TechCrunch (via the WashingtonPost) has recently published an article stating what should be the Digital Bill of Rights to protect consumers. With the Internet age in full-swing, and Election ’08 in the near future, what better time than now to present a plan of action for laws and regulations regarding the Internet? Many laws governing the Internet are quite outdated and can’t keep up with the daily advances in technology…as food for thought: What if laws had never been changed with the inception of modern mail carriers? Imagine the same laws were still completely intact even with the transition from the Pony Express to the modern-day United States Postal Service. Could that work? Could a law regarding the Pony Express still govern the actions of USPS?

Issues such as copyright infringement, net neutrality, and digital privacy are difficult to govern, mainly because they are creations of the modern era of technology. Maybe it is time to dust off the books and create some new laws that can maintain a degree of control and consistency over rapidly expanding technology. Many laws do not protect users’ Internet privacy and allow companies to spy on us and record our information so they can build a profile of our web surfing habits. The Digital Bill of Rights would be a step in the right direction to create updated laws that can protect consumers from ISPs, marketing companies, device manufacturers, and even the government itself.

Presented in the article is the author’s own Digital Bill of Rights, which he asks users to help further refine. Maybe our candidates can use this as a starting point and get the ball rolling in the right direction.

Well it is more than an Internet Service Provider, but Cable One, the 10th largest cable operator, has recently admitted to conducted a six-month study on their Internet users’ surfing habits. Cable One joins Charter Communications (as reported in a previous post) and a slew of other MSOs (multiple service operators) who spy on their customers for behavioral targeting purposes, and ultimately sell that information for big bucks to advertising companies.

Cable One revealed the information on August 8 to the House Energy and Commerce Committee, which had previously expressed their concerns on cable operators using advanced technology to invade privacy. So if I decipher this correctly: Cable One tried to defend themselves against these allegations by providing information and stating they invaded their customers’ privacy. Cable One stated that spying on 14,000 of their 700,000 customers was a better way to provide “more relevant advertising” to their customers.

Bresnan Communications and Knology also came out of the woodwork to say they spied on customers throughout a similar time frame. WideOpenWest admitted to doing this, in cooperation with NebuAd’s service. WideOpenWest stopped the program after five months because of the privacy concerns. All efforts to surf anonymously have become null and void for many Internet users, and for no apparent reason other than having better online advertisements. Shouldn’t these companies help protect personal information, not jeopardize it?

Cable One argues that they were not breaking any laws by conducting this research, and had made the information available to their users via the acceptable use policy they read when signing up for services. The information was also found in Cable One’s yearly privacy notice, which is sent to all customers. They provided users with appropriate notice, BUT did not allow them to opt out of the research, “because doing so would stifle our ability to test new technologies that have the potential to offer significant benefits to our customers.” Wow…

In essence the companies are arguing that because they put it in writing it is alright to spy on users and completely ignore any type of Internet privacy laws. It seems a bit ridiculous that my privacy rights are in jeopardy and I have no way of opting out. I can’t even choose to say “No.” In other words, even if I know it is happening I have no say in the outcome. The companies are not just able to record information for advertising purposes, but can use this technology to track and record ALL information being transmitted and received through their network. Hopefully when the Committee drafts a new law they remember to add the clause that we, as paying customers who want to feel safe, should have to opt-IN to this research–not be forced into whatever absurd money-making scheme the companies are up to.

Recently reported by the New York Times and the Herald Tribune (Sarasota’s local newspaper), a little bit more than 88% of the 38,500 students in the Sarasota school district had personal information posted on the Internet for nearly two months.

The school district has a contract (for now) with Princeton Review to maintain a database of Sarasota County Planning Tools, to help teachers develop tests and keep track of students’ grades. The information, which contained students’ names and school ID numbers (which in some cases were Social Security numbers) from this database was accidentally posted on the Internet for two months before it was finally removed this past Monday. Along with names and ID numbers the information also included students’: birth dates, sex, ethnicity, disabilities, and standardized test scores. The files were able to be found by using a search engine and Princeton Review claims the files were released when the company recently switched ISPs.

Sarasota students were not the only ones affected by this mistake, Fairfax, VA. students (nearly 74,000 of them) had their information posted on the Internet as well. The company was hired to measure student performance and nearly got 74,000 students’ identities stolen. Hackers could have had a field day with this information–but if we recall correctly from a previous Identity Theft post, it usually takes the Identity Theft victim three months to realize something is wrong. In the case of a young student that has no need to check their credit ratings; it could be even longer.

