---------------------- multipart/related attachment
--=-IY7n8w/MPFPYTN9PGkPe
Thanks to Richard Pitt for the following learned dissertation about
INTERNET Privacy. Richard is the webmaster for the CENTA.COM site. He
and his partenr Stuart Lynne have the honour of being the first
commercial ISP (Internet service Provider) in Canada started back in
1986. An afficiando will recognize WIMSEY.COM and the original internet
people's addresses such as [email protected] (Ken Bell was the Business
Editor a the Province Newspaper) or [email protected] when Mark Schneider
would sign off on BCTV. Read on. - Oh by, the way; I have asked that
the whole article be right here rather than the common method of putting
a teaser paragraph here and you click on it to go to the actual article
on the main server. That is what started the whole thing because if you
pass on the note, someone else clicks on to our website with a fixed IP
address and we know who they are or can set it up so that we know who
they are by trapping their address when they hit the site.
Thanks Richard - You can get hold of richard directly by calling him at
604 644-9265 or emailing him at [email protected].
Oh, and good luck in 2004. Happy New Year, Season's Greetings and all
that Jazz!
david ingram
An Introduction to
Internet/Computer Privacy Invasion
(or how they figure out who is a "live" one)
My friend David Ingram sent me an e-mail yesterday (December 28) to
which I replied, including the original message. He phoned me a few
minutes later and asked whether I'd actually seen the image he'd sent me
in the original e-mail as it was not in the reply.
I explained to him that, since the form of the original e-mail was from
a web site and all he'd done is tell them who to send it to, the image
was not in the message - it came from the original web site. My e-mail
software strips HTML image URLs and simply puts "[image]" into such
replies. His original had actually come from a web site he had been
visiting - "Email to friend" (along with a brief explanation - they even
make it look like it came from you.)
I also said that because my system knew who the mail was from (his
e-mail address) I did in fact see the picture and the rest of the
graphics, but if the From address had not been one I'd saved in my
"Contact" list, I probably would not have seen them as I had set my mail
software to not load remote links in HTML mail in such a case. While
David's been using e-mail since the early 80s, he didn't realize that
the fact that I'd viewed e-mail could be tracked by the original web
site.
This got us to talking about all the various ways the "bad uglies" out
there take advantage of unsuspecting people to track and analyze who
does what and whether their techniques are working. Since I'd sent out a
"rant" about electronic greeting cards to my Christmas e-mail list this
year about a similar problem, he's asked me to write a column for his
CEN-TAPEDE newsletter. I'm going to concentrate on the "legitimate"
businesses in this article; the ones that are household names or part of
legitimate physical businesses. These include "free" e-mail sites,
greeting cards, search engines, information sources (newspapers,
magazines, etc.) and your favourite e-mail lists as a short but by no
means exhaustive list of candidates.
Some of what I'll discuss is not just about the Internet - it is about
the use of computers in general to track what you do, what you purchase,
where you go, etc. Some of the discussion may split off into a separate
article but for now, here it is.
It is even more appropriate to talk of this subject now since as of
January 1, 2004, Canada has a new privacy law that applies to the
subjects we're discussing.
Internet Marketing 101
The first thing to understand about the world in general and the
Internet in particular is TANSTAAFL, an acronym made famous by Robert
A. Heinlein in his book "The Moon is a Harsh Mistress." (page 129 in my
pocketbook version.) In the words of his character, Mannie, "Oh,
'tanstaafl.' Means 'there ain't no such thing as a free lunch'. And
isn't," ...pointing to a FREE LUNCH sign across the room, "or these
drinks would cost half as much. Was reminding (her) that anything free
costs twice as much in long run or turns out to be worthless."
In the pre-Internet/pre-computer world most of us figured out how the
marketing droids manipulate us into telling them about ourselves so they
can barrage us with advertising meant to part us from our hard-won
dollars. We know that if we fill in that "free draw" card at our local
supermarket we're likely to get an offer from the local fitness center
or vacuum salesman, probably by phone and probably at dinner time; but
we fill it in anyway because there's a chance we might win and we can
always tell the phone-droid to "f$%&-off." Of course they can also just
send us "junk mail" to the address we've handily given them because they
know we wouldn't lie or we couldn't collect the prize if we won.
Over the past ten or so years this (fill in the free offer card) style
of getting information about you has been extended to, and in many ways
perfected, using computers and the Internet. Today most people don't
even know that they are leaving valuable information behind in their
journey through Cyberspace.
Purchasing Habits for Sale
The massive growth in the capabilities of computers and their storage
systems has meant that records of every single purchase transaction
you've made using something that identifies you can be (and has been)
tracked. It started with the credit card companies and the big chain
stores with their automated cash register systems. Prior to the
automation, the transactions were only tracked for cash audit purposes
using the "audit" tape (second roll in the cash register, kept for the
tax and corporate auditors so they could track fraud and theft) so were
not easily analyzed for anything but the totals and tax. Even at the
beginning of the credit card revolution, the use of the "flimsy" card
slip meant difficulty in after-the-fact purchase analysis other than
dollar amounts vs. month, or at best week, since the retailer deposit
and card-issuer data entry cycle was up to 10 days.
Today however, you pass the clerk your card and in many cases either
they scan it solely with the store's cash register, which is hooked
directly to the credit card company, or they scan it twice - once for
their own records and once to actually deal with the money transaction
(watch out if they scan it three times - the extra may be for fraud).
You don't really think they need your card number in their system for
security purposes do you? Of course not - the card company indemnifies
them as soon as the card is validated online and they don't even need
your signature anymore the way the systems are set up (did you sign the
last gasoline purchase made at the pay-at-the-pump outlet?) Matched with
the record of SKUs (stock keeping units - the number on the item - the
bar code number, etc.) these make an incredibly informative record of
what you and the rest of their customers purchase.
