Internet privacy


It is a common assumption by Internet users that their online activities are private and, to an extent, anonymous. This is not the case. A user's Internet Service Provider (ISP) has the power to monitor and log all traffic; including the websites that they access, the emails that they send, the newsgroups that they read, and even the search terms that they type into Google. To a lesser extent, even the websites that a user visits have access to a surprising amount of information regarding their browsing habits. Technology being introduced by the top three UK Broadband providers (Phorm & Webwise) under the guise of targeted advertising, with the side benefit of 'Phishing Protection', extends this ability to machine reading of all unencrypted traffic sent or received by a web browser. The technology involved, if reconfigured, has the ability to machine read all unencrypted data, including email and documents, passing over a Broadband subscribers connection to the Internet.

Problem Areas

The major obstacles to online privacy, and some methods to overcome them, are summarised in the following sections.

  • Search Engine history
  • Sale of personal contact information
  • Workplace monitoring
  • Spyware

Search Engine history

There have been numerous examples of search engines disclosing records of users' searches. Google, by far the most popular search engine today, maintains both records of IP addresses and a long-term "cookie" that records an individual's searches for up to several years[1]. Although this data is not immediately associated with a user's name, the information stored by ISP's and websites allows for easy linking of an individual to their stored search records, with potentially serious consequences. The most famous example of such a case was the detention of Shi Tao[2], a Chinese journalist, who was imprisoned for 10 years due to email logs disclosed by Yahoo!.

  • Google's Chinese launch [3]
  • ZDnet FAQ: When Google is not your friend [4]
  • Open Democracy: Some Grown-up Questions for Google [5]
  • BBC: Google defies US over search data [6]

Sale of personal contact information

Many websites require registration before they grant access to their full range of services. For some websites, the stored and collated information of their users is a valuable source of income. Advertising firms purchase databases of valid email addresses in order to target their advertising most efficiently; the agreement for users' data to be used in this way is often included in the extensive small print that users must click through when registering with a website.

User information from websites may also leak into the "black market" of email databases that are bought and sold by spammers, who are willing to pay for guaranteed valid email addresses as a target for unsolicited advertising. Due to the nature of email address databases, and the low likelihood of the dishonest website owner being caught, it is almost impossible to guarantee that email addresses given to a website will not be used for such purposes.

Workplace Monitoring

Workplaces are increasingly monitoring the online activity of employees. Management Issues report that more than a third of large companies in the US and the UK have gone as far as to hire staff to snoop on outbound emails for leaks of confidential information or content that can pose real legal, financial and regulatory risks. Such companies face legal danger for breaching privacy laws says IT Week. "Legal experts warned that failure to ensure employees are aware of email checks could risk breaching a number of laws, including Lawful Business Practice Regulations, the Data Protection Act and the Human Rights Act."


Increasingly, software is being deployed that installs itself on users' systems in order to report on their online activities. Such software may be designed by large companies in order to gather information for the purposes of advertising, or may be spread by malicious hackers in order to sniff users' passwords and other data. These programs are sometimes installed via illegal "trojan horse" programs that spread by email or instant messages, or may be silently included alongside otherwise legitimate software.

Even in the absence of such programs, websites often use long term "tracking cookies" in order to maintain profiles of users. (Cookies are small files downloaded onto the users' computer via the web browser that provide a website with a unique identifier for each user. These files are read each time a user accesses the website, and are used to maintain login details or history information.)

Spyware can often be detected and removed by one of the increasing number of anti-spyware tools, such as the free Spybot.

What can I do to protect my privacy on the internet?

There are several ways to protect your privacy online. We will look at the following:

  • Browser Choice
  • Registration Awareness
  • Cookie Awareness
  • Social Networking Sites
  • Anonymising Proxies

Browser Choice

The majority of users access the web using Microsoft's Internet Explorer, which has been criticized in the past for its poor security and privacy record. Although the latest version of Internet Explorer has made improvements in these areas, many users advocate the usage of free alternative browsers such as Firefox or Opera, which are often considered to be superior in protecting users' security and privacy.


Firefox is developed through the collaboration of hundreds of volunteer programmers across the Internet, and has become a popular alternative to Internet Explorer. Another advantage of Firefox is its extensive library of "add-ons" that improve and extend the browser's functionality, of which there are several privacy orientated extensions.


Opera is a closed source browser predating Firefox, and aims to support strict web standards. Although Opera does not support "add-ons" like Firefox, it tries to pack as many necessary features out of the box, but does support "Widgits" and UserJS scripts. Opera's standards support is often seen to be higher than Firefox, and patches issued routinely, however Firefox contains the larger community and market-share.

Registration Awareness

Many websites now require users to register before being granted full access to the site. This typically involves supplying a name, email address and password. For such sites it is advisable to maintain a secondary email account that is used solely for web site registrations. As an email address used for website registrations inevitably attracts spam emails, this approach allows for a measure of protection for a primary, personal account. Free services, such as Google's [ GMail] and Microsoft's [ Hotmail] allow easy registration of such throwaway accounts.

It goes without saying that users should be careful what information is given out to websites. Many registration forms encourage users to fill in as much information as possible, but will have a smaller amount of "required" information. Filling in only the required fields in registration forms is advisable for preserving privacy.

Cookie Awareness

Cookies are unique identifiers that web sites place on a user's computer, and are used to maintain persistent information regarding that user's activities on the site. Cookies are kept in a file accessible to your browser, and may be accessed by websites in order to preserve login information and a history of activities.

For privacy, a major concern is that websites often maintain "persistent cookies" that may last for years. If such a cookie is stored on a user's computer, they will be preserved even if that user changes their ISP or upgrades their browser. Whilst cookies have valid uses, such as maintaining login information for sites that require registration, other websites make use of them to profile users.

Learn more about disabling cookies.

Social Networking Sites

One of the most widespread trends on the Web is the rise of social networking sites such as MySpace and FaceBook. These sites allow registered users to maintain social contacts with their friends, to communicate, to arrange events and to share photographs. From the point of view of privacy, such sites are clearly a grave concern. Many users are surprised to learn that the details of their lives that they upload are easily viewed by others, including those for whom the information may not have been intended.

It is already the case that employers are beginning to research their future employees online, and University students are finding that their actions are subject to the scrutiny of their institution [7]. Of concern is the fact that a user may find their activities recorded not by themselves, but by their acquaintances. The increasing adoption of social networking sites means that this trend is set to become of greater importance in the future.

For such sites it is necessary to consider the nature of all potential viewers. Users will increasingly come to learn that very little information uploaded to the Internet, even when behind nominally "private" account restrictions, remains inaccessible.

Anonymising Proxies

Web browsers communicate with websites through a protocol known as HTTP. This protocol was designed for the efficient transfer of text data, without initial concerns as to security or privacy. As such, web browsing can reveal a wide range of information about a user's computer, the previous websites that they have visited and even their location: there exist databases that map computers' unique IP addresses to geographical locations, albeit with a relatively low accuracy.

A simple way to decrease this leakage of information is by passing all connections through a second computer: a proxy. In this scenario, all requests from a user's computer are passed through another computer running special software; this prevents websites from learning the location of the user.

Standard proxies obscure only the address of the user's computer and cannot prevent the sending of cookies or registration details. Additionally, a skilled attacker can "see around" the proxy. For this reason, a number of anonymising proxies have been developed in order to provide concerned users with higher levels of both anonymity and privacy.

The most widespread anonymising tool is Tor, funded by the Electronic Frontier Foundation. This makes use of a volunteer-run network of specially designed proxies that prevent a user's computer being traced. Tor is typically used in combination with Privoxy, a special piece of software that ensures that cookies and other identifying information are automatically stripped from all web traffic. This technical solution is the current "state of the art" in maintaining online privacy.




