Slashdot Mirror
Shopping Online While Protecting Your Privacy?
Bart asks: "How can you shop online and protect your privacy?
I have been trying without success for a few weeks to shop at the online site of the bigest supermarket chain here in England. My problem is that either I am not using Internet Explorer or Netscape or that I have set up Junkbuster to return a spurious
user-agent. With this configuration I can visit my bank, transfer money and make payments, I can visit my two stockbrokers and make deals of up to 100,000 USD but I can't go to Tesco and buy cat food." It seems odd that certain places require a bit too much information from you before they will even do business. What information do you think is fair for Web sites to posess on an individual, and how far do current e-Commerce sites cross that line?
"Protracted e-correspondence with Tesco (apart from regular instructions on setting up Internet Explorer) revolves around bypassing the proxy and setting up a direct connection. As shopping online for mundane things like groceries gets more common and less the province of technically aware people, we can expect more and more intrusions like this into our privacy. Can anything be done about it?"
Usually, I hate off-topic articles even if they are supposed to be "funny", but this one is excellent. Very good summary of the various /. posters...
By the way, there should be an option to ignore the "+1 Funny" moderation points when sorting articles. That would be helpful when you want to get the facts first without spending too much time on the reading the jokes and silly comments. There could also be an option to double their weight, for those who read /. for fun more than for learning something new (alas, this seems to be the majority of the audience here since about two years ago).
The parent post raises several interesting points.
I don't think the ability to do more data processing on electronic information is a very important reason to conceal more of our on-line activities than our off-line ones. After all, any large organisation (apart from those - like credit agencies - trying to avoid the DPA) enters all its information into its computer systems pretty much in real time, regardless of whether the transactions were on or off line.
Its also interesting to note that arguments about privacy are an element of the age old argument about whether societal or individual interests should take precedence in general, and of course that the best answer is "it depends". This does explain why concern about privacy is most intense amongst libertarians and other individualists, even thought the argument is so new it doesn't appear in any of the classic individualist philosophy.
I tend to agree that the most important concerns center around misuse of information (such as drawing tenous conclusions from purchasing data and then using these to make life-affecting decisions about individuals), but it is arguable whether these problems are best avoided by concealing or revealing information. For instance, is it better to avoid writing hand-written letter to avoid the use of graphology, or to publish more data that disproves graphologists claims ?
http://www.computerweekly.co.uk/cwarchive/news/200 00810/cwcontainer.asp?name=C14.html&ct=s earch
Tesco online snoop plan
Helen Gregory & Sophie Mason
Tesco is considering using artificial intelligence software to alert shoppers on rival Web sites that it can offer better deals.
The supermarket giant is already using the software package to track which products are of interest to its Tesco Direct shoppers and to suggest items they can add to their virtual shopping list. It is now debating whether to press on with plans that would allow it to compete immediately with promotions offered by other supermarket sites.
MyWeb software was introduced free on Tesco Direct CDs three weeks ago. Once loaded, the program stays on the shopper's computer and "reads" text from the screen rather than directly from the Internet, developing an understanding of what the customer is looking at online.
If extended, MyWeb could sit on the user's computer and, whenever they entered a rival grocer's site, a prompt built into the program would see MyWeb flash up a reminder of Tesco's offers.
The system can also create a profile of shoppers' tastes by keeping a record of what they have bought or looked at in the past. It can then use this information to anticipate demand and suggest similar products if the first choice is out of stock.
Simon Fletcher of software supplier Autonomy, which developed the system, said the package provided Tesco Direct with a major marketing tool in the e-commerce battle.
"E-tailing customers will not tolerate having to go and actually search for things for much longer because the whole point of an e-commerce site is to free up time that you would normally spend in the shopping aisles," he said.
MyWeb can also make associations between purchases and cross-sell items. For example, if they buy charcoal and firelighters, MyWeb will suggest a deal on burgers or garden furniture.
Dan Munford, partner with Insight Research, said tailoring e-offers was the "holy grail" for supermarket chains. "It's what the consumer wants," he said.
yes, www.dotcomforwardslash.com is my real URL.
For some reason people see it as reasonable to expect to be able to conceal all the details of their online activities to a much greater extent than is possible in real life. Why ?
This is a good question because there are lots of potential answers, and the truth is probably a different mixture for different individuals.