The article hints around as to who is to blame here. Of course Princeton Review is at fault because the security of their system and website has been compromised and over 100,000 students had their personal information sitting on the Internet for two months. Not to mention that with the world wide web, nothing that has been posted can truly be deleted–some cached record may be sitting on a server with the information.

Is the school board to blame as well? Would they need to compile this massive database of personal information if standardized tests weren’t stressed as the focal point of a student’s education? While I am not trying to start a debate as to the validity of standardized tests, it is just an interesting subject to touch on. What happened to the days where teachers logged the information in their grade books? Is it necessary to have a massive database with every bit of information about a student? These are all questions that the school board will be answering when deciding whether or not to keep Princeton Review’s contract.

In this case I would say protecting personal information trumps the ease of sticking everything on some site to analyze the students performance. It is great for parents, students and teachers to have access to this information so they can all keep track of performance and make sure nothing is wrong. Is the risk of having this happen again worth it? Do students even get and interim reports and report cards anymore? I remember that being a pretty good gauge as to what I needed work on.

No, this isn’t a clever campaign to start a world movement to get rid of the Great Firewall and liberate China’s netizens. With the arrival of the 2008 Olympic games in Beijing, it seems that this would be an appropriate time to focus on The Great Firewall of China, or the Golden Shield Project (as it is officially known). The Golden Shield is a censorship and surveillance program run by China’s Ministry of Public Service. While the Chinese government has been using the Great Firewall to censor and block websites in China since 2003, many of us do not have a full understanding of the Golden Shield Project and its intricacies. This article is not meant to start a revolution against the Chinese government to bring down the Great Firewall, but a means to gain a better understanding of something that many Americans and Europeans have little knowledge about–Internet censorship using GSP.

While most Americans and Europeans do have the right to choose what sites they visit and surf the Internet freely (again the keyword is “most”), other countries’ citizens are stifled by government censorship of the Internet. In China any site that expresses opposing views or states a negative opinion of the government is banned. Not only will the site be banned, but the authors may face criminal charges and a lengthy prison sentence. While many sites have recently been unblocked by the Chinese government because of the Beijing Olympics, many other sites including, pro-democracy advocates, Taiwanese government and media, and blog sites are still banned. The idea of having privacy rights or any type of Internet privacy is a concept that many Chinese citizens have little understanding of.

The concept of the Great Firewall started in 1998 and began operating in 2003. The need for the GSP stemmed from Communist regimes fearing that the Chinese Democracy Party would develop an extensive and powerful network that couldn’t be controlled. The GSP acts as a firewall (hence the nickname) and blocks content based on IP addresses and a massive database of banned websites. The IPs are banned and prevented from gaining access to blocked content basically by using a proxy server the opposite way we would use it (think: reverse proxy). GSP combines IP filtering with DNS poisoning to maintain control over the Internet in China.

Along with IP blocking, URL-, DNS-, and Packet-filtering, the GSP has a unique characteristic: it doesn’t just ban sites based on these methods, but also bans websites based on the content. This blog would be banned instantly because it shows methods for gaining access to “forbidden sites,” but also any content that is considered subversive by the government would be subject to banishment (this means any pro-democracy, pro-Tibet, and pro-anything else the Chinese government is against).

The final point that has been brought about because of the Great Firewall is self-censorship. While sites that should be banned do slip through the cracks, many Chinese citizens end up practicing self-censorship and not visiting these sites anyway. It makes perfect sense: Just because the site hasn’t been banned yet, is it still okay to look at? Why take that chance and end up in prison like many Chinese bloggers do? The thought that you are being watched by the Golden Shield Project even if the site is allowed on the network is a mighty force…people tend to act differently when their bosses, or the authorities, are paying attention.

To ensure your Internet Privacy, there are two things to watch, your IP address and your local Internet traces. In this post, we will focus on hiding your IP address.

First, why be concerned about hiding your IP address? Why do people search on Hide My IP or Hide My IP Address? It’s simple, your IP address is associated with the server you use to connect to the Internet.

