modified version of Firefox, essentially anonymizes the origin of Web traffic by encrypting communications inside the Tor network.
The Tor Project counts former National Security Agency whistle-blower Edward Snowden and Wikileaks founder Julian Assange as two of its most high-profile supporters. Still, Tor Browser’s design limits its speed and certain conveniences offered by less secure browsers. The use of different nodes in the Tor Network to promote anonymity, for example, can slow data transmissions. In addition, data is decrypted once it exits the Tor Network, leaving it vulnerable to eavesdroppers at that point.
In a move to make greater use of HTTPS (or Hypertext Transfer Protocol Secure) to protect communications over the Web, the EFF partnered with The Tor Project to create HTTPS Everywhere as a plug-in for Firefox and Chrome. HTTPS Everywhere automatically activates HTTPS encryption for all areas of a site that support this protocol. Some sites, including the New York Times, allow HTTPS for text but not images, which means someone might be able to determine which images a browser loads when visiting nytimes.com.
Pretty Good Privacy (PGP) e-mail encryption software, meanwhile, prevents even a web-mail provider from reading its customers’ messages, although it requires users manually create, manage and exchange cryptography keys. For instant messaging, Off-the-Record Messaging (OTR) encrypts conversations to keep them confidential between parties, although not all IM providers support OTR.
Encryption tools are generally effective for keeping prying eyes from reading e-mails, instant messages and other content sent to and fro. One caveat is these tools do not prevent law enforcement, ISPs and others from determining who is communicating, when and from what location—information that may be as sensitive as the messages themselves.
Data storage services from Amazon, Apple, Dropbox and others can house gigabytes of data in “the cloud” that users can access from a variety of devices, including PCs, tablets and smartphones. Unfortunately, existing privacy laws—in particular the 1986 Electronic Communications Privacy Act—have not caught up with today’s electronic communications. That law considers information including e-mails “abandoned” and available to law enforcement if they are stored for more than 180 days on a service provider’s server.
So-called “host-proof” data storage services have emerged in recent years to provide an added layer of security to stored information. Apple iCloud and Dropbox, for example, encrypt customer data while it is uploaded and stored on the companies’ servers. Host-proof providers such as SpiderOak and Wuala encrypt customer data on the customers’ computers before—as well as during and after—the data are uploaded to the cloud. The idea is that the host cannot read the data it stores, making it less liable to turn over data to law enforcement when they come calling (although it remains to be seen how this will work in practice).