First, the web is still "real life", but I guess you just chose that phrase as a representation of the traditional shop, cinema etc. What's different about putting computers in the transaction mechanism is that the data can be processed way beyond the limits of what could be cheaply done with paper/filing cabinet systems.
Taking this to it's next level, globalisation may mean we have "global person identifiers" (GPIs) instead of credit cards and national passports. There are several countries that already require identity cards, or some form of citizen numbering. In italy all citizens have a Fiscal Code (Codice Fiscale), which must be quoted in every transaction above a certain value -- this is supposed to allow the government to track money laundering etc. All it takes is for all these existing and growing registration systems to merge, and you'll never feel alone again.
The end debate is whether this is good or bad -- ie. ethics and politics. The two classic arguments (AFAICT), are 1) the government needs power to crack crime (Fiscal Code, NSAKEY etc), and 2) that the individual has a right to privacy. Ie. 1) Society is good and it's society that educates the individual to be a good citizen, or 2) The individual is good, and has to be protected from corrupt society --- ie. 1) society oppresses the individual or 2) the individual corrupts society
Needless to say, this is a basic duality that is so fundamental that there will typically always be two political parties, the so called Left and Right. But like all dualities, neither position is the truth... it is an integration of the two, in varying amounts, that is needed to secure the health of both good societies and individuals, and filter out the ill health of bad societies and bad individuals. :-P
But don't ask me how
So back to the "real world", I don't like people getting the wrong impression about me. So I am, for example, against so called "handwriting experts" who profess to be able to say all sorts of things about my character, attitude, personality, performance etc. from just looking at my handwriting. I am against employers who, because they are ill informed and haven't made a proper objective study of their recruitment process, make use of such so called 'experts' --- not just because they may not hire me, but because they may not choose the right person anyway.
I suspect it's really the mis-use of the massive amounts of information that are becoming available that people are objecting to.
Oh flaming heck, I've written too much... $(
Absolutely.
I consider a site that requires a useragent, and also requires you to use IE or NN to be broken.
If they have put in so much effort that they have customised the site for IE and NN, then they should put a tiny bit more effort in and deal with other browsers nicely, even if the site does lose a little bit of functionality. In most cases the bits that change according to which browser you are using have no effect on the functionality at all - those bits are generally the icing on the cake.
Tesco have a badly written site. However, I don't see why giving out your useragent is a problem. So they then know you are using MSIE 2.0 or something - so what? Hardly identifying information is it? If anything a custom useragent is far more identifying, and therefore giving out a fake useragent string means you could be intentionally giving away more privacy.
Here is what you do:
1) Send an email to Tesco saying "I was unable to use your online shopping site, because it asked for XYZ. I will be going to a brick and mortar store.".
2) Go to a brick and mortar store.
Ta-da! You have cat food. Tesco has information on how to fix the problem. If they don't do it you are out of luck but there's nothing else you can do--they don't want you as a customer bad enough to fix their site.
--
Linux MAPI Server!
http://www.openone.com/software/MailOne/
(Exchange Migration HOWTO coming soon)
*sigh* I worked on the second incarnation of the Tesco web site. They gave me 1 month to do the interface and the ASP behind it, and requested that IE4 was the minimum browser, with *no* fall through. They're not the most internet aware of companies, despite me trying to educate them. Looks like it hasn;t improved in the last couple of years
Grocery stores are the worst at profiling. They try the hardest to do consumer profiling and not just with the internet. Up in the Chicago area, the stores almost mandate you have one of their "preferred shopper" cards by posting one price on the shelf for the "preferred shopper" (although they make it look like the normal price - only in very fine print does it say "preferred shopper" price) and in fine print put the price for non-preferred customers (which is much higher). Only when you're at the register do you realize what they did. I found out one day when I was up there visiting my family and made a purchase.
They have been doing this for about 15 years now too. My mother understood the profiling but finaly after many years broke down and got one. But she got it in our cat's name, and it is amazing the junk mail "mega catlin" gets.
The only way to combat profiling is to always give wrong information. If you mess with their statistics, they won't rely on them as much.
I had a friend with a cool wool trenchcoat. I told him I liked his coat, and he said that he got it from U.S. Cavalry for $7. Wow! So I went online and bought one. Two, actually.
Of course, I started getting U.S. Cav catalogs. But then a few months later, I started getting literature and membership offers from the N.R.A.
