Everyday millions Internet users make purchases online. Most people do not realize the dangers lurking behind recommendations that websites make based on your purchases. In theory it seems like a great idea…I purchased the latest Stephen King book and here is a list of other books I may like based on my previous purchase. What’s not to like about that? That is great customer service…or is it? A recent article published by the Wharton School of Business shows the underlying dangers of behavioral targeting.

The article starts off by turning the tables…what if you buy your favorite movie and then see recommendations for other movies you may like? That is something we all appreciate. But what if the next time you visit the site you see an ad that has nothing to do with your movie choices? Instead the advertisement is for debt consolidation or treatment for a medical problem…this is what the article describes as the “creepiness factor,” the private part of your life that is somehow not private anymore.

The way the creepiness factor comes from marketing companies tracking your surfing habits and building up a profile about you based on the sites you visit, e-mails you write, etc…. The companies argue that focusing advertisements based on your needs is beneficial to you as a consumer, and that the trade-off between better advertisements and your personal privacy and Internet anonymity is worth it. I disagree…and so do most people. A recent research study, presented in the article, showed that 91% of adult Internet users would use some sort of tool to surf anonymously and avoid having their information tracked and stored.

The article continues to discuss how technology has evolved over the years, but the policy for protecting us while using the Internet has not. There is no barrier. Any law that is intended to help us has a loophole. For example, the government can’t collect certain information from us without a warrant, so they buy it from a company’s marketing department that collects the information legally without us knowing it.

I would like to know when my information is being stored in some database and how it will be used by the company. Protecting your privacy needs to be proactive. The use of proxy servers and other privacy tools can help hide your IP address and keep you from having your identity stolen.

Remember when you were younger and wanted x-ray glasses? Well now all you have to do is get a job with the Transportation Security Administration. This recent article from The Dallas Morning News (dallasnews.com) reports on the newest invasion of privacy when traveling.

The TSA is using a new scanning method which has many people baffled and shocked. The new millimeter wave whole body image device shows what’s going on under a traveler’s clothes. The TSA argues that this will speed up the screening process…at the expense of someone seeing a 3-D image of what is under your clothes. This will increase security measures since only metal objects are detected via a magnetometer.

Privacy advocates are saying that these images are too revealing. This is the equivalent of being strip searched. The TSA and privacy advocates do not agree on the potential uses for this. Ultimately privacy advocates are saying, “American passengers should not have to parade naked in front of security screeners in order to board the plane.”

The TSA has a modesty filter on the machines so that images are not too revealing…how does this help either way? So if I am hiding something it can potentially be blurred…but if I’m not then, I still have a machine basically taking naked photos of me. The screening is completely optional…but the TSA doesn’t promote that fact. A passenger can skip the screening and be patted down by security. People are being put through this screening process without even being made aware that it is happening. Is it their fault for not questioning airport security? I would say no…it is the TSA’s fault for not letting passengers know what they are being subjected to.

A recent USA Today tech article focused on the invasion of privacy many will face when traveling to the Olympics in China this summer. The warnings, aimed mostly at federal officials and business people, are telling travellers that the Chinese government will most likely attempt to penetrate the electronic devices (cell phones, PDAs, and laptops) being brought into the country. The Chinese government intends to steal information and plant bugs to gain access to U.S. networks. Just about anyone that has political influence, a government position, or works for a large company is at risk to have their privacy completely compromised.

The Overseas Security Advisory Council states that Chinese government frequently uses these tactics to gain access to personal and official computers. China’s Internet and wireless networks are run by the government, which has access to any bit of data being transferred. A laptop being searched by airport security or left in the hotel while attending the day’s games are vulnerable to attack. The control that the government has over the Internet allows them to invade any one’s privacy since they have to surf the web through their network.

This is a major privacy threat for anyone travelling abroad for the Olympics. Any information you have on you is subject to Chinese inspection. Further, travelers coming home. should have their systems checked before connecting their network.

So now where does it go from here? Consider travelling without any of these electronics. If you have to bring them with you, make sure no personal or official information (of a sensitive nature) is stored on them. And if none of those precautions can be taken, then make sure a good proxy server is used while in China, and have everything on the computer’s drive encrypted.

MSNBC reported yesterday that Northeastern University conducted a study in which 100,000 users outside the U.S. were tracked by their cell phones. Did I mention the users were not told about this or consented to this. It was done in secret and concluded that most people stay relatively close to their homes.

Well, I am glad they know that information. It was worth spying on 100,000 people through calls and text messages to find out that people tend to stay close to home. I can live a much happier life now that I know this. This method of collection is illegal in the United States since it was non consensual. The researchers would not comment on which people were used, which country, or the service provider. Over a six month period outgoing and inbound calls and text messages were taken and analyzed.

The authors of the study said that the numbers were anonymous because they were scrambled into a 26 figure code. This would raise almost no ethical or privacy flags if the cell phone users consented to this. Some phone companies actually market tracking abilities to parents and employers. The fact of the matter is not how the information was used, but that the information was taken. So now I am a guinea pig just because? I don’t buy it at all. Just because the researchers don’t have the numbers I have to assume I’m safe. I think I know better than that. Someone out there has a list of all 100,000 people and their calls.

The scientists feel that since they are using it for research purposes it is alright. The data that could be misused is being handled properly so everything is fine…no need to worry, a scientist said so. The line between public research and personal privacy has surely been crossed here.

Two recent articles about Charter Communications, recently reported that the company will monitor customers’ web surfing habits. The second article discusses the two congressmen who are trying to stop Charter from tracking the surfing habits of their customers.

Charter is the third-largest publicly traded cable operator in the U.S., operating in 29 states. Charter wanted to test this concept in four market areas: Fort Worth, TX; San Luis Obispo, CA; Oxford, MA.; and Newtown, CT. and sent out letters to hundresds of thousands of customers telling them this program will begin in 30 days….before a final desicion is made about using this on all 2.8 million Internet customers.

