Questions and Glossary of Privacy Terms and Technology

General Consumer Privacy Issues
Why is privacy so important?

Terms and Technology
What are proxies and proxy servers?
What is a pseudonym?
What is PGP?  
What is a cookie?
What is a Web bug?
Why are databases a privacy risk?
What is profiling, and how is the information used?
What is an IP address?
What is a DNS address?
What is authentication?
If I don't use my real name when I browse, am I still at risk?
What is encryption, and how does it work?
What is a digital certificate? A digital signature?
What is the difference between opt-in and opt-out policies?
What is a firewall?
What is a virus?
What is SSL or Secure Socket Layer?
What is ISP?
What is a LAN?
How does private information get onto the Web?
What is personally identifiable information?
What are Java, Javascript, and ActiveX?
What does it mean when I see a privacy certification like TRUSTe or BBBOnline on a Web site?
What is the user interface?
Will future technology solve the problem of privacy risk?

About PerfectlyPrivate.com
What is PerfectlyPrivate.com?  
What will this site do for you?
How does PerfectlyPrivate.com help you find software products that can help?

About Privacy Laws
Why do many Internet communities seem fickle about privacy?
How can we build bridges between consumers and online companies?
How can I voice my opinion about privacy?
Why do some people oppose privacy laws?

 General Consumer Privacy Issues

Why is privacy so important?
Some people think you don’t need privacy unless you have something to hide. But privacy isn’t just about concealing dark secrets. The truth is, regular intervals of privacy keep us healthier, more productive and more creative. What’s more, privacy ensures our political freedom.

However, Internet technologies now enable total strangers to readily retrieve your confidential emails, shopping and browsing habits, even financial records and medical information – without your knowledge. The Internet makes it easy for employers, insurance companies, ex-spouses, literally anyone, to unearth every personal detail. Email excerpts may be taken out of context. And your digital trail never goes away. The speed and ease of Internet searches have changed the privacy horizon forever.

At PerfectlyPrivate.com, we believe privacy is a fundamental human right. It is the right to live without fear that anyone can invade your personal space at any time without your permission. Furthermore, we believe privacy and technology can thrive together if we work toward that end together.
back to top

Terms and Technology

What are proxies and proxy servers?
A proxy server is a computer that acts as an intermediary between a Web site and a visitor. Typically, a proxy server saves information from a Web site in order to provide quicker access when a visitor returns.

Proxy servers also increase security by allowing direct Internet access from behind a firewall. For example, if you want to browse the Web using a computer inside a protected network, you could configure a proxy server to receive requests from your computer and then redirect them to your selected Web sites, while preventing unwanted external monitoring.

What is a pseudonym?
A pseudonym is a false name by which you choose to conduct communications, to surf, or to engage in other Internet activities. Many Web users employ pseudonyms to protect their true identity. However, they often give away clues by choosing names that describe them, like "karategirl" or "nashvilletom." Although pseudonyms can protect your privacy to a certain degree, they can be circumvented.

What is PGP?
PGP stands for “Pretty Good Privacy,” a software program that encrypts and decrypts data. PGP is currently a global standard for encrypting email and financial transactions. PGP allows users to digitally "sign" a document or message to prove authorship. A robust version of PGP, called PGP Personal Privacy 6.5.3., is available at www.macafee.com. It enables you to encrypt not only email but also to encrypt data on your hard drive, and also includes digital signature capabilities from Entrust, NetTools PKI and VeriSign. Pay attention to the name – PGP acknowledges that no privacy software is perfect, and you should always be careful when sending and receiving information on the Internet.
back to top

What is a cookie?
A cookie is a small text file that a Web server places on the hard drive of people who visit that site. It uniquely identifies each visitor and is used by the Web site to track usage patterns and deliver customized content. Cookies can make the Internet more convenient. For example, some Web sites use cookies to recognize your computer and remember what kinds of books you like. Sites also use cookies to rotate their banner ads, so that you don't see the same ad each time you visit their site. Most cookies are relatively harmless and do not link browsing activity to personally identifiable information, but you should be aware that your activities are being tracked and stored.