Now admittedly, most of the credit card companies don't like them
tracking your name from your credit card number, but just the fact that
they know that 4503....... comes in each month and spends an average of
$100 in the tool department is useful. The major department stores that
run their own credit cards don't even have to worry about tying the
number to a name (and address, phone number, etc.) since you gave them
that and the right to use it when you signed up for the card. Gee, how
did they know I'm a tool junkie - they're always sending me flyers for
their next tool sale?
For those stores that don't run their own credit cards (and even for
those that do since many of them will accept other cards as well and
they want to track Everything!) the "affinity card" was invented. It
started out with those little "stamp" cards you'd get from a retailer
every time you purchased a pound of coffee or some other commodity. You
kept coming back so you'd eventually get your "free" pound.
It progressed to things like the "Air Miles" (www.airmiles.ca) card
which the retailers who couldn't afford to run their own credit cards
buy into in return for accurate purchasing statistics on the customers
who use such a card. We get "free" air miles we can use to go for a
holiday - eventually.
With the increasing use of standardized computers and networking in
stores, even small stores and chains could afford to add their own
affinity program - starting with the food stores and working out to all
the rest of the commodities. It has gotten to the point where
personally, I get a backache from the size of my wallet due to the
number of such cards I'm expected to carry. I'm pushing back but that is
for another section.
Browsing/Viewing Habits for Sale
The same things done in the retail trade apply in spades in the world of
the Web. Not only do the e-commerce vendors know what you bought (or
though about buying), they know which pages you visited, how long you
were there, and what advertising and other stuff you had in front of you
prior to your choice. It's kind of like the local food store having a
GPS system on your shopping cart hooked to a TV camera that watches you
as you shop - and tracking your progress through the store. Note that
you might in fact have been subject to such a survey unobtrusively as
someone watched you either in person or over closed circuit TV. If
matched to your credit card or affinity card information at the
checkout, they would even know who you were. Most stores don't do this
very often because it costs quite a bit - but web sites keep the
information as a matter of course since it is generated as part of the
process of handing you the pages you view!
host213-122-57-44.in-addr.btopenworld.com - - [28/Dec/2003:12:44:24
-0800] "GET /icons/camoglaze.jpg HTTP/1.1" 200 1443
"http://www.mystae.com/reflections/vietnam/proudmary2.html" "Mozilla/4.0
(compatible; MSIE 6.0; Windows NT 5.1;
)" www.mystae.com
hsdbrg64-110-224-169.sasknet.sk.ca - - [28/Dec/2003:12:44:26 -0800] "GET
/restricted/streams/scripts/machine.html HTTP/1.1" 200 24433 "-"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.0.3705)"
www.mystae.com
hsdbrg64-110-224-169.sasknet.sk.ca - - [28/Dec/2003:12:44:26 -0800] "GET
/icons/bluebg.jpg HTTP/1.1" 200 4088 "-" "Mozilla/4.0 (compatible; MSIE
6.0; Windows NT 5.1; .NET CLR 1.0.3705)" www.mystae.com
hsdbrg64-110-224-169.sasknet.sk.ca - - [28/Dec/2003:12:44:26 -0800] "GET
/icons/hr.jpg HTTP/1.1" 200 2542 "-" "Mozilla/4.0 (compatible; MSIE 6.0;
Windows NT 5.1; .NET CLR 1.0.3705)" www.mystae.com
hsdbrg64-110-224-169.sasknet.sk.ca - - [28/Dec/2003:12:44:26 -0800] "GET
/icons/zulubg.jpg HTTP/1.1" 200 3393 "-" "Mozilla/4.0 (compatible; MSIE
6.0; Windows NT 5.1; .NET CLR 1.0.3705)" www.mystae.com
hsdbrg64-110-224-169.sasknet.sk.ca - - [28/Dec/2003:12:44:26 -0800] "GET
/icons/amazon7.gif HTTP/1.1" 200 2443 "-" "Mozilla/4.0 (compatible; MSIE
6.0; Windows NT 5.1; .NET CLR 1.0.3705)" www.mystae.com
hsdbrg64-110-224-169.sasknet.sk.ca - - [28/Dec/2003:12:44:26 -0800] "GET
/icons/yline.gif HTTP/1.1" 200 419 "-" "Mozilla/4.0 (compatible; MSIE
6.0; Windows NT 5.1; .NET CLR 1.0.3705)" www.mystae.com
Section of the log from our web server generated as I write this.
Shows the address of the requestor, what they asked for, what browser
they're using and what operating system even, as well as time and date
The logs can even track what site you visited before you come to the one
you're viewing. This can include what search criteria you used at your
favourite search engine. All of this can be analyzed and served up as
statistics in aggregate or even individual by individual (although
that's not typical on a busy site - just too much detail). We do this
for David's own site www.centa.com so that we can judge what are the
"hot" topics as time goes by. Of course we don't know who you are unless
you've actually subscribed to the mail-list.
Search Query Report
(Go To: Top: General Summary: Yearly Report: Quarterly Report: Monthly
Report: Weekly Report: Daily Report: Daily Summary: Hourly Summary:
Domain Report: Organisation Report: Host Report: Host Redirection
Report: Host Failure Report: User Report: User Failure Report: Failed
Referrer Report: Referrer Report: Referring Site Report: Search Query
Report: Search Word Report: Browser Report: Browser Summary: Operating
System Report: Status Code Report: File Size Report: File Type Report:
Directory Report: Redirection Report: Failure Report: Request Report)
This report lists which queries people used in search engines to find
the site.
Listing queries, sorted by the number of requests.
reqs: search term
----: -----------
3: income tax immigration
2: canadian tax rates
2: immigration department of sydney to canada
2: revenue canada race horse
2: canadians working in usa social security taxes
2: canadian citizen living in us need to pay tax in canada??
2: americans living in canada
2: canadian tax us rental
This analysis was produced by analog 5.32.
Running time: 1 second.
A piece of a daily report - note that only the top 10 are shown.
There are actually several hundred such phrases in all on this report.
h24-80-116-254.sbm.shawcable.net - - [27/Dec/2003:09:13:43 -0800] "GET /
HTTP/1.1" 200 41273
"http://www.google.ca/search?hl=en&ie=UTF-8&oe=UTF-8&q=income+tax+immigration&btnG=Google+Search&meta=" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20030925" www.centa.com
A log line showing the key words used in searching - in this case using
Google.
