P1: c-146Everett-Church
Everett-Chruch-1 WL040/Bidgoli-Vol III-Ch-08 July 11, 2003 11:46 Char Count= 0
102 PRIVACYLAWbut by design, however. In many cases, there are default
settings that permit the collection and storage of usage
data. These include the following:Browsers regularly tell Web sites what kind and what
version of browser is being run, the operating system
it is running on, and even what Web site “referred” the
user to the current page.
Some browsers have settings that permit users to cap-
ture and enter user IDs and passwords automatically for
Web sites, as well as other personal information such
as credit card numbers. These “wallet” features provide
convenience but also present a privacy risk should any-
one gain access to that machine and use it to log into
sites or access users’ personal information.
Browsers can be instructed by Web sites to store little
text files, called cookies, on local hard drives. Cookies
can be used to store personal information or to assign
unique identifiers that allow sites to identify users indi-
vidually on future visits.
Browsers can keep a log of every Web site a user visits
and may even keep copies of the pages and images the
user has viewed. The “history” function can log this data
for days, weeks, or even months. Depending on the size
of the hard drive and the default settings for a browser,
it may also store days or weeks of Web page files and
images in a “cache” folder.Internet Explorer and Netscape have their own built-
in privacy settings and controls. They vary in the level of
control they allow over elements such as cookies, however.
The “help” file that comes with each browser explains the
browser’s privacy settings and describes how to control
them.IP Addresses and Browser Data
In 1990, an engineer at a Swiss physics laboratory, Tim
Berners-Lee, invented a new data-exchange standard in
an effort to speed the sharing of information between re-
searchers at widely dispersed locations. His creation was
the hypertext transport protocol, or HTTP, and it made
data sharing across the Internet literally as easy as point-
and-click (Cailliau, 1995).
When the first Web servers and Web browsers were
developed, however, not much attention was paid to sub-
jects such as security and privacy. Because Berners-Lee
and other engineers needed to troubleshoot their fledgling
Internet connections, they built many automatic report-
ing features that would let them easily get to the root of
the problem when something went haywire. This need
for information such as browser type, version, operat-
ing system, and referring page was built into the earliest
browsers and persists today.
Although not a tremendous privacy concern, the collec-
tion of this browser data is a standard function of most
Web server software. Most sites collect this data for trou-
bleshooting purposes and then delete it after some period
of time, mostly because it can become very voluminous
very quickly and its usefulness diminishes over time.
One element of the data that is also captured in the
process of requesting and serving Web pages is the IP(Internet protocol) address of the user’s computer. An IP
address is a formatted string of numbers that uniquely
identifies a user’s computer out of all of the other com-
puters connected to the Internet. IP addresses, which look
something like 192.168.134.25, are assigned in blocks to
Internet service providers, who in turn dole them out to
their customers. With most dial-up Internet access ac-
counts, users are assigned a “dynamic” IP address, mean-
ing that the IP address assigned to a computer changes
every time the user log onto his or her ISP, and gets tossed
back into the ISP’s pool of addresses when the user discon-
nects. By contrast, dedicated servers and some desktop
computers in corporate or academic settings may have a
“static” IP address, which is unique to that machine and
may persist for the life of the equipment.
In this age of always-on Internet connections, however,
such as those provided by DSL (digital subscriber lines) or
cable modem services, it is possible for an average user’s
computer to have the same IP address for days, weeks,
or months on end. From a privacy perspective, a static
IP address can compromise one’s privacy because an un-
changing IP address make it easier for the truly deter-
mined to track an individual’s Internet usage. For exam-
ple, a site that collects IP addresses in its server logs may
be able to correlate with other transactional records (e.g.,
purchase history or search parameters) to associate a
unique IP address with a unique user and his or her online
activities.
Given that most consumers use Internet service pro-
viders that regularly use dynamic IP addressing (as most
of the DSL and cable modem providers claim), IP ad-
dresses are not considered a reliable means of allowing
Web sites or online advertisers to track users uniquely.
This lack of reliability should not be confused with anony-
mity. As a routine bookkeeping matter, many service pro-
viders log which IP address was allocated to which user’s
account at a given period of time. These connection
records are frequently sought by prosecutors investigat-
ing criminal activities perpetrated via the Internet and by
parties in private lawsuits over online activities. In recent
years, dozens of companies have successfully uncovered
the identities of “anonymous” critics by obtaining court
orders for the release of user identities. Not every Internet
service provider has willingly provided that information;
in 2002, Verizon Internet fought attempts by the Record-
ing Industry Association of America to release records
identifying users accused of illegally trading music files.
As of this writing, the federal district court in Washing-
ton, DC, held that Verizon was required to reveal the
user’s identity; however Verizon has appealed (McCullagh,
2003).Cookies
Connections made using HTTP are called “stateless,”
which means that after the user’s computer receives the
content of a requested page, the connection between the
computer and the faraway Web server is closed. Rather
than maintain a constant open connection “state,” each
file that makes up the page (such as each of the graph-
ics on a page) creates a new and separate connection
(Privacy Foundation, 2001). This is why, for example, it is