Protection of Privacy on the Web

Protection of Privacy on the Web

Thomas M. Chen (Swansea University, UK) and Zhi (Judy) Fu (Zhi (Judy) FuMotorola Labs, USA)
Copyright: © 2012 |Pages: 18
DOI: 10.4018/978-1-61350-323-2.ch107


Most people are concerned about online privacy but may not be aware of the various ways that their personal information is collected during routine Web browsing. We review the types of personal information that may be collected voluntarily or involuntarily through the Web browser or disclosed by a Web server. We present a taxonomy of regulatory and technological approaches to protect privacy. All approaches to date have only been partial solutions. By its nature, the Web was designed to be an open system to facilitate data sharing, and hence Web privacy continues to be a challenging problem.
Chapter Preview

Types Of Private Information

Clearly there are different types of personal information, with varying degrees of sensitivity. As shown in Figure 1, personal information on the Web might be classified into three types (Rezgui, Bouguettaya, and Eltoweissy, 2003):

Figure 1.

Types of personal information on the Web

  • personal data such as name, address, and history;

  • surfing behavior consisting of visited sites, online transactions, and searches;

  • communications such as bulletin boards, messages, and feedback forms.

Personal data can be classified further into anonymous information (which can not be traceable to a specific person); personally identifiable information; or private information (Garfinkel, 2002). Information can be anonymized by “scrubbing” any identifying aspects or by aggregating multiple records into a single record. Personally identifiable information can be traced to an individual, such as name, address, e-mail address, or phone number. Although this information is personal, it is often published and can be found with effort. Disclosure of personal information may be undesirable but generally not harmful. On the other hand, disclosure of private information (such as bank records or passwords) may be considered harmful or at least embarrassing. Private information has an obvious value to criminals. Phishing and malware attacks usually have the goal to steal private information to make profits by identity theft or selling the information to other criminals.

Complete Chapter List

Search this Book: