EFF Issues Update on Online Privacy

Gretchen Hyman

Updated · Jun 15, 2002

With the ever-watchful eye of Big Brother becoming more of a reality, the Electronic Frontier Foundation (EFF), a San Francisco-based civil liberties organization, this week released an updated list on some of the best methods for maintaining online privacy.

Scribed by EFF Technology Director Stanton McCandlish, “EFF’s Top 12 Ways to Protect Your Online Privacy,” discusses the use of encryption and cookie management as essential to keeping personal information out of unwelcome hands.

The first and foremost golden rule from EFF is for users to be more prudent about not revealing personal information to third parties. Web browsers can be configured in the “Setup,” “Options,” or “Preferences” menus to create a pseudonym instead of using a real name, and EFF urges caution when revealing email addresses or other personal information.

Those little bits of information called cookies that Web sites store on personal computers, which in some cases are harmless little crumbs, can also be used for data mining purposes that track online activity for third party marketing purposes. EFF advises users to turn on cookie notices in a Web browser for immediate notification of when a site tries to write a cookie file onto your hard drive.

Both Netscape and Internet Explorer offer cookie management interfaces that allow users to selectively enable or disable cookies on a site-by-site basis and delete any specific cookies that are suspicious. Alternative browsers like Mozilla (Windows, Mac, Linux), Opera (Windows, Mac, Linux), Konqueror (Linux), and iCab (Mac), also offer commendable cookie management options.

However, says McCandlish, “The best solution doesn’t exist yet: Full cookie management abilities built into the browsers themselves. Only increased user pressure on Microsoft, Netscape, and other browser makers can make this happen. Users should ultimately be able to reject cookies on a whole-domain basis, reject all third-party cookies by default, reject all cookies that are not essential for the transaction at hand, receive notice of exactly what a cookie is intended for, and be able to set default behaviors and permissions rather than have to interact with cookies on a page-by-page basis. This just isn’t possible yet.”

EFF’s other privacy tips include developing a “side” email account, pseudonym, or alternate email address when mailing to unknown parties, newsgroups, mailing lists, or chat rooms in order to avoid falling into the hands of spammers or weirdos.

The report also warns against revealing too much personal data to newly made online acquaintances for personal safety reasons. Avoid making the embarrassing mistake of sending personal emails from work, only to discover that all of your email activity is being monitored. Be wary of sites that offer prizes or rewards in exchange for personal data. Do not, under any circumstances, respond to spam email, which includes replying to the “remove” option. This kind of response can only worsen matters and confirm to the third party that there is infact someone on the receiving end, and will possibly make your name and address a more valuable commodity to spammers.

Don’t send credit card information, unless the connection is encrypted. Take time to read privacy policies. Pay attention to the literal translation of ‘homeland security’ and if you have a DSL line, broadband cable modem, or other connection to the Internet that is up and running 24 hours (including T1 at the office without a firewall or NAT), be sure to turn your computer off when you are not using it. DSL-connected home computers can be attacked with surprising ease by hackers and other illegal consorts. And lastly, warns McCandlish, use encryption.

“There are other privacy threats besides abusive marketers, nosy bosses, spammers, and scammers,” said McCandlish. “Some of the threats include industrial espionage, government surveillance, identity theft, disgruntled former associates, and system crackers,” which can mostly be avoided with easy-to-use email and file encryption software. “Good encryption uses very robust secret codes, that are difficult if not impossible to crack, to protect your data.”

In his report, McCandlish also provides numerous links and recommendations for protecting personal data at home or the office.

More Posts By Gretchen Hyman