Privacy Solutions

Privacy Solutions (Part 5): CCleaner

by on July 17, 2009 · 18 comments

CCleanerby Eric Beach & Adam Thierer

In our ongoing “Privacy Solutions Series” we have been outlining various user-empowerment or user “self-help” tools that allow Internet users to better protect their privacy online. These tools and methods form an important part of a layered approach that we believe offers a more effective alternative to government-mandated regulation of online privacy. [See entries 1, 2, 3, 4]  In this installment, we will be exploring CCleaner, a free Windows-based tool created by UK-based software developer Piriform that scrubs you computer’s hard drive and cleans its registry. We’ll describe how CCleaner helps you destroy data and protect your private information.

Whenever you move files to the recycling bin and subsequently purge the recycling bin, the affected files remain on your computer. In other words, deleting files from the recycling bin does not remove them from the computer. The reason for this is important and, in many ways, beneficial. In some respects, many computer file systems work like an old library catalog system. A file is like a catalog card and contains the reference to the actual place on the hard drive where the information contained in the file is stored. When a user deletes a file, the computer does not actually clean all the affected hard drive space. Instead, to extend the analogy, the computer simply removes the card catalog entry that points to the hard drive space where the file is contained and frees up this space for new files. The reason this is usually beneficial is that cleaning the hard drive space occupied by a file can take a while. If you want evidence of this, look no further than the length of time required to reformat a hard drive (reformatting a hard drive actually clears the disk’s contents). The practical implication of the way hard drives work is that when you delete an important memo from your computer, it is not actually gone. Similarly, when you clear your browsing history, it is not gone. The bottom line is that an individual who can access your hard drive (a thief, the government, etc.) could view many or all of the files you deleted.

The solution to this problem is to ensure that when a file is deleted, the space on the hard drive occupied by that file is not simply flagged as available space but is entirely rewritten with unintelligible data. One of the best programs for accomplishing this is CCleaner (which formerly stood for “Crap Cleaner”!)

Continue reading →

SHARE: 18 comments

Privacy Solutions (Part 4): Firefox Privacy Features

by on March 16, 2009 · 631 comments

Firefox logoAs noted in the first installment of our “Privacy Solution Series,” we are outlining various user-empowerment or user “self-help” tools that allow Internet users to better protect their privacy online-and especially to defeat tracking for online behavioral advertising purposes. These tools and methods form an important part of a layered approach that we believe offers an effective alternative to government-mandated regulation of online privacy.

In the last installment, we covered the privacy features embedded in Microsoft’s Internet Explorer (IE) 8. This installment explores the privacy features in the Mozilla Foundation’s Firefox 3, both the current 3.0.7 version and the second beta for the next release, 3.5 (NOTE – The name for the next version of Firefox was just changed from 3.1 to 3.5 to reflect the large number of changes, but the beta is still named 3.1 Beta 2). We’ll make it clear which features are new to 3.1/3.5 and those which are shared with 3.0.7. Future installments will cover Google’s Chrome 1.0, Apple’s Safari 4, and some of the more useful privacy plug-ins for browsers . The availability and popularity of privacy plug-ins for Firefox such as AdBlock (which we discussed here), NoScript and Tor significantly augments the privacy management capabilities of Firefox beyond the capability currently baked into the browser.  In evaluating the Web browsers, we examine:

(1) cookie management;
(2) private browsing; and
(3) other privacy features

Continue reading →

SHARE: 631 comments

Privacy Solutions (Part 3): Internet Explorer Privacy Features

by on March 6, 2009 · 615 comments

By Adam Thierer, Berin Szoka, & Adam Marcus

IE logoAs noted in the first installment of our “Privacy Solution Series,” we are outlining various user-empowerment or user “self-help” tools that allow Internet users to better protect their privacy online-and especially to defeat tracking for online behavioral advertising purposes.  These tools and methods form an important part of a layered approach that we believe offers an effective alternative to government-mandated regulation of online privacy.

In some of the upcoming installments we will be exploring the privacy controls embedded in the major web browsers consumers use today: Microsoft’s Internet Explorer (IE) 8, the Mozilla Foundation’s Firefox 3, Google’s Chrome 1.0, and Apple’s Safari 4. In evaluating these browsers, we will examine three types of privacy features:

(1) cookie management controls;
(2) private browsing; and
(3) other privacy features

We will first be focusing on the default features and functions embedded in the browsers. We plan to do subsequent installments on the various downloadable “add-ons” available for browsers, as we already did for AdBlock Plus in the second installment of this series. Continue reading →

SHARE: 615 comments

Nuts & Bolts: Everything You Wanted To Know About Cookies But Were Afraid To Ask

by on January 27, 2009 · 16 comments

As a means of introducing myself to TLF readers, this is an article that I wrote for the PFF blog in September that has not been previously mentioned on the TLF. Most of my other PFF blog posts have been cross-posted by Adam Thierer or Berin Szoka, but I’ve taken ownership of those posts so they appear on my TLF author page.

This is the first in a series of articles that will focus directly on technology instead of technology policy. With an average age of 57, most members of Congress were at least 30 when the IBM PC was introduced in 1981. So it is not surprising that lawmakers have difficulty with cutting-edge technology. The goal of this series is to provide a solid technical foundation for the policy debates that new technologies often trigger. No prior knowledge of the technologies involved is assumed, but no insult to the reader’s intelligence is intended.

This article focuses on cookies–not the cookies you eat, but the cookies associated with browsing the World Wide Web. There has been public concern over the privacy implications of cookies since they were first developed. But to understand them , you must know a bit of history.