Then, just last month, I got an offer to join a hunt club -- when I have never hunted anything in my life! Now I have someone called "Buckmasters" calling me on the phone.
All because I bought a trenchcoat.
I think corporate mailing list sharing has become the evil meme of our times.
-Omar
Why the hell does Radio Shack need my phone number when I'm buying batteries? That gives me the creeps.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I consider a site that requires a useragent, and also requires you to use IE or NN to be broken.
I'm currently working on an online shopping site for a large, well-known IT manufacturing company. The site is already in use, so I had a look at the stats for August so far.
Microsoft and Netscape browsers make up 97.4% of the hits (nearly 6.5 million so far this month). The stats tell me the browser versions too.
Of the Netscape browsers, version 4.x (Communicator) takes 98.4%, 3.x has 1.3%, 5.x has 0.23% and the others much less.
For MS IE, 81.5% were version 5.x, 18.09% version 4.x, and 0.38% for version 3.x. There were negligable hits from previous versions.
This is what people are using. Management look at these figures and then tell me the features must work in NS4.x and IE4.x and 5.x. That covers the vast majority of users; I would imagine that they would probably consider developing/testing for other versions a waste of resources.
It also occurs to me, that (as is the case with Tesco), the internet side of selling is not where most units are shifted. It's an extra distribution channel. Priorities would probably be very different if it was the primary channel.
I don't know about the UK's disablilty laws, but I think Masem's point about disabled persons' usage of the site would not hold much weight. The kit available on our site can also be ordered by phone and bought from lots of different retailers (ie: in shops); with Tesco you can still go to the shop. It's a slightly different kettle of fish to the situation with AOL - their software must be usable by all, but I don't think Tesco is required to put in a ramp at every single entrance to the building.
-- Steve
During your corrispondance with Tesco, did you ever ask them why they want the information?
Is it a horrible conspiricy on their part, or is it just bad HTML?
Syllable : It's an Operating System
Supermarkets love to know as much as possible about their customers so they can 'serve you better' (i.e. sell you more) by targeting you with special promotions, vouchers etc. That's why loyalty cards were invented - not for the benefit of shoppers, but so they can gather all the information about your purchases, how much you buy, how many times you visit, when you visit, how far away from the store you live, your social class (extrapolated from your postcode and what you buy), whether you like brand names or not, whether you are loyal to a brand or not, whether you are susceptible to special offers or not and so on. The amount of data a loyalty card gives a store is staggering and boundless. Tesco and their ilk set up large IT centres to mine this information.
Sending a user agent allows the site to customize content around browsers. Unfortunately, Netscape and Microsoft do not agree on features, especially when you start using CSS/DHTML/etc. The user-agent just provides the site with the browser/version you are using so that they can do something like this:
if ver == "x" then
do this way
else if ver =="y" then
do this way
end if
Without this, you would have some screwed up pages on sites that tried to do dynamic content. Until the major browsers support the same features with the same syntax, you will need this.
As a top flight professional consultant who has worked with many companies attempting to leverage their business onto the net, I generally recommend that companies obtain as much information as they possibly can, but allow an "opt out" policy for customers for whom privacy is a concern. After all, it costs them nothing (well apart from some of my rather expensive time) and satisfies the small number of people paranoid about letting people know which browser they're using.
The information gained by online businesses in this way forms a valuable resource for them to react to what their customers want, even when the customer doesn't realise it. After all, the more information you can obtain the better the service you can provide - personalisation is the key to a happy customer and lots of business when many companies are all offering the same product at very similar prices.
Still, privacy concerns are overrated here and I think your're being overly concerned about what Tesco will do with your information. They're not going to sell it to other people - information like that is valuable to them - and they're not going to spy on the not-so-sordid details of your life with it.
My recommendation - give a little, get a little. Don't worry so much about giving out such inconsequential details online. There's a lot of hype and FUD around at the moment about privacy, and invasions of it, and falling for it simply limits your options and decreases the enjoyment of your net experiance.
---
Jon E. Erikson
Jon Erikson, IT guru
Given that you're going to give Tesco your credit card number anyway, from which they can find out just about anything about you, and if you have a loyalty card they can also correlate this information with your purchases, I really don't see what you gain by using junkbuster etc. If someone already knows what groceries you buy, where you live, your income band and your credit rating, and probably a great deal about your lifestyle, letting them know what web browser your use and what web site you came from seems pretty irrelevant.