The portion showing the site the request came from is the "referrer"
section
As you can see in the box above, lots of interesting things can be read
from the logs - and as you can see - even on the old AMD 850 this site
(along with several hundred more, some of which are MUCH larger) is
hosted on only took less than a second to produce the report - which
runs to about 129k of text plus graphs for this one day - you're only
seeing one piece of one section. The same report is done as a monthly
and yearly aggregate too. We don't track individual users' path through
the site and we use "Open Source" log analysis software so the report is
pretty basic. You can bet that the major sites collect far more data and
do a far better job of analyzing it.
Note that even after this analysis is done, the original log lines are
still available for further analysis if needed. The lines for this year
for the CEN-TA site total to about 44 Megabytes of compressed files.
Even our largest site which gets over a million file views a day runs to
only about 12 Gigabytes for the year. With disk space at about $1/Gig
these days, storing them online is trivial.
The point is that the technology to track literally everything you do
when sitting in front of your computer and interacting with it and the
Internet's Web is available, and not all that expensive. Even at the
best, you leave tracks in various computers as you browse; mostly
"anonymous" but valuable none the less.
Taking Away the Mask of Anonymity
What David first asked me about - whether or not I'd seen a picture from
the web page he'd sent me - is all about unmasking your anonymity. Much
of what I've detailed in the previous section can only tell what
computer address you were at when you looked at the pages. For most
people this changes each day or so, so there is no real correlation to a
person (I have a fixed IP address which adds spice to the problem as
I'll tell you about below.)
In some cases this unmasking is subtle. In others it is blatant. In
Canada after January 1, 2004 it had better be "by the book" or somebody
could be in trouble; at least somebody other than you, the page viewer.
Of course my opinion is that you're potentially in trouble no matter
what you do.
I don't mean to sound completely paranoid, I'm not. On the other hand,
maybe I (and you) should be. The number of incidents of identity theft
and fraud is growing. So too is the number of online scams, spam
e-mails, bogus web sites and what have you. They're not yet at the point
where I'd call them a real epidemic - at least not for people who know
there is no Easter Bunny, Santa Clause, 80% return on investment in a
year or $200,000 bonus for getting "my" millions out of Uganda or
wherever; in other words for people who have even a modicum of
skepticism and common sense. All that is needed is a bit of education on
what to watch out for - the subject of this article.
Web bugs
The original reason David asked me to write this article is an example
of a "web bug" - a unique URL that is embedded in a message sent to you
in some fashion that, when you view the message, confirms that you have
done so.
The page David sent me (or caused the web site to send me as if it were
from David) was done up in HTML and included a couple of unique image
URLs, one of which ended with
"__tn_pers2790347040.jpg?BCmegAABvemnfj9H"
If my browser had been set as most of yours is set, the first time this
message appeared in my preview pane or was opened by me, the image would
have been loaded from the sending website - leaving behind a log record
including the full URL. Note that after the image's name
(__tn_pers2790347040.jpg) there is a trailing "?" and something
(BCmegAABvemnfj9H) that appears to be garbage characters. In fact, the
garbage is a unique key to a record in a database that includes the fact
that the page was mailed to both me and David, including the time it was
sent, and probably linking to all the things that David had done in the
session leading up to his sending it.
In this case the bug was attached to a "real" picture. In some cases it
is as little as a single pixel (picture element - dot on the screen) so
loads "instantly" and doesn't show you anything - but it's log record
exists in the server none the less.
Freaky, eh?
And you thought you'd turned off "acknowledge reply request" (which
causes an automatic reply e-mail to be sent which tells the original
sender that you've read their message, but which some mail agents don't
support well and most people outside of specific companies refuse to
have turned on for privacy reasons if for no other reason than to deter
the spammers)
We know you've seen our mail!
And in some cases (Windows specifically) because it is actually the main
browser engine that interprets the HTML and retrieves the graphic, the
sending site has the opportunity to send your computer a "cookie" that
continues to identify you if you should again visit the site with your
normal browser, even months in the future.
Cookies
When you're just web browsing, one of the ways a web site tracks you as
distinct from some other viewer, for a few minutes or forever, is by
sending your web browser a unique series of characters (somewhat like
the web bug above) that your browser stores for some time, possibly
permanently. This "cookie" concept is valuable to you the viewer in some
cases - such as when you're working with a web site you've had to log
onto with a user ID and password. If it were not for cookies, the
otherwise simplistic design of the Hypertext Transport Protocol would
mean you would have to re-log on for each page you wanted to view on the
site - not something most would put up with.
The problem is that this viewer-helping web extension also can help the
web site keep track of you and your travels through the site (or even
across sites).
Unless you have told your web browser not to store cookies (see Pushing
Back below) a web site can deposit a cookie on your computer and later
check to see if it is there. The cookie can contain either direct data
or a key (like the one above on the image tag) that can be used to pull
a record from a database and add more detail to it. At minimum, the
cookie can be used to track which pages you've visited, in what order
and for how long during the current viewing session with the site. In
extreme cases, the cookie can allow the system to track your use of any
web site that uses a common information database (and there are many
such agglomerated site systems) and tie the information into answers you
might give to seemingly innocuous "surveys" and questionnaires (see
Verifications below) as well as purchases - eventually building up a
wealth of data on your personal and financial life. In some cases enough
is learned that the web site can tie their information to your credit
record (even if you don't give them a credit card number or your
SIN/SSN.)
One thing to note with this and many of the other methods used by
legitimate companies to collect information on you; it is not looked at
personally by anyone except in very extreme cases. The data is massaged
and manipulated by programs which today bear a striking resemblance to
Artificial Intelligence - with the goal of presenting you with
advertising and offers as well as information that the system thinks is
most likely to keep you coming back and hopefully to get you to part
with some of your hard-earned cash - sell you things and services.
Verifications
I subscribe to a number of "free" magazines. Even though I've been
around computers and the Internet for longer than most people my age, I
still like to read from paper - a habit I'm working on breaking by
adding screen real estate to my system, but which seems to be a losing
battle as my eyesight deteriorates with age. For the techies out there,
I run my main system with two 19" monitors, each running at 1600x1400 -
problem is I have the font sizes cranked up to the point where I might
just as well be running them at 800x600 when I'm actually reading.
Anyway, back to the free magazines. Each year or so, each of the
magazines sends me a special issue wrapped in a verification
questionnaire. Prior to the Internet, I'd fill these in and either
snail-mail them back or fax them back. Today however, all of them have
fill-in web forms for this purpose; should be easier, right?
Well, yes it is easier. The problem is that the magazines get their
advertising dollars based upon audited subscription statistics so they
can't just print up thousands of copies and send them out to random
people; they have to know that you "qualify" and are a real person. With
the forms they send, there is a spot for a signature. Unfortunately,
there is no way of signing a web fill-in form (at least not one they
will accept) so the auditors (or the magazines' programmers maybe) came
up with the concept of a "verification question" - something that is of
a relatively personal nature that a random person probably would not
know about you - kind of like asking your mother's maiden name when
talking to the government about your passport or driver's license. (I
have issues with this too but that's for another time)
The problem is that it seems that many/most of the magazines I get
either have the same software for their questionnaires or use the same
service provider to manage their subscriptions. Some of them even send
me to the same web site but different sub-directory, although most have
something under their own web name.
The curious thing is that all of these magazines have a similar set of
questions they ask for "verification purposes". The questions seem to
change every time I renew for a particular magazine but over all of them
the questions in total remain fairly static:
* colour of your hair?
* birth city
* colour of eyes
* favourite colour
* favourite pet's name
* month of birth
* day of birth
* year of birth
* colour of vehicle
* etc. etc. etc.
Notice anything? Each of the questions in itself doesn't give any
particularly private information, but all of them in total do - and
these are just a sampling of the ones I get. I know for a fact that at
least 5 of the magazines I get are from the same publisher - they cross
advertise and the web site is the same for the renewals; yet each asks a
different question each year so the total of the information they can
gather is large.
Of course I caught onto this years ago and have instituted my own
"Privacy Policy" which I'll tell you about below. In general I have a
set of answers that I use consistently but which are not even close to
the "truth".
Surveys, Questionnaires and Stealth Questions
Several of the web sites I visit regularly have "informal polls",
questionnaires, and other information gathering means. The magazine
sites in the previous section all ask information about the kinds of
business I do, including dollar volumes, projections, etc. In their
case, this is to allow them to decide if I "qualify" as someone they
want to send their "free" magazine to. At least the magazine publishers
are fairly up front about it; other sites are not.
If you do any major browsing on the Web I'm sure you've come across
sites that ask you questions in order to gain access to some of their
areas. The questions can include personal information, even if cloaked
as a range of values (Age: 18-25, 26-35, ...) but over time the accuracy
of the data can be alarmingly precise. If you are asked the same
question but with slightly different ranges the computer can narrow down
the exact answer by detecting when you move from one range to another;
(18-25, 19-30, 24-36, 26-35 - if you are 25 you'll end up in the first,
second, third but not fourth)
The fact that you choose a particular button to go to the next page can
be informative; [English] [French] being one of the most common in
Canada. In fact, your choice of click-through advertising is probably
kept along with the rest of your profile. Did you click on the ad for
music videos or tools? The next time you're presented with a couple of
ads they may be specifically placed to determine your preference in tool
or music artist, depending upon which you chose first.
You should also know that the same things apply to the information you
fill into the software registration forms on your computer when you add
something new. You're asked similar things each time you get an upgrade
in some cases and of course when the inevitable happens and you have to
re-install everything again.
Against all of these techniques, what can you do? You want to use the
services, and in many cases don't mind that they are going to try to
sell you things. You just don't want to give away enough that "they" can
be more than minorly annoying if you can possibly help it.
On the other hand, you also don't want to get caught by the criminal
side of the computer revolution either. Information you might actually
be comfortable with giving to a company you know and trust might be just
the thing an identity thief needs to get a new credit card issued with
your name on it.
Somewhere you and the businesses and sites you deal with have to strike
a balance that both can be comfortable with. The problem is that the
guys at the other end of your Internet connection have all the tools and
databases.
Pushing Back
If you don't push back against those who want to know more about you all
the time, you'll end up as transparent to them as if they lived with
you. This is not a joke!
The first thing to do is decide whether you need or want to bother
worrying about all this data out there on you. Some people actually like
the fact that when they go to their favourite news site it shows them
the baseball scores first and never shows them news about foreign
countries at all. In this case you have "paid" for your "free lunch" and
are happy about it.
This may be fine for one or two sites. It even may be fine for all the
sites you normally visit - but you should still be on guard whenever you
visit a new site or get sent something by a "friend" to try or see. You
should also be aware that not all your "friends" may appreciate your
giving their e-mail addresses out to your favourite site so you can send
them something interesting (as David did in the case that sparked this
article) You have to learn to practice safe Internetting at least enough
to not annoy others you deal with.
On the other hand, if you are uncomfortable with "them" knowing all
about you, including your underwear size, eye prescriptions, age,
occupation, sex, address, place of birth, etc. then you need to do more
than just be watchful.
The major thing to recognize is that, as noted above, most of the time
your information is dealt with only by computer programs - and computer
programs are still not truly "intelligent". Today's "data mining"
techniques look for statistical patterns within numbers of records. They
look for viewing or purchasing patterns with enough people following
them that it makes sense to craft a marketing strategy that matches the
pattern and take advantage of it. To do this they apply mathematics
that, amongst other things, throws out "bad" or inconsistent data.
Hmmm... maybe there's a way to get our records thrown out - or at least
confuse them as to which patterns we really fall into.
To do this we must inject some randomness and/or misleading data into
our travels. Not enough that we can't get the services we want, and
certainly not enough that we fall afoul of fraud laws or such. Just
enough to maintain at least a bit of a curtain of privacy and cast
uncertainty on the data.
This can be done in non-Internet activities as well. I have several
credit cards but use them in a fairly random fashion. Some months I'll
use one for gas and another for miscellaneous purchases and not use
another one at all - even for months at a stretch. Same thing with the
mix of credit and debit card use. I also use cash in many situations
even though I could (and sometimes do) use credit in the same situation.
Thus, there are holes in "their" data - no obvious patterns in general.
The same things can be done when giving information to Internet (and
software) companies.
Many of these practices are "passive" push-backs. I also actively push
back in some cases by letting the organization know my views on their
"policies" and letting them know my own policies if necessary and why I
have them. The rest of this section deals with some of the details of
this pushing back.
Affinity Cards
A good friend of mine makes his money solely as a computer security
expert. He's paranoid - a good thing in his industry. One of the things
he has found out is that some stores will actually allow you to register
anonymously for an affinity card. No personal information on record, but
you get the discount and the store can track that "anonymous cardholder
12345... has this purchasing habit" which seems fine with them. So far
he's received such cards from a couple of food chain stores and a book
chain.
A suggestion he has made to me that I have yet to do anything about is
that people register in some fashion to get a card then drop them into a
box at the door for later use by anyone else who needs one. In some
stores the cardholder earns "instant" rebates over time and the random
cards might act almost as a lottery. I'm not sure how the stores would
like it but it's a thought.
On the other hand, I have noted above that I actually get a sore back
(from the thickness of my wallet - carried in a back pocket and causing
me to sit funny in my car - requires a "walletectomy" every few months)
if I carry all the cards the various stores want me to use. It used to
be that other than the credit cards, I only needed my "Air Miles" card
since it crossed many stores. The problem is that for whatever reason,
many stores are no longer part of this umbrella and instead run their
own card.
My push back to them is to ask if just having the number is enough - in
which case I'll enter it into my cell phone or PDA, both of which I have
with me at all times anyway. This has worked fairly well for some
stores. A couple didn't like the idea and I've run across individual
clerks who don't quite understand, but that's their problem and I let
them know it.
On the other hand, there are a number of shops I won't deal with any
more than I absolutely have to because they require that I present the
whole card, and in one case the card itself is thicker than most credit
cards are. The manager there just didn't understand when I told him why
I wouldn't be back until they changed the policy. The store offers quite
a healthy discount for cardholders but their competition does the same
and only requires the number.
Other stores are getting the message and creating cards that are very
thin, and in once case 1/4 the size of a credit card and designed to
hang on your keychain. The push back seems to be working.
Places that use the old "stamp" card (card of empty squares stamped each
time you purchase something) will mostly keep the card in their store
for you. If they don't, I tell them why I won't be back.
E-mail Software Solutions
The original subject of this discussion is an e-mail sent to me by
David. If you don't want the sender or other nefarious web site to know
the fact that you've received (and opened) any particular e-mail, you
may have to change your software. At minimum you'll have to get into its
options and change how it deals with external links from HTML mail.
I'll first of all say that I don't use Windows for my day to day
Internet access. I have a Linux box in front of me, the details of which
are on my home-office page. About the only thing different from the
picture at the moment is the second monitor I mentioned above - beside
the one you can seen in the center of the main picture. As you'll note I
also have both a separate machine with Windows 2000 on it and a session
of Windows 2000 running in a "cage" (VmWare) on my Linux box, so I do
have access to the facilities if I can't do things any other way. I'm in
fact writing this article using FrontPage 2002 in Windows under VmWare
on the main machine.
My E-mail program is Evolution - a Linux-based Outlook look-alike. I've
used Outlook in the past as well as Eudora and many other Windows based
programs, but I no longer do so, so am a bit rusty on their setup and
daily use.
The things I've found out indicate that versions of Outlook older than
2002 and all versions of Outlook Express up to very recently cannot be
told not to load images from the outside when e-mail is shown in the
preview pane or opened up. Outlook 2002 can be set this way (see link
below) and Outlook 2003 comes with this feature set on (don't load
external links). Personally I like Evolution's way of doing it at this
point - load external links only if the From: address is in my Contacts
folder; although the fact that Yahoo spoofed this is disconcerting. I
may suggest to the team that is doing the Evolution programming that it
also take a look at the Return-path: address (which in this case showed
nobody @ Yahoo-inc.com)
If you can't update to a newer Outlook you might want to get
Mozilla/Netscape and use It's mail reader instead. Many people like it
and there are new features coming all the time. Blocking images is a
selection on the "Privacy & Security" menu under "images" where you can
select specific sites you'll allow images from or turn their download
off completely. Again, no selection for only allowing them in mail from
people you know. I use Mozilla 1.5 as my main browser on both Windows
and Linux - works fine for most sites now.
If nothing here applies to your situation; you can't change (company
policy or financial reasons) or simply don't want to, you should at
least understand that you are letting the other end know that their
message was received. If you don't like it - push back by telling your
vendor and/or company MIS/IP people.
E-mail Source Code Discovery
You can see the "nasty" URLs in e-mail you've received by setting your
program to "show e-mail source" and looking for the "img" (upper or
lower case) tags. The following one is from my Christmas Greeting, sent
out with the pictures included in the e-mail as attachments. This type
of IMG is just fine - the whole thing is included in the e-mail and no
external reference is needed to view it. The "cid:" portion of the tag
string means it is referencing an internal (to the e-mail message)
attachment.
<IMG SRC="cid:[email protected]" ALIGN="bottom"
ALT="" BORDER="5">
The following HTML IMG tag came from David's e-mail to me (slightly
obfuscated). Note that the tag in this one contains a full URL to an
image file, plus the extra ? and database key.
<img src="http://us.f1.yahoofs.com/ xxx/ 3f808b6z_c5e5/ bc/
Yahoo!+Photo+Album /__tn_pers27903z7040.jpg ?BCmegAABvemnfj9H"
width="61" height="90" border="0"/>
In most of the e-mail programs in use today, receiving this e-mail would
tell Yahoo that you existed, and they already know your e-mail address
since your friend gave it to them.