Workplace monitoring


2008-02-10 - The Financial Times - EU to act over online privacy
Author: Maija Palmer
Summary: European privacy regulators are set to impose tighter restrictions on the way search engines such as those of Yahoo and Microsoft keep customer data. Peter Schaar, Germany's federal data protection commissioner and chairman of the Article 29 working party that advises the European Union on privacy policy, told the Financial Times that the search engines were keeping data too long.
2008-02-04 - BBC News / Technolgy - Are the watchers being watched?
Author: Bill Thompson
Summary: MPs can't complain that they are being watched on the internet, as there is no obvious way to screen their communications out from those of everyone else. Almost 800 bodies are allowed to access communication traffic data in the UK, and in the first nine months of 2007 over 250,000 requests were made for such data.
2007-09-14 - ZDNet - Google proposes global privacy standard
Author: Elinor Mills
Summary: While Google is leading a charge to create a global privacy standard for how companies protect consumer data, the search giant is recommending that remedies focus on whether a person was harmed by having the information exposed. Google's proposal is scheduled to be presented by Peter Fleischer, Google's global privacy counsel in a speech on Friday in Strasbourg, France, at Unesco's meeting on ethics and human rights. He briefed reporters on Thursday.
2007-09-14 - Guardian - Google urges UN to set global internet privacy rules
Author: Bobbie Johnson
Summary: Google, the world's leading search engine, is calling on the United Nations to help protect the privacy of web surfers around the world before the internet faces a crisis of confidence. The dotcom company's privacy chief, Peter Fleischer, will address a conference in Strasbourg of the UN Educational, Scientific and Cultural Organisation (Unesco) today and ask for governments and businesses to agree on international privacy standards. Mr Fleischer said the rise of the internet meant that vast amounts of information were being shipped around the globe, often to countries with no official data protection. Without a new set of rules to apply worldwide, surfers could lose confidence in the internet and hamper its development, he told the Guardian.
2007-03-15 - Wired - Yahoo Betrayed My Husband
Author: Luke O'Brien
Summary: The story of Wang Xiaoning, an internet writer who was jailed partly due to information Yahoo passed on to the Chinese government, and the story of his wife, who now entered the US to hold Yahoo accountable for their complicity.
2007-03-15 - BBC - Privacy bodies back Google step
Summary: Privacy bodies have welcomed Google's decision to anonymise personal data it receives from users' web searches. The firm previously held information about searches for an indefinite period but will now anonymise it after 18 to 24 months.
2007-03-15 - ZDNet - Google tightens up search privacy
Author: Elinor Mills
Summary: Data-retention changes will make it harder to tie searches to individual computers, but privacy experts say more could be done
2007-03-15 - The Guardian - How long should Google spy on you?
Author: Jack Schofield
Summary: ... Google has now come to recognise that it isn't necessarily to keep all these records forever. ... Thankyou, Google: that represents a very welcome advance. ... Thankyou, Google: that represents a very welcome advance. However, 18-24 months still sounds far too long to me. Frankly I don't believe that two years' personal data delivers any significant benefit for users over three months.
2007-03-14 - The New York Times - Google Changes Policy on Search Records
Author: Miguel Helft
Summary: Web search companies collect records of the searches people conduct, a fact that has long sparked fears among privacy advocates and some Internet users that this valuable personal data could be misused. Now Google is taking a step to ease those concerns. The company keeps logs of all searches, along with digital identifiers linking them to specific computers and Internet browsers. It said on Wednesday that it would start to make those logs anonymous after 18 to 24 months. Under current practices, the company keeps the logs indefinitely.
2007-03-14 - Google Blog - Taking steps to further improve our privacy practices
Author: Peter Fleischer, Privacy Counsel-Europe, and Nicole Wong, Deputy General Counsel
Summary: When you search on Google, we collect information about your search, such as the query itself, IP addresses and cookie details. Previously, we kept this data for as long as it was useful. Today we're pleased to report a change in our privacy policy: Unless we're legally required to retain log data for longer, we will anonymize our server logs after a limited period of time. When we implement this policy change in the coming months, we will continue to keep server log data (so that we can improve Google's services and protect them from security and other abuses)—but will make this data much more anonymous, so that it can no longer be identified with individual users, after 18-24 months.
2006-11-09 - The Guardian - Google stands up to White House in row over privacy on web
Author: Bobbie Johnson
Summary: The head of the internet search engine Google has vowed to protect the privacy of web surfers against the US government.
2006-08-30 - The Register - Guidelines needed to protect anonymity
Author: Mark Rasch, SecurityFocus
Summary: In early August, officials at America Online released information about searches being conducted by AOL members and users of the AOL search tool. This historical data was released onto the internet by several AOL officials to demonstrate how useful such data could be for tracking patterns, uses and interest of AOL members.
2006-08-28 - The Guardian - They know all about you
Author: Andrew Brown
Summary: Every time you use an internet search engine, your inquiry is stored in a huge database. Would you like such personal information to become public knowledge? Yet for thousands of AOL customers, that nightmare has just become a reality.
2006-08-23 - The New York Times - Researchers Yearn to Use AOL Logs, but They Hesitate
Author: Katie Hafner
Summary: When AOL researchers released three months’ worth of users’ query logs to a publicly accessible Web site late last month, Jon Kleinberg, a professor of computer science at Cornell, downloaded the data right away. But when a firestorm over privacy breaches erupted, he decided against using it.