For example, I live in Tampa and connect to the Internet with my Road Runner account. When I check my IP address, it shows that I am in Tampa and use Road Runner as my Internet Service Provider (ISP). That in itself is not a problem. However, there are two possible reasons to be concerned. First, some sites block access based on an IP address. You might have been banned from a favorite website, or posted over the daily allowable limit on a given website. The IP address is one of the ways that you can be tracked or blocked. However, as I tell all our customers of our anonymous proxy, Private Proxy, to change IP addresses is often not enough. You also have to make sure you don’t have a cookie stored on your PC that also identifies you. Assuming the cookie issue is solved, hide IP software or services can get you past a blocked website.

If you surf from work, you might need a hide IP address service so that you can not be tracked back to your company. When you surf from work, chances are that you are connecting through your company’s Internet server. This server’s IP address will identify the company. If you are researching a competitor you probably would not want your IP address to show up on the competitor’s website log. Worse yet, if you are surfing for personal reasons at work, you really might not want anyone to be able to track back to your employer.

In both instances, whether surfing from home or work, the server you connect through has a log showing your web surfing. With an IP address that points back to the server, you can be tracked back directly to your home or our desk. Here’s how: The IP address shows the web server. The web server knows who you are. In the case of an employer, all they have to do is look at the log. In the case of an ISP, all it takes is a subpoena or a helpful ISP employee. In either case, with the right questions, you can be traced.

So why do I hide my IP address? It’s mostly principle. When I hide my IP address I know I’ve made it more difficult for someone to trace me. I find it very disturbing that some web sites and most search engines use IP addresses to build profiles. Why make it easy for them? Hence, I hide my IP.

A recent article by the McClatchy Washington Bureau reported that the Federal Trade Commission (FTC) will not intervene in the battle between data-miners and Internet marketers–ultimately allowing them to figure out for themselves how to protect the Internet privacy of its users. So much for the FTC’s catchy slogan of “protecting America’s consumers.”

The FTC’s official statement on the subject is, “Self-regulation may be the preferable approach for this dynamic marketplace.” With this being the way it is, new legislation won’t even be considered until the new President takes charge next January.

This battle has been raging, and now it may be at its all-time worst. With more consumers worrying about their privacy and more companies using behavioral targeting to advertise to potential customers, Internet privacy is a volatile and touchy subject. Without help from the FTC, this problem will not figure itself out. Limits will be tested and boundaries pushed by companies to see how far they can take the tracking and recording of private information without getting in trouble for it.

While self-regulation is a start, governments needs to step in and do something. Self-regulating is not the final solution, especially when the two sides are on completely different ends of the spectrum…it will be difficult to self-regulate when the corporations want more information and the consumers don’t want their privacy invaded. FTC regulations would make everything uniform and consistent.

One of the comments to the article stated it in the best words possible when considering using only self-regulation: It’s like letting the fox guard then hen house…

Everyday millions Internet users make purchases online. Most people do not realize the dangers lurking behind recommendations that websites make based on your purchases. In theory it seems like a great idea…I purchased the latest Stephen King book and here is a list of other books I may like based on my previous purchase. What’s not to like about that? That is great customer service…or is it? A recent article published by the Wharton School of Business shows the underlying dangers of behavioral targeting.

The article starts off by turning the tables…what if you buy your favorite movie and then see recommendations for other movies you may like? That is something we all appreciate. But what if the next time you visit the site you see an ad that has nothing to do with your movie choices? Instead the advertisement is for debt consolidation or treatment for a medical problem…this is what the article describes as the “creepiness factor,” the private part of your life that is somehow not private anymore.

The way the creepiness factor comes from marketing companies tracking your surfing habits and building up a profile about you based on the sites you visit, e-mails you write, etc…. The companies argue that focusing advertisements based on your needs is beneficial to you as a consumer, and that the trade-off between better advertisements and your personal privacy and Internet anonymity is worth it. I disagree…and so do most people. A recent research study, presented in the article, showed that 91% of adult Internet users would use some sort of tool to surf anonymously and avoid having their information tracked and stored.

The article continues to discuss how technology has evolved over the years, but the policy for protecting us while using the Internet has not. There is no barrier. Any law that is intended to help us has a loophole. For example, the government can’t collect certain information from us without a warrant, so they buy it from a company’s marketing department that collects the information legally without us knowing it.

I would like to know when my information is being stored in some database and how it will be used by the company. Protecting your privacy needs to be proactive. The use of proxy servers and other privacy tools can help hide your IP address and keep you from having your identity stolen.

