A question of privacy

To what extent should Web users be guaranteed privacy?

The question is a bit tricky because of the word “guarantee.” To wax philosophically, we are born with only one guarantee, and that is that we will all die. Even Thomas Jefferson chose to use “unalienable rights” instead of guarantees.

Let’s think instead about to what extent an individual’s privacy should be protected on the Internet. This is a bit of a stickler for two reasons. First, we don't really have good rules in place for privacy in the current paper system. Second, the Internet was designed as a place to share. Privacy was not a consideration.

It is still, at heart, a very public network. I am not even sure that privacy should be protected. To put it another way, users of the Internet should understand that their privacy will not be protected and act accordingly. Just imagine that the Internet is a worldwide gossip session.

Having said that, one can ask, even if privacy is to be protected, who would do the protecting? The government? That’s a sure way to make a mess of things. Private business? The profit motive is just too corruptive. Watchdog groups? Good choice except that the sheer scale of the Internet is beyond most of them. So, having carefully and completely not answered the question, I am left feeling that Web users need to be their own guardians. Don’t put anything on the Web that you wouldn't want your mother to see and don't put anything on the Web that you wouldn’t want your worst enemy to have.

Jacob Furst, assistant professor 

  The reason privacy has become an urgent issue on the Web is because Web-based companies feel that to stay competitive they must collect as much information about users as possible. However, advances in technologies, such as Web usage mining, can help companies do much of this by relying only on anonymous usage data as an alternative to personally identifying and potentially private data (see "personalization" and this recent tribune article.).

Users should have the right to stay anonymous when surfing through a Web site. This does not mean that they should not be tracked while in the site. Anonymous tracking that customizes the users’ Web experiences helps both the information provider and the users themselves. However, there are some basic rules of thumb that companies must follow to prevent abuse:

First, users should be told clearly what type of information is being collected and for what purpose. Companies should rely strictly on anonymous data collection until or unless personal identification becomes necessary to complete a transaction.

Second, if users choose to become identified by filling in a registration form or by entering credit card information, then they should be assured that the information will only be used for the limited purpose of that transaction and not shared with other vendors.

Finally, users should be assured that all reasonable measures are taken so that sensitive information, such as credit card numbers are secure from unauthorized access.

The bottom line is that any future regulation/legislation on Internet privacy, should guarantee at least the rights specified above. Yet such regulation should distinguish between anonymous forms of data collection and the collection of personally identifying or private information.

Bamshad Mobasher, assistant professor

 Privacy has long been a topic of discussion among academics, industry and government, even before the inception of the Web. In general, to summarize my position, Web users should not, and probably cannot, be guaranteed privacy. Since the Web is an international phenomenon and is made up of multiple entities, it is subject to the laws of the country in which a particular Web site resides. Thus, the protection of private consumer information has different policies from country to country.

There are promising technologies that may lead to the possibility of targeting advertising and content without collecting personal information. However, these technologies are in their infancy. Unfortunately, the Web itself is a subclass, not a superclass, of the Internet as a whole, which is built on a number of ideas that are not fundamentally secure.

The debate on this subject will rage for years to come. There are no silver bullets. Privacy will always fundamentally be an issue of whom you can trust.

George K. Thiruvathukal, assistant professor

 What do we mean by Web privacy? Often what we mean is a kind of anonymity. We would like it to be impossible to trace our actions on the Web. We want to eliminate the possibility of anyone collecting this kind of information about us, but absolute privacy might not be possible.

Many web users might indeed be willing to give up a certain amount of privacy for the Web’s conveniences. Those who register for an online joke service, shouldn’t be surprised if they later receive advertisements about funny books and videos. Those who buy a cookbook online at Amazon, shouldn’t be surprised if the next time they visit amazon.com, they find an advertisement for Martha Stewart’s latest book.

The most effective way of increasing Web privacy and of calming the heated debate about it is to raise user awareness so that Web users can make informed decisions. Users should ask why anyone wants their mailing addresses if they aren’t asking for something by mail. Users should be aware of how cookies work and why they are used.

This does not mean that regulation is not necessary. The Web is obviously a powerful and extremely useful communication medium. Some regulation will probably be necessary to insure that everyone can use it with at least some minimal amount of privacy. While one might hope and strive for the same privacy as in face-to-face interaction, this may not be an entirely attainable goal. At the very least, however, everyone should be aware of what information they are giving away when they use the Web.