Anonymous Surfing on the Web

People are nearly always surprised when they find out how little privacy we have online, many think that anonymous surfing on the web is something you get by default - alas they couldn't be further from the truth.   Our online activities are copied, shared, monitored, analysed and as you'll read in this true story then they lose the logs !!!

It's happening all over the world but this particular example is from the UK (lots of firms are doing this now in the US as well, mainly the porn firms trying to recoup lost revenue).   Several legal firms have obtained a legal ruling ordering any ISP to hand over details of anyone who was alleged to have downloaded specified copyrighted material.   The ISP of course have full details of everything we do online so  that is not a problem for them (although they'd rather not get involved).    The ruling however also stipulated that the supplied details should be transferred in encrypted format and then stored securely.

So in this case, one particular law firm called ACS Law requested details of anyone who has downloaded particular files - mainly specific music tracks, films and pornographic movies.  The ISP firms then send the IP address, names and addresses of everyone whose internet connection has been used to download any of the specified files.   The lawyers then proceeded to send nasty letters threatening legal action for copyright infringement  to everyone on the list unless they settled out of court for about £500 per download.

Examples of Anonymous Surfing on the Web - Not Quite....

Here's some examples of the data that was supplied....

Remember every ISP is capable of producing a list like this or one with exact details of your web browsing for the last two years.  Click to make bigger if needed.

As you can see they have full details contained in these logs, files downloaded, times, names, addresses and post/zip codes.  Now although I've obscured the exact details of peoples names you might be wondering where these details came from.   Well they're actually from the original files with over 20,000 users names and addresses and the files they have allegedly downloaded.

These lists are now freely available on the internet as all the files were sent unencrypted from the ISPs and worse the Legal firm ACS Law left backups of their unencrypted emails on their web server.

The utterly pathetic disregard of peoples privacy continues.  Not only are these details swiped from the ISP logs without an individuals knowledge, they are then swapped and sent around the internet completely unsecured.

Remember the individuals listed in these logs are the registered owners held by the ISPs, for instance you'll see an awful lot of names of women alongside some obviously male orientated pornography probably downloaded by sons, partners etc.   Imagine how some of the men might feel who have supposedly downloaded the gay pornography if they are in heterosexual relationships.  None of these people in these lists have been proven of doing anything, they have merely been threatened by a Law firm and now have their personal details blasted all over the internet.  There's a very good chance some lives and relationships could be wrecked by this abuse of peoples data.

This is perhaps my main point - the fact that this level of detail is available on each and every one of us.  Anonymous web surfing simply does not happen and we have to trust others to be responsible with our details.  These logs can be accessed by anyone with a will to obtain  them, and we can quite plainly see this data is simply not looked after.   These are personal details of over 20,000 users who have allegedly been guilty of copyright theft,  but that's all they are allegations and now they're spread all over the web.   Adult companies are now building this into their cost model, they'll make X amount (or should that be XX) from selling the films, then more from issuing copyright thefts from individuals who have downloaded them illegally.

Where were the safeguards that the ISP and the legal firm would protect this data? Of course in the UK there is the Data Protection Act and hopefully both firms will be heavily fined but it's a bit too late for Darren C....... above who's name and address have been published alongside the fact that he's supposed to have downloaded a film about Lesbian grannies !!!  Remember if your son or daughter download something online, your name could easily be on that list.

This will of course only get worse, our  browsing data in the ISPs is wanted by everyone with all sorts of agendas. Do yourself a favor and ensure yours is encrypted and unreadable by using a security product like Identity Cloaker or similar !

On a footnote, all the emails of ACS Law have now been published online, in one of them is a detailed analysis of possible defences against the copyright allegations from a lawyer - I'll publish details on here shortly (but if anyone has received threats from this bunch and needs them sooner contact me using the button above and I'll help).  You have to love the irony!