Frankly I find this obsession with privacy somewhat bizarre and worrying. For some reason people see it as reasonable to expect to be able to conceal all the details of their online activities to a much greater extent than is possible in real life. Why ?
I've been asked my SS# many times. Also, Radio Shack is infamous for asking and sometimes insisting on my phone number, even though I pay in cash!
I finally broke my local store of that habit. I had fun doing it, I was looking for a new stereo, and decided to see what they had. I was ready to plunk down about $600, the sales guy was writing up a ticket and asked me my phone number. When I asked why he said it was store policy. I asked for the manager, when he showed up I waved my cash under his face, and told him that they just lost a big sale because they insisted on my phone number; then I walked out. Next time I went in there was a sign posted prominately that the phone numbers were optional. But the look on their faces when I walked out was priceless!
-- Error: Cannot find file REALITY.SYS - Universe halted, please reboot!
I have gotten into that habit of "making mistakes" with these numbers. Just make them up!
You ask me for my SSN? Sure its 554089652 the clerk writes it down everyone is happy. My phone number 342-980567 Yeah it's a little weird I have a cell phone... They won't tell me what they want with it so I don't feel the need to be truthfull with them either. Nobody makes you PROVE these random numbers do they? They depend on stupidity and truthfulness. Give them neither.
The best piece of misinformation holds a kernel of truth. If you want to be totaly duplicidous just interchange some of the real numbers. Switch a couple of digits now and agian.
-Kensail
I personally have hundreds of aliases that I give to new contacts.
I preferably use really stupid ones whenever I am not sure about my contact ; e.g. I sent one day mirko@garagiste.com to an inoffensive-looking web site while requesting information about data security.
You can't imagine how many sex spams I received under this alias.
Also, whenever requesting for documents to be sent through normal post, I usually give a fake first name (e.g. Baudoin, Ibrahim, Bill, etc.) which then allows me to track the spammers.
At the end, I just set some filters on the spammed accounts so that I can get rid of spams.
Now, if they want your personal data, you can consider they just want to know how they can reach you with public mean (email, mailbox, etc) and then give you some information that'd be just relevant enough but objectively not corresponding to you.
(let's say the website was compusa.com)
(click on submit)
(one week later, the phone rang)
-Allo ? Mr Hiroyoshi ? As a faithful client, we guess you could be interested in our offer : twenty four boxes of (put any soap brand here) for half price if you buy us ten rolls of toilet paper.
-So, compusa also sell toilet paper and soap ?
Anyway, my favourite one was with an old hotmail account that is now closed : a21z.
Before I ever use it publicly (on deja.com), this account got spammed.
The complete recipients list was readable.
To my surprise, all the email addresses (around 2 or 3 hundreds) were containing the string Aziz.
Ah ah ah ah ah ! I can't imagine they have some spams only aimed at guys called Aziz !!!
Conclusion:
--
Trolling using another account since 2005.
Posted by Hemos on Tuesday, Friday 18, @06:38AM
from the damn-those-fascist-capitalist-plutocrat-bastards dept.
Signal 11 writes: "Yahoo! News is reporting that Napster founder Shawn Fanning has been given a speeding ticket. The police claim that Fanning had exceeded the speed limit by over 15 mph, but we all know that he was acting in full compliance of traffic laws.". In a truly free world, there would be no need for speed limits. When will the establishment learn that speeding laws simply can't be enforced? Even if Fanning receives a ticket, thousands of other drivers will continue to speed.
( Read More... | 768 comments | Your Rights Online )
Miniskirt-clad girls save universe
Posted by CmdrTaco on Friday August 18, @08:25AM
from the roketto-ga-sugoi dept.
AnimeNewsNetwork.com is reporting that earlier this morning in Tokyo, five girls in color-coded blouses and miniskirts transformed into scantily-clad superheroes. The five girls then screamed, hurled glowing balls of energy, and screamed some more at a thirty-tentacled monster. Still no word on whether this is connected to the large humanoid robots spotted battling last week in Osaka.
( Read More... | 168 comments )
Slashback: Frisson, Sesquipedalianity, Responsitivitiness
Posted by timothy on Tuesday August 08, @10:45AM
from the beware-the-froomious-bandersnatch dept.
