Posted August 25, 200816 yr Previous posts have covered trustworthy principles in general and some product specifics as well. Privacy is an important part of trustworthy computing. This post discusses one aspect of privacy on the web: third-party content. When most people browse the web, they think what they see in the address bar and the site they are visiting are the same thing. However, web sites today typically incorporate content from many different web sites. For the sake of clear terminology, the site the user browses to directly (seen in the address bar) is the first-party site the other sites that the first-party site incorporates in its site experience (but that the user hasn’t navigated to directly) are third-party sites. When you browse to a first-party site, you know that it can collect information about how you use the site. What many users don’t realize is that technically, third-party sites can collect information about users as well. Users aren’t typically well-informed about which third-party sites are collecting what information, how the sites use this information today, or how the sites could use the information in the future. Identifying Third-party Sites Most websites today are actually mosaics, or mash-ups, of several different sites. To see this, you can bring up the Privacy Report in Internet Explorer (from IE7’s Page menu or IE6’s View menu, choose the Web Page Privacy Policy menu item) for any site you visit. Here’s part of the report for a news site, and another from a credit card site: While the address bar shows the address of the current, first-party, site, this dialog shows the addresses of all the different web sites (including third-party sites) that the current web page includes content from. The browser visits every one of these sites in order to show the current web page’s content. The way that sites can pull content in from other sites is useful and powerful and typical on the web today. It’s part of the underlying design and structure of the web, and enables functionality (like an interactive map in the middle of a restaurant’s website, or a “share this†link in the middle a news article) that people value. Third-Party Sites and Privacy At the same time, bringing information together from different websites has privacy implications. A good example of this issue that most people have experienced involves email. Many email systems treat email messages that come from unknown senders in a special way, blocking images in them and displaying a warning like this one: The message body typically has some missing images (“red X’sâ€) with text nearby, like “Right-click here to download pictures. To help protect your privacy, Outlook prevented automatic download of this picture from the Internet.†Why do email systems block these external images? The sender may have programmed some information in the external image that is
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.