According to Tim Berners Lee, the creator of the World Wide Web, “[g]etting people to put data on the Web often was a question of getting them to change perspective, from thinking of the user’s access to it not as interaction with, say, an online library system, but as navigation th[r]ough a set of virtual pages in some abstract space. In this concept, users could bookmark any place and return to it, and could make links into any place from another document. This would give a feeling of persistence, of an ongoing existence, to each page.”[1. Tim Berners-Lee, Weaving The Web: The Original Design and Ultimate Destiny of the World Wide Web. p. 37. Harper Business (2000).] The Web has changed quite a bit since the early 1990s.

Today, websites are much more dynamic and interactive, with every page being customized for each user. Such customization could include automatically selecting the appropriate language for the user based on where they’re located, displaying only content that has been added since the last time the user visited the site, remembering a user who wants to stay logged into a site from a particular computer, or keeping track of items in a virtual shopping cart. These features are simply not possible without the ability for a website to distinguish one user from another and to remember a user as they navigate from one page to another. Today, in the Web 2.0 era, instead of Web pages having persistence (as Berners-Lee described), we have dynamic pages and “user-persistence.”

This paper describes the various methods websites can use to enable user-persistence and how this affects user privacy. But the first thing the reader must realize is that the Web was not initially designed to be interactive; indeed, as the quote above shows, the goal was the exact opposite. Yet interactivity is critical to many of the things we all take for granted about web content and services today.

Continue reading →

SHARE: 16 comments

Privacy Solutions (Part 2): Adblock Plus

by on September 8, 2008 · 16 comments

By Adam Thierer & Berin Szoka

The goal of our “Privacy Solution Series,” as we noted in the first installment, is to detail the many “technologies of evasion” (i.e., user-empowerment or user “self-help” tools) that allow web surfers to better protect their privacy online—and especially to defeat tracking for online behavioral advertising purposes.  These tools and methods form an important part of a layered approach that, in our view, provides an effective alternative to government-mandated regulation of online privacy.

In this second installment in this series, we will highlight Adblock Plus (ABP), a free downloadable extension for the Firefox web browser (as well as for the Flock browser, though we focus on the Firefox version here).

Adblock Plus

Purpose: The primary purpose of Adblock Plus is to block online ads from being downloaded and displayed on a user’s screen as they browse the Web.  In a broad sense, this functionality might be considered a “privacy” tool by those who consider it an intrusion upon, or violation of, their “privacy” to be “subjected” to seeing advertisements as they browse the web.  But if one thinks of privacy in terms of what others know about you, Adblocking is not so much about “privacy” as about user annoyance (measured in terms of distracting images cluttering webpages or simply in terms of long download times for webpages).  In this sense, ABP may not qualify as a “technology of evasion,” strictly speaking.  But, as explained below the fold, ABP does allow its users to “evade” some forms of online tracking by blocking the receipt of some, but not all, tracking cookies.

Cost: Like almost all other Firefox add-ons, both the ABP extensions and the filter subscriptions on which it relies (as described below) are free.

Popularity / Adoption: While there are a wide variety of ad-blocking tools available, Adblock Plus is far and away the leader.  ABP has proven enormously popular since its release in November 2005 as the successor to Adblock, which was first developed in 2002 and reached over 10,000,000 downloads before being abandoned by its developer and even today garners nearly 40,000 downloads a week.  This history of Adblock provides further details.

ABP was named one the 100 best products of 2007 by PC World magazine and is now the #1 most downloaded add-on for Firefox with over 500,000 weekly downloads, up significantly for just a few months.  In a blog post last month, ABP creator Wladimir Palant estimated that “no more than 5% of Firefox users have Adblock Plus installed,” but that percentage is bound to grow larger as more people discover Adblock.  As one indicator of ABP’s popularity, the number of Google searches for “Adblock” has nearly eclipsed the number of searches for “identity theft,” which seems like a far more serious concern than having to look at web ads. Continue reading →

SHARE: 16 comments

Privacy Solutions (Part 1): Introduction

by on September 5, 2008 · 10 comments

By Adam Thierer & Berin Szoka

Whatever ordinary Americans actually think about online privacy, it remains a hot topic inside the Beltway. While much of that amorphous concern focuses on government surveillance and government access to information about web users, many in Washington have focused on targeted online advertising by private companies as a dire threat to Americans’ privacy — and called for prophylactic government regulation of an industry that is expected to more than double in size to $50.3 billion in 2011 from $21.7 billion last year.

In 1998, when targeted advertising was in its infancy, the FTC proposed four principles as the basis for self-regulation of online data collection: notice, choice, access & security. In 2000, the Commission declared that too few online advertisers adhered to these principles and therefore recommended that Congress mandate their application in legislation that would allow the FTC to issue binding regulations. Subsequent legislative proposals (indexed by CDT by Congress here along with other privacy bills) have languished in Congress ever since. During this time self-regulation of data collection (e.g., the National Advertising Initiative) has matured, the industry has flourished without any clear harm to users and the FTC has returned to its original support for self-regulation over legislation or regulatory mandates.

But over the last year, the advocates of regulation have succeeded in painting a nightmarish picture of all-invasive snooping by online advertisers using more sophisticated techniques of collecting data for targeted advertising. The Federal Trade Commission (FTC) has responded cautiously by proposing voluntary self-regulatory guidelines intended to address these concerns, because the agency recognizes that this growing revenue stream is funding the explosion of “free” (to the user) online content and services that so many Americans now take for granted, and that more sophisticated targeting produces ads that are more relevant to consumers (and therefore also more profitable to advertisers).

Continue reading →

SHARE: 10 comments

Next Entries →