The Internet is a global computer communication network serving as a public arena for hundreds of millions of users worldwide. According to recent studies, the Internet penetration in the United States has reached 60 percent of the population. Currently, there is a steady growth in Internet use, in the number of Internet sites and in the size and complexity of website content. New sites are born and improved every day, and new users join the Internet world.
The two main activities of Internet users are browsing the World Wide Web and using electronic mail (“e-mail”). Billions of email messages are sent and received every day via the World Wide Web (“Web”). Browsing the Web includes many different activities, ranging from online research, leisure “surfing”, playing games, reading news, downloading and uploading files, experiencing multimedia presentations, online chats and instant messaging, and engaging in electronic commerce.
Only a few years ago, when the Internet started penetrating people's everyday life, Internet users were still naive. Many users still believe that most of their online interactions are anonymous and private. For example, a user who visits a certain website may have the conception that the website (or the people operating the website) has no knowledge about the user.
In the past few years, particularly in the last 2 years, Internet users have undergone a change in attitude. Users are awakening, one after the other, from the online anonymity dream, and into the cold reality that websites, and the entities and people that operate websites, meticulously collect user data, maintain it, manage it, and use it for many commercial purposes. All this is happening, most of the time, without the user's knowledge and without user consent.
Today, it is almost a well-known fact that online anonymity and online privacy are severely jeopardized. User's interactions are being systematically tracked and scrutinized. User's behavior and usage patterns are closely studied. User's information is subject to careful data-mining processes. User's personal information—including user name, address, email address, age, and gender—is often transferred to third parties, exploited and sold.
According to latest studies, an overwhelming majority of Internet users are concerned, or extremely concerned, about their online privacy, and many of those users are also concerned about the practice of corporate websites gathering marketing information by tracking consumers' online activity.
Recent studies indicate that efforts by various governments to protect online privacy are inadequate. For example, research clearly indicates that many Internet sites worldwide fall woefully short of international standards on data protection. Specifically, the research showed that over two-thirds of sites collect personal information of users, and almost all of those sites collect sufficient detail to identify and contact the person. Moreover, the vast majority of sites give users no choice about being on the site's own mailing list or having their name passed on to affiliates or third parties.
Further, recent studies indicate that Internet users are concerned about online security, and the majority of Internet users fear that sensitive information such as credit card numbers, social security numbers, information about financial assets, and contact information is compromised during communication with a website, even when communicating with generally trusted websites. According to these studies, nearly one quarter of online consumers do not purchase products or services online, citing fears about their credit card numbers being compromised and concern that their personal information may be abused as the top reasons. These concerns have a direct influence on the engagement of users in electronic commerce. According to the studies, concerns relating to online privacy and use of personal information result in a significant reduction of the potential revenues of electronic commerce, as many consumers simply refrained from Web shopping.
The rise of e-commerce enables marketers to capture bits and pieces of the user's buying and Web surfing habits. Database technology enables those bits and pieces of user's daily life—the matrix of the user's personal world—to be assembled and repackaged in various ways and sold to anyone wanting to target the user for both legitimate and illegal marketing purposes. These are examples of the negative aspects of the digital age.
Transactions performed over the Internet are of particular concern, because an online transaction cannot be successfully completed without revealing the user's identity, for billing purposes. Consumers in the traditional economy have the option of buying and selling almost anything with complete anonymity, e.g., a person can walk into a supermarket, a drugstore, a retail store, pick up a product, pay in cash, and physically carry the product, without providing any identifying details. The online shopping experience, however, is different. Even the simplest online transaction usually requires the purchaser to submit two types of information, namely, billing information, which including a full name, credit-card number, credit-card type and credit-card expiration date, and shipping information, which includes full name and full address to which the goods are to be shipped by the online merchant. Therefore, anonymous online shopping is impossible. The simple process of “buying for cash” is currently not available for Internet users.
This reality is problematic for a number of reasons. Most people have “nothing to hide”, yet it is disturbing that submission of personal information is required for the simplest transaction, such as purchasing a book or a compact disc. Further, many people do not have credit cards, for various reasons. Other people do have credit cards, but do not wish to use it on the Internet for security reasons. The current practice for transacting over the Internet eliminates this group of users from participation in electronic commerce.
Additionally, certain types of online transactions tend to trigger privacy and anonymity concerns, for example, purchasing legal pornographic material, Internet activity relating to sensitive medical information, or purchases and research relating to analyzing business competitors.
One existing solution for Internet privacy is the use a “proxy server” which links between the user's computer and websites visited by the user. The entity behind the website cannot capture the user's information; instead, the site may record only the identity of the proxy server. Internet users may subscribe to such a proxy server, such as the service available at Anonymizer.com®. It should be noted that the proxy servers such as Anonymizer® cannot guarantee its users perfect anonymity. One way in which anonymity can be compromised is through the use of “helper applications” on the Internet, for example, media viewers such as Real Player®, which go around the proxy by establishing their own direct net connections. Further, the technical standards underlying the Web are constantly changing, hence potentially creating new routes around the Anonymizer®'s automatic link-rewriting mechanism. Nevertheless, research indicates that about five percent of Internet users have used or are using a proxy server to surf the Internet. It should be further noted that existing proxy servers solution do not address the problems discussed above relating to online transactions. These solutions do not provide a solution to the problem of websites requesting users to volunteer personal information to receive services.
Another existing solution for Internet privacy is web-based e-mail. Most Internet users have some form of a web-based email account. This free service is offered by numerous providers, for example Hotmail®, available from Microsoft, Inc. At a first glance, creating and using web-based email seems like a good solution, enabling the user to create a pseudo-anonymous e-mail address which may be used for communicating with entities that are not within the user's immediate circle of acquaintances, such as online merchants. However, web-based email has many disadvantages. The user interface is often less comfortable, compared to that of a regular POP-based email client. Further, there are strict limitations on the mailbox and attachments sizes. Additionally, web-based service is clearly not anonymous, because the email header still contains the IP address of the sender. Further, web-based e-mail addresses are known to be the most common target for “junk” or “spam” e-mail, because various methods enable spammers to collect such email addresses and flood them with junk e-mail. Further, security breaches are common with web-based e-mail servers enable hackers to intercept and use other people's web-based e-mail accounts. Thus, many users periodically open new web-based e-mail accounts to avoid security breaches and “spam”, resulting in a tedious and inconvenient use of those accounts. Further, web-based e-mail services do not enable anonymous transactions on the Internet. Finally, web-based e-mail accounts do not provide a solution for the problem of websites requesting users to volunteer personal information to receive services.
Existing efforts to secure people's identity on the Internet are not aimed at protecting privacy interests per se, but rather they are aimed at securing the identity of users' money interests (e.g., for the purpose of credit card fraud protection), primarily to the benefit of corporations such as the credit card companies. Further, it is a fact that no matter how brilliantly secured, the transfer of Information on the Internet is never completely safe, and the ability to intercept vital information is generally only a function of money. More importantly, whether justified or not, it is a fact that a growing number of Internet users are reluctant to join various services on the Internet in its existing structure, as discussed above.