Cleaning Up Data Spills.Companies with Web sites need to create a privacy policy to let visitors know whether or how they will protect visitor information that may be collected. Creating that policy is only half the battle, however; remaining in compliance with it as the site changes is the other half. The first step is to understand the myriad ways in which visitor information might "leak" out of the company's Web page--thus, potentially, violating the privacy policy. Unintentional disclosures of personal information, called "data spills," can occur when visitors click on a link to an external site. Browsers automatically notify the new site of the URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. (internet address There are two kinds of addresses that are widely used on the Internet. One is a person's e-mail address, and the other is the address of a Web site, which is known as a URL. Following is an explanation of Internet e-mail addresses only. For more on URLs, see URL and Internet domain name. ) from which the user has just come, possibly disclosing private information. For example, the URL could contain a name or e-mail address See Internet address. e-mail address - electronic mail address , or it could communicate confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead about personal interests (e.g., www.medicalsite.com/baldness). Banner ads or other objects that are hosted by a third party also cause the URL to be sent to an external site, likewise possibly resulting in a data spill that could violate a stated privacy policy. Ron Perry, CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Internet privacy Internet privacy consists of privacy over the media of the Internet: the ability to control what information one reveals about oneself over the Internet, and to control who can access that information. company IDcide, says that these kinds of data spills can be avoided easily. "If a Web page has a link to a third party or an object loaded from a third party such as an image or applet, make sure that that page doesn't include personal information" about visitors, he says. Personal data can also be compromised through the use of Web bugs. These are tiny, one-pixel images (also called clear GIFs) that are invisible to visitors. When a page containing a Web bug (hosted on a different server than the Web page) is visited, the bug sends user information, such as current URL, to the third party hosting the bug--usually an advertising or marketing company. The bugs can also be used in HTML e-mail An e-mail message formatted as a Web page (HTML document). Like a Web page, it can include different fonts and graphics, which regular text e-mail does not support. It enables the publishing of fancy newsletters and reports as well as elaborate advertising, all of which is sent as an , revealing information such as the reader's IP address (the number identifying each computer on the Internet), potentially allowing third parties to link an e-mail address and an IP address with a previously compiled profile. Another way data spills occur is through some types of Web forms used to collect personal information. Forms that use the "Get" method of HTML HTML in full HyperText Markup Language Markup language derived from SGML that is used to prepare hypertext documents. Relatively easy for nonprogrammers to master, HTML is the language used for documents on the World Wide Web. coding attach the contents of the form to the URL of the result page (for example, if John enters his name and age on a form, the result URL might read "www.medicalsite.com/get.cgi?name=john&age=22"). If the result page contains third-party objects or links, those third parties could receive all the information on the form, resulting in a data spill--and possibly a violation of a privacy policy. Forms created using the "Post" method encode (1) To assign a code to represent data, such as a parts code. Contrast with decode. (2) To convert from one format or signal to another. See codec and D/A converter. (3) The term is sometimes erroneously used for "encrypt. the data and do not reveal any of the information from the form (the resulting URL for the previous example might read "http://www.medicalsite.com/post.cgi"). IDcide's Perry recommends educating programmers about the dangers to privacy posed by Web bugs and improperly coded forms. Also, Web pages change frequently, so companies must regularly audit their Web site to ensure compliance, he says. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion