If one's ISP runs an identd demon or one leaves some IRC clients running while surfing the web, servers can request personal information when the browser moves to a new webpage. Moreover, many servers purchase access to databases that associate email addresses with other personal information. Some browsers that are linked with an email application make the user's email address available when accessing files via FTP. Otherwise, by only asking for a user's email address to register for their service, they may collect other pieces of information that they did not directly solicit from the user. These databases can be compiled from information warehoused by other web companies that are willing to sell it.
Every server and browser uses HTTP as a standard of communication. A small HTTP header is sent with each packet to allow the receiving computer to prepare for what the packet contains before it reads the entire packet. These headers communicate requests from browsers, as well as server responses. Header files on email messages and HTTP requests hold valuable information about users. Here is an example of a header file:
HTTP/1.0 200 Found
Date: Wed, 30 Oct 1996 23:48:22 GMT
Server: Apache/1.1.1 HotWired/1.0
Location: http://www.hotwired.com/frontdoor/
Content: text/webmonkey/html
"44% of web sites now provide consumers with information about what personal information they collect, and 52% dispense how they will use this information. However, only 39.5% of the sites will give users an 'opt-out' clause, which means allowing the patron to decide whether they would like to be re-contacted for marketing purposes. Plus, only 25% of these same sites give people some control over the disclosure of data to third parties"(Cdt.org).
In general, technical information about your hardware is readily available to any webpage that chooses to access it. This site's service is particularly eye-opening about the extent of this information: http://www.privacy.net/analyze.
|