The front page of Yahoo! News has quite an interesting story about Identity Theft and Privacy. Everyone may know Todd Davis as the creator of LifeLock who has his real Social Security Number displayed for the world to see and guarantees that it will be safe. Well, interestingly enough, his guarantee didn’t stand.

Customers from three different states are suing him because they claim the product doesn’t work, a claim Mr. Davis unfortunately knows all too well, since he was also hacked and had his identity stolen. At least 20 people tried to obtain a driver’s license in his name, and in 87 different attempts to steal his identity one person managed to succeed and get himself a $500 payday loan in Mr. Davis’ name through an online company.

LifeLock charges a monthly fee to monitor your information and set fraud alerts with the credit bureaus. The lawsuit, which is seeking class-action status, will attempt to shed light on how much protection these companies can actually provide.

It is unfortunate that this happened to Mr. Davis, but he didn’t follow the basic rule that everyone learned when they were 12….DON’T GIVE OUT YOUR SOCIAL SECURITY NUMBER. Nobody can guarantee this type of protection and LifeLock proved it. In Friday’s Internet Privacy post, I mentioned that, “You can safely assume that you have zero privacy while surfing the Internet, and privacy protection goes above and beyond the latest Norton update. Privacy on the Internet is not given to you. As an Internet user, you must proactively search ways to protect your Internet Privacy while online.” Well, this is a perfect example…Customers thought that LifeLock would be secure enough that they didn’t have to worry about anything else. While LifeLock is without a doubt an excellent product, common sense must be used at all times.

Two recent articles about Charter Communications, recently reported that the company will monitor customers’ web surfing habits. The second article discusses the two congressmen who are trying to stop Charter from tracking the surfing habits of their customers.

Charter is the third-largest publicly traded cable operator in the U.S., operating in 29 states. Charter wanted to test this concept in four market areas: Fort Worth, TX; San Luis Obispo, CA; Oxford, MA.; and Newtown, CT. and sent out letters to hundresds of thousands of customers telling them this program will begin in 30 days….before a final desicion is made about using this on all 2.8 million Internet customers.

This data will be sent to NebuAd, which will then cross-reference the surfing habits and send advertisements that would be of interest to the user. This term is called “behavioral targeting,” and it is a major privacy threat. I suppose the letters that the customers received made it alright to pry in on their personal lives and invade their internet privacy. Of course, the users can opt out but they have to go out of their way and manually do it…which takes us back to a previous blog post from Friday regarding who you can trust with your Internet privacy. Shouldn’t it be the other way around? Users should manually choose to accept this test program…

Charter will need to follow their users around somehow, and it will have to be with an IP address. Is it really enhancing my Internet experience to be tracked all over the Internet, and then having it pushed back in my face in the form of Internet advertising? I don’t see it that way. I see it as having to go out and find a good proxy server to protect myself while surfing the internet.

This is a difficult question to answer. Of course, Internet privacy should be a major concern to anyone who boots up a computer and checks their e-mail. With modern technology comes a new generation of criminals and misfits who will use it with bad intentions.

Even if criminal activity isn’t involved, some of the sources you, as an Internet user, think you can trust will let you down. Internet Service Providers (ISP), search engines, and marketing companies all use this technology to track your IP address and slowly build up a profile about your surfing habits so they can advertise more effectively…that is correct, your own ISP keeps tabs on your internet habits.

You can safely assume that you have zero privacy while surfing the Internet, and privacy protection goes above and beyond the latest Norton update. Privacy on the Internet is not given to you. As an Internet user, you must proactively search ways to protect your Internet Privacy while online.

This brings us to the million dollar question…who can you trust?

Many places offer Internet privacy tools, but what do they have in mind? Is it a company that cares about your privacy? Knowing who you can and can’t turn to is important. Internet privacy tools can be found just about anywhere, but this is an area where you get what you pay for. Would you trust a stranger on the streets to walk up to you and give you a brand-new television? Then why would you use a tool that is meant to protect your privacy without knowing who is behind it?

While you can never be truly anonymous, you can be protected. Some company will always have your information, especially since have to pay your bills. In the case of using a company’s protection tools, the important thing to know is how will they use it? Will they sell it to the highest bidder, or will they follow their privacy policy and not jeopardize your information. The point of using their products is that they stand behind them and guarantee them to work. I feel strongly about knowing who is taking my money and I want to have a face and a name to stand behind the product. I want to know the people who I am trusting with my personal information.