This is mostly for anybody from the UK: Councils, Privacy and Google
 

This is mostly for anybody from the UK

I do realize that this doesn't really belong on this forum but as it is something that should concern everybody living in the UK at the very least, I thought I do raise the issue here.

Councils, Privacy and Google

In the current economic climate in the UK (and elsewhere of course), there is a quickly growing and worrying trend to incorporate numerous services that Google offers to webmasters.

Where I live it started by utilizing googleapis.com (Google Code) (you may find that where you live they use yahooapis.com Yahoo! Developer Network instead), a service that provides webmasters with free API's (Application Program Interfaces, for details about what API's are and what they are used for, read the Wiki article here: Application programming interface - Wikipedia, the free encyclopedia), next followed google-analytics.com, a service that offers website analysis tools for webmasters, information on what you did where, how long you stayed on a certain page, etc. and I am sure, since Councils are driven to save money, more will follow. After all, the number of domains that Google uses is huge.

This then raises a number of severe privacy issue.
1. Most Councils offer a link like 'Where I live' to give accurate information about services rendered there, ie. waste collection. To do this, you will usually be required to enter your postcode and for convenience this will be encrypted (if you are lucky) and stored in a cookie. This cookie identifies where you live, not roughly but it'll point directly to your front door and guess where that cookie is created? On one of Googles servers.

2. More and more connections these days come with a static IP address, Sky, Virgin and all other cable providers will assign you a permanent IP address. Basically a unique address on the web, so that servers know who requested a page and where to send it to. This is of course also required in setting the cookie I mentioned under 1.

3. The combination of IP address and cookie(s), there are usually several of them, then is an explosive mixture that allows you to be tracked, in fact you provider can even assign a name to you, after all, by law they are obliged to keep track of your movements anyway. Though I don't think Google is powerful enough to access those data (yet), postcode in combination with IP is quite sufficient to build a profile of exactly where you live, where you surf to, how long you spend on any given website, which pages you look at and more.

4. This information gathering (data mining in webspeak) is, via the cookies and you IP then sent to the USA, we ought to be aware that their privacy legislation can be a bit lax to say the least.

5. What is worse, unbeknownst to the vast majority of internet users, Google also uses so called tracking cookies, cookies designed to track your movements not merely across a single sit but across a multitude of domains. Are you beginning to feel just a tad paranoid? Well, you should be.

To sum it up:
In order to save on operating costs running their websites, Councils across the UK are breaching and intruding into your privacy, providing a commercial American giant corporation with all the details they could ever ask for and as I discovered here, had not even had the decency to alter their privacy statements.

A few weeks ago I complained to my local Council about this, I will post my letter here later, and requested full disclosure of any data shared with Google, this was done in a Freedom of Information Act request. I have not received this information yet.

They did reply yesterday to inform me that they had altered their privacy statement to accomodate their, in my opinion, wrongdoing. I will post a copy of there too in a subequent post.

What can and should you do?
There are a few things to ensure your privacy is at least guaranteed to a certain extent by following a few simple rules.

1. Surf the internet using a stable FireFox version, not a beta and most certainly not Internet Explorer (did you know that IE sends any request for a webpage you make to Alexa.com?).

2. Once you have FF, install NoScript. NoScript is a powerful tool that allows you to actually see ALL the sites that are opened in the background on any given page (you'll be amazed, believe me, when you see who else is listening in to your surfing).

3. Set up FF to only accept cookies from a Whitelist (a list of domains you trust and be sparse when you create that list).

4. Blacklist anything that remotely starts with google*.* and forbid any scripts of theirs from being executed. You can always temporarily allow a forbidden site but only ever temporarily and don't forget to withdraw that right as soon as you are done surfing a page.

5. This may prove diffcult but whenever you can, avoid google as a search engine full stop but then don't just move to yahoo, they are just as bad. Try https://ixquick.com instead, they are publicly funded and will never store your IP. Also, as you may have noticed, you can use a secure HTTPS connection to their server.

6. If you can't stay away from google, don't click the links they offer to open a website but rather copy the link, create a new tab or window and paste the link. This way, the referrer will always be from about:blank (oh, I nearly forgot, set your initial browser page to be a blank page).

7. Should you be familiar with the process, you might want to go through a web based proxy server. All you page requests will then be addressed to the IP of that server and not the one at your home. Only the proxy will know where the data eventually ends up, so be careful who you trust.

I am fully aware that this is an incomplete list of how to secure your privacy, maybe someone on the forum has more to add to this but it is a start and do make sure that you check out your local Council for any breaches of its own privacy statement, complain till you are blue in the face and let others know about what our Councils are up to. I recently discovered a website, unfortunately I lost the link and I could kick myself over it, where UK Council webmasters discussed and bragged about how easy it was to implement all the wonderful offerings that Google makes and that leads me to believe that there may be grim times ahead for us in Britain, and of course elsewhere in the world.