There is concern about the use of cookies to build detailed profiles of users. For instance, the banner ad network DoubleClick tracks users across the Web. All you have to do is click on one DoubleClick ad to set off this tracking. DoubleClick will place a cookie on your hard drive that will allow them to build a profile of your activity on any participating DoubleClick site. DoubleClick recently completed a much criticized merger with Abacus Direct, a direct marketing firm. According to DoubleClick's new privacy policy, they will be merging the browsing data their cookies collect with Abacus' database, which includes personally identifiable information such as the user's name, address, retail, catalog and online purchase history, and demographic data. Consumers are concerned about such detailed information being compiled about them by a company most never realized they were visiting.

And because cookies are on your hard drive, they will tell anyone snooping on your computer exactly what sites you've visited. You can set your browser to refuse all or some type of cookies, and to notify you when a site attempts to deposit cookies on your hard drive.
back to top

What is a Web bug?
Also known as a"1-by-1 GIF," "beacon GIF" or "invisible GIF," a Web bug is an image placed on a Web page or in an email, allowing the bug's creator to monitor exactly who is reading that web page or email. Web bugs are usually just 1-by-1 pixels in size, rendering them invisible. The reader does not know that she/he is being monitored. A typical Web bug will reveal the IP address of the computer that views the bug, the URL of the page the Web bug lives on, the type of browser used to view the bug and the time that the Web bug was viewed. When a Web bug is placed in an email, it is able to tell if and when that email has been read, the IP address of the email recipient, and how often the email has been forwarded. The best way to arm yourself against Web bugs is to turn off the cookies in your browser.

Why are databases a privacy risk?
A database is a large pool of information. In most cases databases are simply an efficient way for companies to organize their information. Like it or not, your financial records, medical histories, shopping habits, employment histories, even political contributions, are all probably housed in computer databases.

A privacy risk arises when someone combines all that disparate information. The Internet has made such information rapidly available to almost anyone, and for a low cost. There’s little to prevent employers from getting a look at your medical records before they decide to hire you. States routinely sell drivers license and car registration information to marketers who combine the two to determine your income range and to target you with advertising. Try to imagine what someone could find out if they combined all the information about you that is available in databases on the Internet. It's much easier to create a detailed profile of your current habits and your history than you might think.
back to top

What is profiling, and how is the information used?
Web sites can track visitor browsing patterns and create a profile of their preferences, interests, spending habits and other useful information. These "profiles" are used to identify the best prospects for targeted marketing messages. Marketers have used profiles to target prospects for many years, but Web technologies have vastly simplified the process. Offline, it just isn’t practical for store clerks to follow you around and take notes on everything you find interesting. Online, it couldn't be easier.

What is an IP address?
IP stands for “Internet protocol,” which is the Internet's addressing standard. An IP address is a string of four numbers separated by periods–for example, 101.33.5.999. Every computer, including yours, has one. Web sites use IP addresses to send information you request.

What is a DNS address?
DNS stands for “domain name system.”  A DNS address is the name representation of an IP address. For example, www.microsoft.com is the same as the IP address 207.46.131.137. DNS addresses are almost always used in place of IP addresses because they are easier to remember.
back to top

What is authentication?
Authentication is the method Web sites use to allow an individual to access a restricted Web site, or specific areas of a Web site. The most common method of authentication is setting up user names and passwords for approved individuals. Web sites sometimes require users to enter a credit card number to prove they are adults, while others merely ask for some type of identifying information such as password and email address.

If I don't use my real name when I browse, am I still at risk?
Yes. When you surf the Web, you leave a trail of information that is tied to your screen name or email address. Many of the sites you visit use little computer files called cookies to identify your browser and your Internet connection. As the amount of information tied to your alter ego grows, sophisticated data-mining programs connect the threads and construct an anonymous profile of you. From there, it is a short hop to combining the online information with offline data to determine your true identity.

What is encryption, and how does it work?
While the word "encryption" may call to mind images of spies and international intrigue, today you can purchase encryption programs for your computer. Encryption translates a message or data file into code that makes it unintelligible to anyone not authorized to read it. Decryption returns the message or data to readable form.

