31 Comments

Summary:

Privacy on the Internet — as Facebook’s Beacon advertising platform and other examples make clear — is not something that anyone can expect. It can be achieved, however, and maintained. Here’s how.

As privacy issues continue to monopolize our national conversation, sparked by everything from Google’s proposed takeover of DoubleClick to Facebook’s Beacon advertising platform to warrantless wiretapping by the NSA and various other activities that bring to mind tinfoil hats and black helicopters, I’ve started to wonder: How does one attain some semblance of privacy on the Internet? For while I can live with the fact that national security concerns may warrant some invasion of privacy at some point, I am not comfortable giving up personal information as to how I think for the sake of companies and their marketing departments serving me relevant advertising.

I know I am a part of a specific targeted demographic and I realize that marketers value, above all, the ability to understanding the basic incentives of targeted demographics. Further, I realize that it is exceptionally difficult to live in society today without being classified for marketing purposes – i.e. I am a male living in Silicon Valley and working in venture capital– and that this practice has been done for years via credit card purchases, mortgage information and other sources of data. What bothers me is that gathering my personal data gives marketers access to my personal habits, which they can then analyze in an attempt to understand why I do what I do and use their conclusions to serve me up [what they hope is] more relevant advertising. And what scares me is that some people call this a feature and are willing to grant access to their private digital footprint in return for this so-called relevant advertising.

To borrow an example from a friend of mine, I don’t care if my local grocery chain store knows that skirt steak and Corona beer are usually purchased together by males between 24 and 42 years of age. However, I do care if a search engine company knows that I purchased these items at the grocery chain store at four in the afternoon on Saturday, recently bought a round-trip ticket to Argentina and returned an item to the Macy’s in Union Square last weekend. Do they serve my needs any better by inserting advertising for Niman Ranch beef, hotel discounts in Buenos Aires and Macy’s latest sale on my Facebook page? I understand why, in terms of advertising rates, this is good for Facebook, but why am I giving up my privacy for this service?

So here are some ways to regain a reasonable facsimile of privacy on the Internet — or at least attempt to give marketers the most limited amount of personal information possible. Some of these are fairly practical and easily accomplished while others, admittedly, are way off the fairway and only for the serious privacy advocates and full-blown conspiracy theorists.

Feeling Practical But Not Paranoid?

Do not use desktop search tools like Google Desktop or Microsoft Desktop Search. A full index of every keyword on your hard drive in the hands of marketers is very useful for the purposes of targeted advertising.

Do not use webmail from a service provider like AT&T, Google or Microsoft. Same reason as above, except here it applies to every email you send or receive.

Do not use browser toolbars or desktop gadgets. Both of these types of add-ons from companies like Yahoo and Google are known to gather information on your online activity for marketing purposes.

Remove all social network accounts. There is loads of good information there that can be used for targeting and correlation. At the very least, remove all personal information and have a username that does not give any clues to your true identity.

Clear your browser cookies after every session. Alternatively, only search using Ask.com and enable AskEraser. To take erasing your footprint a step further, do not accept any browser cookies by default. This additional step will make web surfing slower and more intrusive as you will have to manually accept or deny cookies. That being said, if you surf for an hour without accepting cookies by default you will become much more aware of them, and that in and of itself could prove enlightening.

Change your local username daily. Browsers and other software have been known to pass local usernames to servers as part of their operation. If your username is something like “first.lastname” this is clearly useful information for data collection purposes.

Use Opera. With Opera, you can mimic another browser’s identification string, which helps mask your browser’s settings and reduces the information that you send to a web site when you visit.

Paranoid and Happy to Admit It:

Do not make international phone calls. Even if warrantless wiretapping by the NSA does not concern you, you need to be aware of Echelon.

Do not have a home broadband connection. If you have a home broadband connection, a network service provider can map your name to your IP address to your physical location. Again, your name, where you live and your Internet activity is all useful information for marketers.

Use free Wi-Fi. If you don’t have a home broadband connection but you will still want to be connected, find a free wireless access point at a local coffee shop. To further hide your existence, every time your computer associates with a wireless access point, manually change your MAC address.

Install a host-based Intrusion Detection System (IDS) like OSSEC. Assuming that you are already using a personal firewall, anti-spam and anti-spy software, a host-based IDS will ensure your computer isn’t being used without your knowledge. For an additional level of security, you could block all Internet traffic except for HTTP (port 80) and then log and trap anything else.

If you’re not satisfied being paranoid and want to venture into the land of Ted Kaczynski, you should give up on email, not have a home phone, use a pre-paid mobile phone that you change frequently, get all of your physical mail at a P.O. box and do every transaction (including buying a home or cabin in the woods) with cash.

But perhaps you want to live in our society, write on popular blogs — even have a public profile. I do, which means that I have a public presence for marketers to analyze. But I also follow most of the practical advice that I give above, because the only way to maintain a semblance of privacy on the Internet is to take responsibility for guarding your information – to whatever degree you see fit.

  1. a typo in your article – it says aks.com

    Share
  2. Thanks Tech, good catch and we’ll get it fixed.

    Share
  3. One more suggestion, never post your phone number online. Use Numbr.com or K7 to talk to strangers. Happy holidays!!

    Share
  4. Wow that’s really one good post that I’ve been looking for, very well-thought-out. It’s a must read article!

    Nhick
    http://www.itrush.com

    Share
  5. I am sorry…one of the most useless articles that I read this morning. Half way thru’ I thought it was a joke. These are impractical to say the least.

    Share
  6. you’re kidding right? No broadband at home, change your MAC address each time, no webmail, etc. I think that these are things that MOST of us don’t have time to ‘wipe’ clean nor are really practicle to do so. A better solution would be to allow consumers to control who gets this data by hosting it somewhere in 1 bucket and allowing or not certain online vendors to ‘tap’ the bucket when the consumer wants to use a web service. Now, I have control, dont have to ‘wipe’ anything clean and the online vendor still gets his data for marketing purposes. ~b.

    Share
  7. I originally posted this on Winextra.com as a response to an article about Google and privacy…

    OH PLEASE! Where in the entire universe did anyone believe that there was such a thing as privacy? Huh?

    Why are we continuing this charade of believing that anything posted anywhere in the Electronic Kingdom is sacred? THERE IS NO SUCH THING AS PRIVACY! Get over it and get on with your public lives! You INSIST on giving away the most intimate details of your life and then turn around and expect some sort of privacy? Get a grip!

    Meet Joe and Jane Average

    Walmart can describe Jane almost to the centimeter. Bra size, panty size, hose preference, dress size, shoe size. And then her personal habits. Deoderant, bady wash, perfume, eyeshadow, lip gloss, hair color (Jane is trying to cover that grey.) And she appears to be concerned with her “bikini lines” because she recently bought the latest trimmer.

    Joe average is just that, average. Except Walmart knows the size of his penis by the condoms he buys (Magnums – Joe is pretty well hung.) Walmart can guestimate fairly accurately how often Joe is getting some… buys a 12 pack once every 6 weeks.

    What Joe doesn’t know and Walmart (and Jane) does know is the size of Jane’s lover’s penis. Seems she’s buying a 3 pack every other week. Has been for almost two years.

    We GIVE away the most intimate (secret) details of our lives and then have some expectation of privacy? Duh!!!!

    Share
  8. @Rahul and Nhick – thanks, much appreciated.

    @kp – I agree some are very impractical, but does that not show you how little control you have over your privacy?

    @yoda2unow – who would you trust with this 1 bucket of information? The government? Google?

    @Papa – I agree that privacy is nearly impossible to a certain degree. Still, there are things people can do, IMHO, to give them some privacy. Your example of Joe and Jane works great if they both shop at Walmart or have credit cards that sell their information to others for marketing purposes (and I always check that before I sign up for a credit card). On the Internet, both Joe and Jane don’t need to shop at the same store or even a single store regularly, they just need a broadband connection and a network service provider who tracks their activity (http://gigaom.com/2007/10/24/stats-for-search-a-paradigm-shift/).

    Share
  9. Well you’re a real paranoid for sure.
    Most of youre tips garantee user anonimity. I’m developping a firefox plugin which attempt to provide privacy using obfuscation.
    My plugin (called SquiggleSR) generate false queries on Google and click on some results (no adwords cause that’s fraud…). Because I’m quite a paranoid too, I’ll try to make this realist (simulating browsing on pages with double-click ads). It’s available on http://squigglesr.free.fr
    If you want make search engine very angry :
    - Stop using them instead as dns server (for instance don’t make search for myspace.com!!)
    - When you make a research in order to buy something…don’t click on adwords, simply copy/past addresses in your browser! Who knows, maybe someday company will rewards costless clients (i.e : those who don’t use search engine)

    Share
  10. Hum I have put ironic “advertisment” anchors in my previous post but they’ve been removed.

    Share

Comments have been disabled for this post