What kind of information about me is being bandied about while I surf here and there? Do they know who I am?
The answer to the safety question is yes, and no. Surfing the web is a lot like driving on the Interstate. You can be recognized because your car is of a certain make, model and year, and it has certain markings. Most other drivers know you only by the car you drive.
Like identifying your car, a website can gather a fair bit of data about your computer. The box below shows real data about your machine (try it on a different computer, and see how it changes):
Scary? A site can collect this information and store it as a kind of “fingerprint” with a fair degree of specificity. But as you can see, it’s all about your computer; it’s not about you. If we were storing information about your computer’s fingerprint (we’re not), we could also tell you how many times you have been to this page before, or track what links you click on our site.
Another way to identify your unique computer is to set a “cookie” – a little code that can be sent to, stored within, and retrieved from your browser. Cookies carry no information within themselves other than that they are unique. They can be extremely useful, such as when you want to stay logged in to an account on a trusted site – like when you are shopping online, for instance. Compared to the computer fingerprint, the cookie is more reliable, and more of an above-board approach. You can erase your browser’s cookies whenever you want.
So, What’s Being Done With This Information?
A site can not gather any of your personal information, unless you give it to them willingly (or they obtain it from others who have it). This is why privacy statements are everywhere on the web. They outline just how much a site is willing to share your information with other parties. Read them. They are intended to protect the company who wrote them, not necessarily to protect your information.
Back to the Interstate metaphor: your car also displays a licence number, which a cop can look up in his/her on-board computer and determine who you are, because it has been cross-referenced to your personal infomation. The average person is not privy to that information, but given the right authority those details can be obtained.
Who Is Cross-Referencing My Unique Computer Fingerprint with My Personal Information?
Hmm. Probably more people than you would care to know. Any time you fill out a form online, you are taking the risk that someone may share that information with another, and once that information is attached to the unique fingerprint of your computer, they know who you are. but they can only track that from within their own site. It’s not as if you are being tracked everywhere (unless your computer is infected with spyware, the type of thing that tracks your clicks and sometimes even your keystrokes; always make sure your computer is free of spyware and malware).
Is It Really That Bad?
Probably not. Actually things aren’t much different than they were before the web, it’s just that information moves a lot faster now. Any time you bought something from a mail-order catalog, you were bound to receive tons of other catalogs from companies who procured your mailing address. With all this snooping, you will most likely see yourself become better targeted by ads or spam as time goes on.
Freely distributing certain information like credit card numbers is prohibited by law. So for the most part, your privacy is legally protected for such sensitive stuff. Still, it is possible (though difficult) to “tap-in” on an internet connection, so any time you are entering anything as sensitive as that, be sure the page is secure. If “https:” is at the beginning of the web address, anyone surreptitiously listening in on the line would receive only encrypted gobbledygook. Never enter something like credit card or bank information without that “https” in the address.
As in the “real” world, you should be careful with whom you share your sensitive information. Check the site’s security, read those privacy statements, and know who’s sharing what.