There are various levels of encryption. Some of the strongest are banned from export. Some programs encrypt everything on your hard drive and require a single password to access the entire drive. Others allow you to choose which files you want encrypted. Some programs let you send an encrypted email that self-decrypts when it reaches its intended recipient. Other programs require the recipient to also have the encryption/decryption software.
back to top

What is a digital certificate? A digital signature?
The main use of digital certificates is to secure Web sites for ecommerce.

Digital certificates let you know when a site you’re visiting has been verified secure by a third party. When you arrive at a secure Web site, your browser receives a digital certificate which verifies that a certification authority, such as VeriSign or Entrust, has confirmed that the Web site’s authenticity and ownership are associated with a stated set of cryptographic keys.

Digital certificates are also used to verify the integrity of downloaded Java applets, ActiveX controls, or any type of code that you download. Since a certificate is tied to its owner, you can also confirm who published a particular piece of code.

A typical digital certificate will contain information about its type, issue date, owner, issuer, and expiration date, as well as a "digital signature." A digital signature is a component of a digital certificate which verifies that the certificate owner’s identity has not been forged during a secure exchange. Digital signatures also verify the security of email messages. A properly applied digital signature is considered irrefutable proof that a set of cryptographic keys are in fact owned by the signature holder, and that these keys were generated from the certificate in question.

You can obtain a digital signature by applying for a personal digital certificate at a certification authority such as VeriSign and Entrust.
back to top

What is the difference between opt-in and opt-out policies?
Opt-in and opt-out are the two main approaches for acquiring user consent to gather information or send emails. The main difference between opt-in and opt-out is who bears the burden of action, the user or the Web site.

Companies with an opt-In policy do not collect information or send emails unless users "ask" them to do so, usually by checking a box on a registration page of the Web site that indicates they would like to receive additional information. Some personal information, such as your email address, may also be requested.

Opt-out policies often assume users have consented to share their personal information with third parties and receive information they did not specifically request. For instance, you may begin receiving the weekly electronic newsletter of a site you visited, even though you didn't specifically sign up for it. In some instances, you submitted a page that had a pre-printed check mark in a "Yes" box. Often the email messages you receive will include instructions on how to unsubscribe from the list. So, you get to opt-out – first by unchecking the "Yes" box, and then by unsubscribing later. Opt-out policies put the burden on you to end these communications, rather than asking you to choose, or opt-in, in the first place.

What is a firewall?
A firewall is a device that separates and protects data on a local computer or network from crackers or hackers who might try to access the data from outside the system. A firewall can comprise software, hardware or a combination of both.
back to top

What is a virus?
A computer virus is a piece of computer code written specifically to duplicate and propagate from one computer system to the next, much as influenza is passed among coworkers during flu season. Viruses usually spread through sharing of floppy discs, and more recently through sharing programs and files across the Internet. For instance, they can be hidden in executable program files posted online or attached to emails. Viruses may be benign or harmful in nature, though they all arguably cause harm by wasting network and computing resources.
back to top

What is SSL or Secure Socket Layer?
SSL is the industry standard security protocol. It was developed by Netscape, and is supported by Netscape and Internet Explorer. Usually, Web sites that need to collect confidential information from their customers, such as credit card numbers for online purchases, use SSL. When browsers communicate with these secure sites, they encrypt the data being sent to and from the site, making it difficult for hackers to intercept and misuse the data. If your browser does not support SSL, you will not be able to complete your transaction at a Secure Socket Layer site.

What is ISP?
ISP stands for Internet Service Provider. This is the company that provides user access to the Internet, usually for a monthly fee. Services offered may include the World Wide Web, e-mail and other communication methods such as Internet Relay Chat (IRC) and File Transfer Protocol (FTP). Generally, an ISP will provide access to the Internet for these services through a standard or enhanced phone line, or through coaxial cable. ISP's may also offer ancillary services such as search engines and community forums. Currently, the largest ISP in the United States is America Online.

