Sep13

A Note About Internet Privacy

Posted on by
A Note About Internet Privacy

Comments I’ve seen here and elsewhere lead me to believe that many people, especially young people, have some misconceptions about Internet Privacy.  Apparently, people seem to believe that all you need is a screen name and you can say or do whatever you want without repercussion.  Clearly, it leads to people saying things that they would never say to another human being face to face and visiting sites with objectionable content. 

Now that schools all over have computer classes and computer labs for their students, with access to the internet that is only moderately restricted by censoring software, I think that part of the computer curriculum should include instruction on how the Internet works, and just what degree of privacy (and accountability) these kids are really going to have.

Students, on a very basic, simplistic level, the Internet is similar to the telephone.  You sign up for service, get a phone number, and your phone is hooked up to a Central Unit which directs your calls over a giant network.  That Central Unit records all the numbers you dial, not just the ones that show up on your bill.  By the same token, it also records all the numbers that called in to you.  Well, when you (or your company or school or parents) sign up for internet service, you get an IP address.  The Internet Service Provider has all the information it needs in order to bill you, and its server (another computer, belonging to the Service Provider usually) records your address as you go out onto the web.  Just like phone service, it needs both the originating and terminating IP address to make that connection.  By the same token, the server for the sites you visit keeps a record of the IP addresses that connected to it.

Now add another level – your PC.  Everything you do is recorded on the hard drive – you hear about this all the time in the news, don’t you, about police and FBI taking people’s computers away?  Your hard drive is a physical record.  You can turn off cookies and popups, regularly erase your temporary internet files, and it’ll still be easy to find out what you’ve been up to.  There are programs that will strip a hard drive so it’s safer to resell to someone else, but not even those completely remove all the data.  You’d have to take the drive out and melt it into a heap of slag.  In fact, if you copied only the files you wanted to save onto floppies or another hard drive, pieces of data from the files you wanted to hide could still be embedded.  The old Dick Tracy detective trick of lightly drawing over the blank sheet of paper that was under the secret note to see what the secret note said is a pretty simple analogy.  The paper looks blank, but a little trick can reveal what was torn off from on top of it.

And still, there’s more.  The server on the receiving end keeps a record of the IP addresses that have visited it.  Sometimes that server belongs to an Internet Service Provider, but many site owners also have their own servers.  In that case, you could be connecting to a computer that some guy has in his house, and he doesn’t have to go through any inquiries or requests through his ISP to find out who visited the site.  If he’s savvy enough, he can find out the personal information of the owner of that IP address, and if you use a unique domain name, one that you had to register, then it’s a very easy task to get your home address and phone from InterNIC.

Now, if you’re using a school or company computer, you might feel safely removed from this, but think about it.  How did you access the Internet?  You have a user name or account and a password, right?  And it was given to you by your teacher or employer, right?  And the computer you’re using has a hard drive, or connects to a common drive, right?  That means that all the activity generated by your account is recorded right there.  If the owner of the drive is contacted about inappropriate activity, all the information he or she needs to find who did it is right there.

I hope this is food for thought for some people.  Clearly, most of the time it’s not worth it to track down who visited a site or said something rude – it’s easier to block addresses or add filters – but sometimes you’re playing with fire.  Seriously abuse site or another user, enough that they want to track you down, and it can be done.  Visit a site the promotes illegal activity, and when the site owner gets caught, you’re on the list of suspicious persons to be arrested and investigated.  Don’t be lulled into a false sense of security that just because you call yourself by another name, you’re completely safe and anonymous.