People used to be paranoid about what information Microsoft might be collecting about its users, they even went so far and tried to break the company up. Let me tell you, Microsoft is nothing compared to Google, nothing, they can't even begin to imagine what their vision of our future is.

Google has and/or we have allowed them to, become so powerful, these days they are in a position to decide whos business thrives and who goes down the drain. Unless you show up on the first say 5 pages in the search results, you might as well not exist.

Every time you complete a Captcha, you are giving Google more ability to OCR books, even ones that they have no right to digitize on the first place. You may soon find that history may be written by Google, not the people that made history. Besides, our Governments are helpless and without the background knowledge about this, so where does that leave your local Council?

Sorry but I felt that this needed addressing. It may not be directly related to this site but the impact is such, that we all ought to be aware of it. After all, your real name, your nicknames, all stored and with that nice little IP address with it. If you were to ask google the right questions, you might not get that next job you've just applied for. And if that is not something to worry about, I don't know what is.

Invitation:
I would like to invite anybody with any insight into these security/privacy issues to share the knowledge with the community.

This is the letter I sent to our local Council
 

This email complaint was triggered by discovering that our local Council had apparently signed-up with googleapis.com and google-analytics.com, thereby transferring information such as IP addresses, etc. to the United States.

Anybody here that knows more about the legal situation? No guesswork, just plain fact and if available, any weblinks relating to this.

If you live in Britain, maybe it's time to pay a visit to your local councils website and see what they may have been up to.

We do need to fight back, not just sit back.

This is the reply received yesterday regarding the above contact I made with them. This is not the outcome of my Freedom of Information Act request, that is still pending.

Hoverfly, most of your post is pretty dead on and everyone, everywhere (not only in the UK) hopefully should be aware of that.

I don't have time right now to go thru the details of that post but I will eventually.

But that said, there is one wonderful file that exist on all OS, called "host" that can fix most, if not all, of those issues. Find that file and manage it.

Make sure you have that line first (it should already be there). This defines your own personal machine on the big net:

127.0.0.1 localhost

Then, add this line below for any site you don't want. An example:

127.0.0.1 WhatEverTheFuckYouD'ontWant.com

Want to know more? Check this site: Blocking Unwanted Parasites with a Hosts File

This site even offers a pre-configured host file with a lot of the bad sites already mapped. Simply replace yours with theirs.

Remember the old saying "There is no place like home"? Nowadays, you could say "There is no place like 127.0.0.1". That IP address is your PC's home on the net. Re-routing anything from the net to it will simply annihilate it.

See, I told you I'd probably forgotten something. Thanks for adding this to the thread, everybody should be able to edit that file or, as you say, get the preconfigured one.

Much appreaciated your contribution.

WOW! that was an eye opener!
THANKS! :)

Yes, and thanks to Jo's contribution it became even more valuable, thanks again for adding to my forgetfulness.

Spreading just a little awareness of how to at least try and keep you safe in this wonderful digital world can be quite a daunting task and the issues raised here barely scratch the surface but I am pleased if it is of some little help.

Always remember...

There's someone watching you. ALWAYS

TD: People used to get paranoid about Bill Gates and his cronies taking over the world, I think it is high time to change that old tune and worry more, a lot more about Google, Apple, Amazon and Facebook.

Long gone are the days when Google was a search engine, Apple a manufacturer of consumer electronics, Amazon a mere retailer and Facebook a social network. These days it is more of a case of them having expanded into every little nook and cranny, businesswise, that can possibly imagine. So much so in fact, that soon, there will be little internet trafic that doesn't have to go through one of their servers for just that extra bit of filtering.

As I said in my original post, Google already has the power over who makes it in business and who doesn't, just by their placement in search results. I am not saying they are doing it but as we all know and history teaches us, if it can be done....

TD I am sure they've seen it all.

'Do no evil' used to be Google's moto. So much for that...

Most people don't know or realize it but their never was any privacy on the net. From the very beginning, the second you're connected, you're traceable and trackable. This is normal too as it comes from the technology that connects it all. If you want a specific page, the server needs to know where to send it for you to see it.

But nowadays, it goes far beyond that. Those companies you mentioned and many others are actually embedding even more sophisticated ways to track you, store this data and share it with others. If these initiatives were up front and honest, telling you they are doing that and asking you before hand if you want to participate, I'd have no qualm about it. The problem is that not only they don't tell you, but they actually hide these tracking devices as much as they can and it is almost impossible to detect/stop/circumvent them.

This goes even further than the net. Just look at iPhones who 'phone home' back to Apple where your current location gets stored in a database.

If you don't believe all this, have a look at PrivacyChoice - Making privacy easier. It will give you some hints.

If you are using Firefox and want to be flaberghasted by a visual representation of who is tracking you, go there https://secure.toolness.com/xpi/collusion.html, install the addon, let it run while you do your usual surfing and you'll be amazed.

Happy surfing, and beware, especially those 'Like' buttons.