"Yahoo!'s practice is to include web beacons in HTML-formatted email
messages (messages that include graphics) that Yahoo!, or its agents,
sends in order to determine which email messages were opened and to note
whether a message was acted upon." abstract fromYahoo's privacy pages.
So, through no fault of my own, Yahoo now knows that my e-mail address
exists and I've seen a picture from their site. Their policy states that
they collect personal information "when you visit Yahoo! pages..." which
now I have done. Now they seem to think they have implicit permission to
pass my e-mail address around their company and associated companies,
business partners and other companies. But I didn't knowingly visit
their page - I only viewed an e-mail I thought had come from a friend of
mine!
Greeting Cards Too
The same thing happens when a friend of yours sends you some electronic
greeting cards - you know, the ones that they can have sent out to their
whole mailing list on major holidays and to individuals on birthdays and
anniversaries. I even sent out a special missive to my own Christmas
list this year imploring them not to follow this practice as I would not
likely see their card since my system is set not to download the
external links.
The point with this and the previous section is that regardless of
whether you have decided you don't care about your personal information,
decisions you make can affect others you count as friends or associates.
I'm not talking about a virus using your contact list to send itself -
that you may not have been able to stop, although I can make a case
there too.
I'm talking about your use of "free" services that you put information
of any kind into that ends up with the service discovering information
about your friends and associates despite the fact that they have not
been given the opportunity to say no.
Browser Software Solutions
To minimize sites tracking you, you can limit your browser's cookie
storage abilities. Interestingly enough, most browsers today allow far
more flexibility in these settings than your e-mail programs allow in
theirs.
In general, there are two types of cookies - those that last only for a
"session" - meaning until you close your browser window (and any clones
you have of it) or until you reboot your computer - and those that last
between sessions.
In addition there are "first party" cookies and "third party" (you, the
viewer being the missing "second" party). Some web sites (and Yahoo says
they do this) may set a cookie for one of their advertisers which comes
from a completely different web site. This is a third party cookie.
First party cookies are from the site you think you're viewing. Some
people turn off third party cookies and leave first ones on. Others only
allow session cookies.
Some browsers allow you to treat session cookies separately from others.
Some don't. Some don't tell you what they're actually doing (MS IE is
one unless you go into the "advanced" settings) so you may have to dig a
bit on your favourite search engine.
Even if you turn off cookies other than session cookies, some browsers
allow you to add a list of sites you'll accept them from in any case.
This allows you for instance to allow Google or Yahoo to recognize you
when you come back (and track your travels through their pages) but not
allow 3rd party cookies (unless Yahoo sets one for Google) - the best of
both privacy and utility worlds but sometimes a pain to administer.
On the other hand, nobody said that "Free" didn't come with some pain
did they?
Government Privacy Legislation
The "Personal Information Protection and Electronic Documents (PIPED)
Act" goes into full effect on January 1, 2004. It has actually been
around for a couple of years now, and even now will not be enforced
harshly. See the link below to the Canadian Privacy Commissioner's web
site for more detailed information.
Abstract from "Your Privacy Responsibilities"
The Act in Brief
Organizations covered by the Act must obtain an individual's consent
when they collect, use or disclose the individual's personal
information. The individual has a right to access personal information
held by an organization and to challenge its accuracy, if need be.
Personal information can only be used for the purposes for which it was
collected. If an organization is going to use it for another purpose,
consent must be obtained again. Individuals should also be assured that
their information will be protected by specific safeguards, including
measures such as locked cabinets, computer passwords or encryption.
Personal information
Personal information includes any factual or subjective information,
recorded or not, about an identifiable individual. This includes
information in any form, such as:
* age, name, ID numbers,
income, ethnic origin, or
blood type
* opinions, evaluations,
comments, social status, or
disciplinary actions
* employee files, credit
records, loan records,
medical records, existence
of a dispute between a
consumer and a merchant,
intentions (for example, to
acquire goods or services,
or change jobs)
Personal information does not include the name, title, business address
or telephone number of an employee of an organization.
I am not a lawyer (IANAL) but, having my e-mail address, I expect Yahoo
could find a lot out about me because I have had the same address for
quite some time, it is my own domain (not Hotmail or Yahoo) and the main
page for the website for the domain has my address on it along with my
name. The fact that they can do this does not mean they have my
permission, since I did not actively give my consent to them - but there
are some loopholes they can use (or drive a bus through) and of course
they (Yahoo) are in the US so all bets are off.
Personal Privacy Policy Creation
OK, so we've seen all the various ways we can be tracked, with and
without our knowledge and/or consent; and these are just the ones that
legitimate business uses. Some of the ones the really bad guys use would
curl your toes - but that too is for another day.
The question is, what can we as individuals do about this? My solution
is really a goal and a number of stop-gap measures along the way.
The goal is to get the collectors of information to be completely
forthright about everything they do with the information they collect
from me and allow me to say when enough is enough, in real time, and
make it stick. I also want them to realize that their need to track my
purchase/browsing habits does not mean that I should endure pain of any
kind - physical, mental or economic; I'll bow to them needing a number
when I talk to their sales staff if they'll bow to the fact that they
are not alone in my wallet.
The new privacy legislation is supposed to give me some of this power
but I really don't think it goes far enough. On the other hand, at least
it's a start.
Having the goal, the rest comes down to pushing back in various ways.
The first is to recognize that many "company policies" have no basis in
law, reality or even common sense - they just exist. Some exist from
times past when things were done differently. Some were created by
idiots. Some were created for a good reason but just don't work, and
some are simply there to take as much advantage of you, the
consumer/viewer as the company possibly can.
Well, as a consumer and viewer - you can have a policy too - and there's
no reason why some of the items on it can't be just as crazy as theirs
if you want. Once you create yours, you might just want to print it out
on some really nice paper and carry it with you so you can show it to
intractable clerks and managers.
Some of the things I have in my Personal Privacy Policy
* Give as little information
as possible
* Obfuscate what I do give in
some manner
* Randomness is my friend - be
a 99th percentile -
sometimes
* Let them know you know what
they are doing
* Let them know that you care
about your privacy
* Let them know that if they
are good, you'll continue to
give them your custom - and
be firm in your resolve if
they don't cooperate.
* Never do their work for them
for free
* Ask to see my record (after
January 1) - not often, and
not always from the same
company, but just to keep
somebody on their toes -
same thing applies to your
credit record too by the way
* Don't let my physical
identification out of my
sight - credit cards, debit
cards, driver's license,
passport, affinity cards -
anything
* Go up the food chain as high
as necessary
Give as little information as possible
When faced with a fill-in form, fill in only enough blanks to get past
the entry checking - mostly they are noted with an * or something. If
doing things in person, ask why they need certain information. One
favourite of mine is my SIN. In Canada, the law actually is that nobody
but those who are remitting tax information about you to the Federal
government may ask for your Social Insurance Number. This means your
employer (withholding tax) and your bank (interest if you ever get any)
and maybe your stock broker but nobody else.
Ever tried filling in a credit application and leaving it blank? Try it
some time - interesting experience. Of course the SIN is such a widely
used/abused identifier in the commercial world today that the Feds are
talking about all new identifiers.
On the other hand, many software packages I have that "require" my first
and last name have just my initials in the space. All the registrations
seem to have gone through, and here in Canada the manufacturer must
honor the warranty in any case, so I'm fine.
Obfuscate what I do give in some manner
Gee, I must have mistyped it. Close, but not quite. The address is a
digit off or the postal code is out by a letter or something. Of course
the good companies actually check that your address and postal code
match, but since the postal code denotes one side of a street of some
floors of an apartment building, you can still be out by a bit and pass
the test. Same thing with phone numbers. Gee, I gave you the fax number
as my voice - I'm terribly sorry. If they really want to get hold of me
they'll send me a fax.
The validation questions for my magazine subscriptions are another are
for obfuscation. I have a list of standard and wrong answers that I use.
If the auditor calls, they get the answer I've given so things are fine,
since I really am a live person and I really do read their magazine and
sometimes even talk to their advertisers. What more could they ask,
right?
Well, maybe my eyes aren't "pinque" and my birthdate isn't the first of
January (close - only off by a couple of days) but who cares?
Randomness is my friend - be a 99th percentile - sometimes
As noted earlier, I change the use of my credit cards fairly randomly
and sometimes use cash. Sometimes I use my affinity card, sometimes not.
Sometimes I'll use the store's affinity card and sometimes I'll use Air
Miles if they accept that.
The computers out there are looking for patterns using statistical
analysis which in its basest form most people have seen as the"bell"
curve. I actually met my wife while we were both taking the same
statistics course but that was over 23 years ago. Then I could have
given you all the equations and everything - today I'm just going to say
that the computers are looking for things near the center/average - high
point - of the curve and I want some of my data to be out at one or the
other of the ends (left end is 1 percentile and right end is 99th
percentile).
This means that if the average person goes to the same store all the
time for commodity items, I'll work at going to different ones. In this
way my purchasing habits as tracked by any one store are far less than
average so they'll ignore me.
The same thing for answers to some of the surveys I get (the magazine
ones for example) - I'll have one or two answers that are completely out
in left field compared to the others - my purchasing power is none but
my budget is huge or something. The rest would be fine and on average
I'll qualify for the subscription - but the computers won't know what to
do with the information.
Let them know you know what they are doing
This is a tough one. The average store clerk doesn't care. They're
getting fairly minimal wage and didn't write the policies. You also
can't talk to the web server itself. What you can do is ask to talk to
the manager or send feedback to whatever address you can find if
something warrants it. I've had some interesting success with both of
these actions. One book store I frequent used to have their card
scanners on a tray below the cash register and out of site of the
customer - behind a fairly high counter. They now have the card scanner
on the desk in plain view of the customer. Maybe the double swiping
scandal at our local airport had something to do with their decision,
but I'm hoping my talk to the manager had something to do with it too.
Let them know that you care about your privacy
After writing this, I intend to send a copy to Yahoo and request that
they remove my e-mail address from their files, since I have never given
them explicit permission to record it.
I just sent some feedback to the creators of a video DVD set I got for
Christmas. The set virtually forced me to install a new DVD software
package which not only set itself as my default for viewing DVDs, it
didn't even work. Worse yet, the software said it would track my viewing
and report back to its masters "anonymously" - despite the fact that I
am quite identifiable since I have a fixed IP address at my house,
unlike most people. I haven't yet heard back from them, but I'm going to
follow up on my promise to them to mail out pieces of their product
along with an explanation to some of the people I know if they don't get
back to me soon. My regular DVD software won't read the main 2 disks but
will read the "extras". Since the package is opened it's unlikely I can
get a refund so the disks are useless anyway except as a lesson to the
vendor.
On a different front, I've already mentioned that I sent my rant out to
my Christmas list which I hope will let them know that I don't want to
be included in some company's database - and of course I'm writing this
for David and you for the same reason.
"Them" includes the people you deal with who might inadvertently expose
your information as well as those who collect it. Consider that this is
part of the education that people should have received but didn't - and
you're just helping them learn.
If you absolutely must use some centralized greeting card site, or have
some web site send a note to your best friend for you, ask the potential
recipients if they mind (and maybe point them at this article if you
want) and ask the web site for exact details of what they will do with
the information you give them; how long they will keep it, if they will
send out unsolicited e-mails to your friends, if they are connected with
any other company that they will pass the information on to. If you are
satisfied with the answers, tell them so and tell your friends. If you
are not, do the same. Companies on the web exist by the instantaneous
grape-vine it is. Both good and bad news travels fast, and truly
service-oriented companies will respect and deal with their customers'
concerns. Otherwise they'll die.
Let them know that if they are good, you'll continue to give them your
custom - and be firm in your resolve if they don't cooperate.