What is a LAN?
LAN stands for Local Area Network, a means of connecting several computers that are located in the same building. Computers linked through a LAN can share files and peripheral devices such as printers and CD-ROM towers. A LAN is useful, for instance, when several people need to share and update a single database.

How does private information get onto the Web?
Much of the personal information that you think is private is actually available on the Web to anyone who knows where to look. Companies exist solely to buy and sell such information to advertising firms, interest groups and others at a profit. And most of the time they are getting that information directly from you, whether you are aware of it or not. For example, this year in California doctors sent their name and home addresses to the state in order to renew their medical licenses. The state sold the database that contained this information. The database, which included the records of more than 100,000 physicians, was eventually purchased and posted by WebMD.com.
back to top

What is personally identifiable information?
Personally identifiable information includes your name, address, phone and fax numbers, email address, social security number, financial and credit card account numbers, and any other numbers or information that can be linked directly to your identity. For example, persistent identifiers such as a customer number held in a cookie or a processor serial number associated with an individual identity is considered personally identifiable information.  It does not include information that is collected anonymously, such as number of visitors to a Web site, or general demographic information not connected to your individual identity.

What are Java, Javascript, and ActiveX?
Java, Javascript, and ActiveX are all technologies that supply "active" content to Web users, such as animated banners on a Web page. These programs are "portable," which means they are designed to operate on a variety of platforms, from Windows to Macintosh. For secure downloads, Java Applets or ActiveX Controls should always be “signed” by digital certificates. This way, you can be sure that what you’re downloading has not been tampered with since it was packaged. Verifying security through the use of digital certificates is a safe online habit to cultivate.

What is the user interface?
The user interface (UI) encompasses everything designed into an information device with which a human being may interact. That includes display screen, keyboard, mouse, light pen, the appearance of a desktop, illuminated characters, help messages, and how an application program or a Web site invites interaction and responds. The user interface comprises the total "user experience," which may include the aesthetic appearance of the device, response time, and the content that is presented to the user.
back to top  

What does it mean when I see a privacy certification like TRUSTe or BBBOnline on a Web site?
A privacy certification is a disclosure statement that says the site abides by the privacy assurance standards set by the organization whose name is on the certification. If you believe the site doesn’t live up to the standards promised by its privacy policy and the certification, you are often encouraged to report the site to the certification authority. For more information, read Privacy Seals Revealed.

Will future technology solve the problem of privacy risk?
Technology is neither the problem nor the solution. Technology is merely a tool – it is how people and companies use the tool that impacts your privacy. Remember the humble cookie. It was invented for the simple purpose of allowing a Web site to route information to the right computer. Today, technically advanced cookies are used to track people across the Web and compile information that could be used to invade privacy. Privacy software will no doubt advance, as will the technology to beat it. Your ultimate tool is vigilance and knowledge: Be aware of the risks and threats, understand the technology, and then monitor the privacy policies and practices of the Web sites you use. After all, they’re monitoring you.
back to top

About PerfectlyPrivate.com

What is PerfectlyPrivate.com?
PerfectlyPrivate.com is a secure online community designed to help Internet users like you keep your Internet activities private. PerfectlyPrivate.com offers a comprehensive pre-screened inventory of privacy software, information, and proprietary services.

Although we recognize that no one’s privacy can ever be perfectly private, our mission is to assist you in protecting your Internet activities from the scrutiny of strangers to the fullest extent possible. 

What will this site do for you?
Searching the Web for information to protect your privacy can take hours and yield spotty results. PerfectlyPrivate.com organizes everything in one logical Web site that’s easy to understand and use. We provide Internet privacy tips, links and software. You can read the hottest privacy news every day, and you’ll discover which products, Web sites and organizations can really help protect you and your family from online privacy risks.

How will PerfectlyPrivate.com help you find software products that can help? 
PerfectlyPrivate's one of a kind Privacy Shop brings together the top privacy software products in one convenient, easy to use place. Privacy Shop helps you decide what products best fit your needs, and gives you the tools you need to start protecting your privacy today. We update this section frequently, so check back often.
back to top