2006-08-22 - The New York Times - AOL Acts On Release Of Data
Author: Tom Zeller
Summary: AOL announced the resignation of its chief technology officer yesterday, two weeks after the company came under intense criticism from privacy advocates for releasing hundreds of thousands of its customers' Web search queries. An AOL researcher who put the queries online and a manager overseeing the project were dismissed
2006-08-22 - The Register - AOL CTO resigns over privacy 'screw-up'
Author: John Oates
Summary: AOL's chief technology officer has resigned and two other staff members have been sacked following the release of half a million subscribers' search terms.
2006-08-22 - ZDNet - Qwest calls for mandatory data retention laws
Author: Declan McCullagh
Summary: Broadband company Qwest Communications International on Tuesday strongly endorsed federal legislation requiring Internet providers to keep records of their customers' behavior, a move that could accelerate efforts in Congress to enact new laws. Jennifer Mardosz, Qwest's corporate counsel and chief privacy officer, applauded efforts by politicians to force broadband providers to engage in so-called "data retention,"
2006-08-22 - ZDNet - AOL axes staff over privacy breach
Author: Elinor Mills and Anne Broache
Summary: Two AOL employees have been fired, and its chief technology officer is resigning, after the release of Web search data from thousands of AOL members prompted widespread criticism of the company.
2006-08-22 - PC World - The Elusive Search for Privacy
Author: Tom Spring
Summary: AOL's accidental release of the search queries of 650,000 subscribers underscores the growing stakes when it comes to digital privacy. ... On August 14, the Electronic Frontier Foundation filed a complaint against AOL with the Federal Trade Commission. The complaint alleges that AOL violated federal laws prohibiting "deceptive trade practices" when it released the search data.
2006-08-21 - Washington Times - Three leave in AOL breach
Summary: AOL's chief technology officer left the Sterling, Va., company and two other employees were fired in the aftermath of a privacy breach that involved the intentional release of more than 650,000 subscribers' Internet search terms.
2006-08-21 - New York Times - AOL Moves to Increase Privacy on Search Queries
Author: Tom Zeller
Summary: AOL announced the resignation of its chief technology officer yesterday, two weeks after the company came under intense criticism from privacy advocates for releasing hundreds of thousands of its customers' Web search queries. An AOL researcher who put the queries online and a manager overseeing the project were dismissed
2006-08-08 - The Register - AOL apologises over search data 'screw-up'
Author: John Leyden
Summary: AOL regrets publishing the search logs of 658,000 US users on a research website. The data was anonymised and covered only around 20m search queries of users of its client software. But it set off an internet firestorm of criticism.
2006-06-07 - PC Pro - Third of UK companies snoop on employee email
Author: Steve Malone
Summary: Over a third of British companies regularly snoop on their employees' email fearing that it may contain inappropriate or confidential information. As a result a third of companies say they have fired an employee over email misuse and 70 per cent say they have disciplined staff members.
2006-06-06 - ars technica - Google: we compromised our principles
Author: Eric Bangeman
Summary: Although Google's informal corporate motto is "Don't be evil," the "different kind of company" has found itself the target of criticism for some of its actions. Most notable is its decision to capitulate to censorship demands made by the Chinese government in order to secure a web address and operate freely in the country. Google co-founder Sergey Brin says that the company may ultimately decide to bail out of the Chinese market if it becomes too uncomfortable with the way things are going there. Saying that the Chinese government insisted on "a set of rules that we weren't comfortable with," Brin described Google's decision to set up shop in China as a difficult one that "compromised its principles."
2006-04-20 - ars technica - Yahoo! implicated in a third Chinese dissident jailing
Author: Anders Bylund
Summary: Reporters sans frontières (Reporters Without Borders), a Paris-based organization defending freedom of the press worldwide, just released Chinese court documents translated to English (PDF), showing Yahoo! playing an instrumental part in the arrest of a Chinese dissident. It's the third case of this type RSF has been able to unearth, all pointing out Yahoo! Mail as the instrumental piece that led to the arrests.
2003-06-12 - The Guardian - Code on 'spying' on staff emails
Author: Clare Dyer
Summary: Employers must inform staff in advance if they plan to monitor their emails, phone calls and internet use, the information commissioner, Richard Thomas, warned yesterday.
2003-06-12 - The Guardian - New limits may allay fears on snooping
Author: David Pallister
Summary: The Home Office sought yesterday to allay fears of a Big Brother state with the publication of a consultation paper which proposes to restrict the number of officials who can access communication data.

Recommended Reading

The Unwanted Gaze by Jeffrey Rosen

The Digital Person by Daniel J. Solove

No Place to Hide by Robert O'Harrow Jr

Beyond Fear by Bruce Schneier

Database Nation by Simson Garfinkel

Ben Franklin's Website by Robert Ellis Smith

Chatter: Dispatches from the Secret World of Global Eavesdropping by Patrick Radden Keefe

The Future of Reputation by Daniel J. Solove

Privacy on the Line by Whitfield Diffie and Susan Landau

The Intruders by Samuel Dash

The Transparent Society by David Brin

The Search by John Battelle

Computer Privacy Annoyances by Dan Tynan

Privacy Lost by David Holtzman

The File by Timothy Garton Ash

Beyond Our Control: Confronting the Limits of Our Legal System in the Age of Cyberspace by Stuart Biegel

Information Technology Law by Ian J. Lloyd

Human Rights in a Digital Age Edited by Mathias Kling and Andrew Murray

Privacy and Human Rights: An International Survey of Privacy Laws and Developments (2002 -2006) by Privacy International and the Electronic Privacy Information Center