This data will be sent to NebuAd, which will then cross-reference the surfing habits and send advertisements that would be of interest to the user. This term is called “behavioral targeting,” and it is a major privacy threat. I suppose the letters that the customers received made it alright to pry in on their personal lives and invade their internet privacy. Of course, the users can opt out but they have to go out of their way and manually do it…which takes us back to a previous blog post from Friday regarding who you can trust with your Internet privacy. Shouldn’t it be the other way around? Users should manually choose to accept this test program…

Charter will need to follow their users around somehow, and it will have to be with an IP address. Is it really enhancing my Internet experience to be tracked all over the Internet, and then having it pushed back in my face in the form of Internet advertising? I don’t see it that way. I see it as having to go out and find a good proxy server to protect myself while surfing the internet.

Two recent articles published by Computerworld discuss the Electronic Privacy you have, or in this case don’t have, while travelling across U.S. borders. The second article is more of an update so that you can travel and know how Customs agents can invade your privacy. Customs does not need any form of reasonable doubt or suspicion to search a person’s electronic devices, especially laptops and PDAs. Any type of device that can, “store large amounts of data, ideas, e-mail, chats and Web-surfing habits,” is fair game. The Ninth Circuit ruled that these devices can be searched and seized without a warrant or probable cause, and the Customs Department went on to say that anyone travelling can, and most likely will, be searched for having these devices. The main focus was centered on traveling with laptops. Not that this automatically makes you a criminal, but it is putting your personal privacy in jeopardy. Searches made at the border are “reasonable simply by virtue of the fact that they occur at the border.” Searches are not limited to hard-drives, meaning any internet usage is also subject to being searched, including internet history, e-mails, cookies, etc.

This brings about some questions…

• What is the extent of the search and seizure of laptops?
• Will they take my laptop and when can I get it back?
• Will my company information be subject to the search? This violates many company’s privacy policies, especially when dealing with personal information or financial information (such as credit cards and bank accounts).
• Where is the information that Customs copies kept?
• How long is this information kept?
• How is it disposed of? Or is it disposed of at all?

Do Customs agents have any protocol to follow at all, or are these questions something of little importance? Depending on the amount of information being stored on a hard-drive, many people can lose their anonymity and privacy. The Association of Corporate Travel Executives (ACTE) is warning travelers to keep limited amounts of information while traveling, and to keep your computer protected from privacy threats. The ACTE is concerned that corporate data could be copied and lead to security breaches and numerous other privacy risks. This means a database of customers’ names and information, which at one point was completely confidential, can be seen by anyone who works for Customs…

Secret rooms where the government monitors all Internet communications including e-mail, web surfing and even voice over IP. Sounds like a great fiction story. All it needs is a hero and a villain.

Unfortunately this is not the newest book by your favorite author. Nor is it the imagination of a conspiracy theorist blogger. Luckily we have a hero, Mark Klein.

So if everything you do is being monitored, what can you do? You have two choices:

1. Don’t do anything on the Internet that you want to keep private.
2. Use a proxy server located in a country other than the US.

If you don’t do either, just know that your Internet Privacy is at risk!

Reports from the UK tell that the Information Commissioner has ruled that users/customers must consent and request to “opt-in” to Phorm’s advertising system. ISPs must have consent from their users to send targeted advertisements. The ICO decision was happily accepted by many people, including Which Technology editor Matthew Bath. Mr. Bath went on to state, “Broadband customers would have been kept in the dark that their web browsing behaviour was being collected and sold to advertisers. This means consumers will now be fully aware of what the system does before any data is collected.”

EUObserver.com reported that the “European Commission’s data protection watchdog” prepared a draft stating search engines should not hold onto information longer than six months. Currently, some search engines hold onto data for up to 2 years (18 months for the big boys–Yahoo! and Google), which is a big no-no in regards to privacy.

The board stated in their draft that, “Search engine providers must delete or irreversibly anonymise personal data once they no longer serve the specified and legitimate purpose they were collected for.” Also, the board added that the user must consent to search engines collecting and storing personal data.

The data collected by the search engines is done through the computer’s IP address (which is basicially your identification while using the internet) and by placing cookies. A proxy server sounds like a good idea right about now…

The article also goes on to mention the AOL fiasco from 2006….a brief rundown of it: AOL put 650,000 users search information on the internet. It has already happened once in recent times, how much bigger could it be next time when Yahoo! or Google (the titans of search engines) accidently post information about everyone that uses the search engine? I think it will be worse…that’s just my 2 cents.

I thought that would get some attention. No posts for a while, but here is a good one (good articles, not so good news).

Articles found here and here.

BT, a British broadband provider, recently came out and wanted to let everyone know that they spied on 36,000 customers…without the customers knowledge of course. Basically, BT monitored every page visited to help tailor advertisements to them. Good or bad? BAAAAAAAAAAAAAAAAAD! To cover up, BT originally told customers that a software virus was the culprit; then decided to tell the 36,000 users that they were used as a “small-scale technical trial.” To put people at ease the executives assured that no personally identifiable information was recorded.

The monitoring system was created by Phorm and would scan and record information, such as keywords, from a website and add the information to a file about the person based on anonymous code numbers (maybe by IP addresses?) so that online ads could be better tailored to them. Phorm claims that this is a benefit…Is it acceptable to get a good deal on a laptop through these ads, because your ISP monitored your information? I am not on board with that theory and think I will keep using a proxy server to mask my IP address.

And if your gonna spy, don’t leave viruses behind…duh. Customers were buying brand new computers and BT would still them it was a software virus….I hope they get reimbursed.