Privacy on the Web: Facts, Challenges, and Solutions

T he Web has spurred an information revolution, even reaching sectors left untouched by the personal computing boom of the 80s. It made information ubiquity a reality for sizeable segments of the world population, transcending all socioeconomic levels. The ease of information access, coupled with the ready availability of personal data, also made it easier and more tempting for interested parties (individuals, businesses , and governments) to intrude on people's privacy in unprecedented ways. In this context, researchers have proposed a range of techniques to preserve Web users' privacy. 1–3 (See the " Defining privacy " sidebar for details on the evolving definitions of privacy.) However, despite considerable attention, Web privacy continues to pose significant challenges. Regulatory and self-regulatory measures addressing one or more aspects of this problem have achieved limited success. Differences and incompatibilities in privacy regulations and standards have significant impact on e-business. For example, US Web-based businesses might be unable to trade with millions of European consumers because their practices do not conform with the European Union's Data Protection Directive. 4 Clearly, to address these issues, we must start by synthesizing ideas from various sources. We tackle this problem by surveying the issue of Web privacy and investigating the main sources of privacy violations on the Web. With a taxonomy of several current technical and regulatory approaches aimed at enforcing Web users' privacy, we hope to form a comprehensive picture of the Web privacy problem and its solutions. In this article, we focus on Web privacy from users' perspectives. Although we recognize that different levels of privacy violations exist, our discussion on privacy focuses on its preservation or loss. This lets us use a lowest-common-denominator approach to provide a meaningful discussion about the various privacy issues and solutions. Two major factors contribute to the privacy problem on the Web: • the inherently open, nondeterministic nature of the Web and • the complex, leakage-prone information flow of many Web-based transactions that involve the transfer of sensitive , personal information. To comprehend the first factor, we can contrast the Web with traditional, closed, deterministic multiuser systems , such as enterprise networks. In these systems, only known users with a set of predefined privileges can access data sources. On the contrary, the Web is an open environment in which numerous and a priori unknown users can access information. Examples of the second factor include applications involving citizen–government, customer–business, business–business, and …