As noted in the previous section, when you ask, tell them what you will
do if things turn out ok - and if they don't, stop dealing with them and
tell others (as well as telling them that you are doing this.) This is
the consumer equivalent of a strike or boycott in the computer age.
Don't use it for trivial matters, but know that it does work, but only
if you tell people. The one thing to keep in mind is that you are using
your opinion to guide others. You should understand the difference
between opinion and defamation. One is ok, the other is illegal
(libel/slander).
One of the two local stationary stores offers an affinity card with a
healthy discount. Prior to applying I asked my standard question,
especially in light of the fact that I could see that the card was even
thicker than a normal credit card. "Can I simply give you my number
instead of having to present your physical card?"
The answer was "no" so I asked to see the manager. I explained why this
answer was unacceptable to me (sore back from too many cards) and asked
if they would store the card at the store for me since it was the one I
came to the most and I didn't care if I didn't get a discount at other
stores in the chain. The answer again was "no" so I pulled out my wallet
and put my credit card away and told them I'd come back when their
policy changed as my policy forbid me from signing up for their card and
their competition (whose card number was in my PDA) allowed me to just
quote the number.
I have been back a couple of times since, hoping that the policy has
changed. Each time I do my shopping and bring the goods to the counter -
and end up leaving them there. Maybe they'll get the the message some
day.
Never do their work for them for free
They want the information on you for their good, not yours. Well, that's
not strictly true since being able to accurately predict purchasing
patterns does cut down on inventory expense and allow them to drop their
prices accordingly - but they usually don't until all of a particular
market segment has the same efficiencies and they all drop at once. In
the mean time, the better run companies try to put as much money away
for their investors as they can. Hey, I'm in business too and I'd do the
same thing.
On the other hand, there is only so much cooperation that buys from me.
If you feel you are getting adequate value from a company in return for
the things they do with the information they gather from you, then fine.
I'm certainly happy with my magazines.
I'm also happy with the discount I get from the major book store I
visit, where they accept my affinity card number with no problem (but it
took a couple of years and a corporate takeover to get there)
Personally, I don't use any of the major online web Portals except
Google. I don't need any more e-mail addresses as we run our own server.
I don't need web space for the same reason. I have my own "chat" system
separate from the big guys and such.
Most other people on the other hand don't have the resources of an
Internet service provider at their beck and call. You all have to
balance the amount of privacy invasion you'll accept with the cost of
replacing the services you get for "Free" from your particular favourite
portal.
It's all a balance - and now that you know what is on their side, you
can decide whether it is worth what you have on your side.
Ask to see my record (after January 1) - not often, and not always from
the same company, but just to keep somebody on their toes - same thing
applies to your credit record too by the way
In Canada, every person with a credit history has the right to ask for a
copy of it each year from each credit reporting agency. When was the
last time you asked for yours?
As of January 1, 2004, you'll be able to ask for similar information
from Canadian companies who you deal with in any way and who you even
suspect of having personal information on you. If you read the "Your
Privacy Responsibilities" guide that the abstract above was taken from,
you'll see that it shows what a company should do for you. It was
written from the point of view of the business, but turning it around
and using it as a guide for what you can (and should) do is fairly
straight forward.
Don't let my physical identification out of my sight - credit cards,
debit cards, driver's license, passport, affinity cards - anything
The stores, the government, everyone it seems needs to see some sort of
identification from you if you visit them or pass through their
jurisdiction. Of course you can always just not travel and pay for
everything with cash only, but then that's giving in to them and who
wants to lead that kind of a life?
As noted above I've already been instrumental in getting one store to
change where they put their card scanners. I've also been very adamant
to store clerks and even managers if they try to break my policy.
Government officials are a slightly different story, but they get the
lecture anyway and then I give in. Airport security guards can do
whatever they please - but I take notes.
This extends to getting replacement cards too. We have had a lot of mail
theft in the Vancouver area and the target is exactly what I'm talking
about - identity items that the thieves can use to ruin your credit
reputation. Have the cards sent to your local bank branch and pick them
up in person.
Go up the food chain as high as necessary
If you feel strongly about some particular injustice you see or a policy
that seems just plane wrong, tell it to the top if necessary. There is a
show on TV lately that depicts upper management going down to the
front-line positions for a day or two to get a feel for what is going on
in the trenches. Many executives have no idea that there is a problem
unless you follow up. Some of them don't care but many do. If you help
them to understand a problem, don't just rant at them but truly get them
to understand your point of view, many will do something about it.
I recently had a call from a bank executive because I'd pointed out to
the branch employee that their privacy policy he wanted me to sign was
at odds with their advertised policies and I'd made a note on the form
to that effect. The form is being changed.
Amaze yourself with what you can accomplish, and keep your privacy in
mind whenever you deal with anything computerized.
Interesting Links
* http://www.georgedillon.com/web/html_email_is_evil_still.shtml URL says it all - HTML e-mail is evil
* http://www.microsoft.com/uk/technet/fyi/issue6/spam_email.asp Even Microsoft admits that there are problems - but they have "fixed" the problem in Outlook 2003 by setting not to download images by default (finally)
* http://support.microsoft.com/default.aspx?scid=kb;en-us;Q307594 and here is how to do it in Outlook 2002 - problem is, I don't see any such option in older versions. Of course this type of change is fairly drastic if you sometimes want to see HTML.
* http://www.extremetech.com/article2/0,3973,716787,00.asp A review of the software I use - Ximian's Evolution 1.2
* http://www.flzone.net/ShowDetail.asp?NewsId=6024 notes about updates to Outlook Express (finally) to turn off attachment execution and image downloads when viewing HTML mail
* http://mactips.info/tips/index.php/2003/02/26/p253 tip for MAC users of Eudora (may also apply to PC/Windows) to turn off image downloading
* http://privacy.yahoo.com/privacy/us/pers/ Yahoo's personal privacy statement - many other companies have similar ones. Note that they talk about cookies and "web beacons&quo
What's Related