Privacy and Security

So what’s another way of knowing how trustworthy is a website?– The Privacy Policy. Most website have a Privacy Policy and Terms of Use.

What is the privacy policy?

•  It is a legal document describing how the organization owning the website handles information of and from the visitors and clients of that website. The privacy policies would differ from website to website, and some websites might not even have one. But typically every website should have a privacy policy.
  

The privacy policy describes what personal information the website/ app collects, and how it uses it.

There are two types of personal information that are collected: 

• personally identifiable information, 
• non-personally identifiable information.
  

The non-personally identifiable information can be technical or demographic information, such as:

• IP address of the computer from which you access the website; 
• Cookies, web beacons;
• Browser;
• Your age, gender. 

The personally identifiable information does identify who you are. This can be:

•  your name;
•  date of birth;
• address; 
• email;
• bank card number. 

In a lot of cases, we do agree to provide this personally identifiable information, although do we really have a choice of not providing it? You can’t sign to an email provider if you don’t identify yourself, right?

Typically, the non-personally identifiable information is gathered automatically, at the moment you open a website. This works via cookies and web beacons.

Cookies are small text files saved on your computer once you’ve opened a website. Their purpose is, essentially, to notify the website from which they came, about your settings, every next time you open that website. Because of the cookies, you don’t have to re-enter your log-in information, they would save your languages preferences, or your shopping cart. The bad things about some cookies though, is that through them your identification can end on marketing lists, that is- made available to third party. It is that third party that you should probably be concerned about. Here is the

All personal information which is shared with a website/ web service, whether it is further shared with  third party, or not, sits somewhere on servers. These servers are of course protected, and personal information is encrypted. This makes it unreadable for anybody who does not have the encryption key. However, there are bugs which can destroy the encryption key and get access to private data.  Some time ago though, an IT security person at Google found a bug. The bug existed in a piece of open source software called OpenSSL which is designed to encrypt communications between a user’s computer and a web server (source: http://www.bbc.com/news/technology-26969629). This was a major security problem, as all those websites and servers which use this Open SSL software (and there are millions of sites using that encryption software), had the personal data on them exposed to hackers. For more information on whether, and when, you should change your Facebook and Gmail passwords, check the BBC website above. 

Since you can’t really browse the web without having an online identification of some sort, here are a few things you might want to do in order to prevent that your personal information is collected and stored somewhere and by someone you don’t know: http://www.cnet.com/how-to/five-smart-ways-to-keep-your-browsing-private/

And if you already freaked out about this security issues, you might also want to read how you can encrypt almost everything, so that your personal information is protected at least as much as it depends on you: http://www.pcworld.com/article/2025462/how-to-encrypt-almost-anything.html?page=2

To summarize: whatever you subscribe to, and download from the internet, read the Privacy Policy, and the Terms of Use. Read the End-User Licence Agreement, and choose carefully who you would entrust.