It was a dark and stormy night. In a salutiferous octastyle basement, an ultracrepidarian man was hermtically hunched over a piperaceous desk beneath a ornate mazarine, typing furiously away on an obumbrate keyboard. Meanwhile, in a meandrine corner of the world, several setose seeds were being entrenched in the muculent minds of the hoi polloi.
( Read More... | 9235 bytes in body | 214 comments )
Traffic Cops' "Justice" and Napster
Posted by JonKatz on Friday August 18, @11:30AM
from the post-hellmouth-world dept.
Just as Shadowrun predicted, The Corporate Republic took another step in assailing geeks today by handing Shawn Fanning a $L00 speeding ticket. This narcissism is harmful because it shrinks the creative universe of media workers and disconnects them from the new global conversation taking place online. Hubcaps have sparked a cultural and economic revolution that is just beginning to be understood. Will we see an increase in the number of Chickdrivers receiving "closed" traffic tickets as well, or will the Edge power a paradigm shift to "open" community-based traffic laws?
( Read More... | 598235 bytes in body | 657 flames | Features )
Ask Slashdot: Are Corporations Trying To Make Money?b out dept.
Posted by Cliff on Friday August 18, @1:25PM
from the yet-another-article-from-the-something-to-think-a
www.sorehands.com writes: "Today I visited Yahoo and was shocked to see a banner advertisement - I thought I'd managed to block every form of advertisement possible with Junkbusters. After thinking about it some, I realized Yahoo was probably running advertisement in a crass, commercialized attempt to make money off of my web-surfing habits! Could there be any other corporations out there engaged in similarly devious practices?" An interesting question here: Are some companies attempting to turn a profit, and, if so, what can we do to prevent it?
( Read More... | 3082 bytes in body | 345 comments )
Autospy of a Furby
Posted by michael on Friday August 18, @3:43PM
from the deja-vu dept.
Vladinator writes "Ever wonder what it's like to take apart a Furby? I don't, because I saw this on Slashdot two years ago, but I needed some karma so I submitted it anyway. Fawking trolls!" Those of who you started reading Slashdot this week may not have seen this page yet, so I'm re-running this classic for you three newbies.
( Read More... | 1 FIRST POST! )
Interstate Highway Boycott Planned
Posted by emmett on Friday August 18, @6:25PM
from the fight-the-power dept.
Bowie J. Poag writes: "You guys are idiots and VA sucks, but being the nice guy that I am [Update: 08/18 11:11 AM by CT: Further investigation reveals that he isn't ] I thought I'd let you know that know Wired is reporting that a boycott is being proposed against the interstate highway system for its treatment of Shawn Fanning. The interstate highway sucks almost as much as anime! PROPAGANDA RULES!!!!!" It's good to see that some people are taking the battle for free (as in Willy) highways into their own hands.
( Read More... | 218 comments )
Holland Convenience Store Switches To Linux
Posted by Hemos on Friday August 18, @9:33PM
from the key-victory-for-open-source dept.
Today while visiting my local 7-11 in Holland, MI, I noticed that their inventory computer was running Linux! Best of all, a representative from the store assured me, due to complaints from Bruce Perens, that the store may consider GPLing its inventory "sometime in the future." Looks like another business has finally "got it" and adopted the tenets of the free software movement.
( Read More... | 164 comments )
Napster? Napster Napster
Posted by CmdrTaco on Friday August 18, @11:25PM
from the napster dept.
Napster Napster Napster. Napster, Napster Napster Napster! Napster Napster (Napster) Napster Napster Napster, Napster Napster Napster. "Napster Napster Napster," Napster Napster. Napster Napster, Napster Napster Napster.
( Read More... | 304 comments | Napster!! )
I went into a store wearing a ski-mask (which is unusual in Rochester in August, ski-mask weather doesn't come until Ocotber, here).
I didn't want people to see what kind of groceries I am buying, for then they could make the inference that I have a cat, a dog, a child and a wife, and try to direct mail market to me using that information, and violate my privacy.
Wouldn't you know it, they called the cops, suspecting a robbery.
Do any Slashdot readers know of a grocery chain where I can shop in the northeast US that will let me shop with a mask on, to protect my privacy?
Thanks
The most annoying thing a website can do is refuse to work in such circumstances. The same goes for those shitty websites that refuse to work without a referrer URL.