PIPWatch: Privacy technology for Canadian Internet users
For many of us, reading the privacy policies of our favourite websites isn’t exactly a thrilling prospect. It’s a bit like getting in the recommended daily intake of fruit and vegetables. Sure, it’s one of the keys to strong muscles, mental sharpness and avoiding scurvy, but it’s not always enjoyable.
Enter the Personal Information Protection Toolbar or PIPWATCH. A pilot project run by the University of Toronto’s Information Policy Research Program, PIPWATCH is a web browser toolbar designed to help Canadian Internet users find out if their favourite websites comply with Canadian privacy legislation, in particular the Personal Information Protection and Electronic Documents Act (PIPEDA).
Users download the toolbar here and plug in a site’s address and the name and email address of the site’s privacy officer (Under PIPEDA, every Canadian organization that collects personal information is required to have a contact person to explain and clarify the privacy practices of the organization, known as a privacy officer). The toolbar generates a request letter users can edit and send to a site’s privacy officer.
The request letter asks three questions about a site’s privacy and then PIPWATCH makes the responses available to users. It displays privacy ratings based on the answers to the questions in the request letter and allows users to see how a site compares with other sites in the same industry.
The privacy officer’s answers are displayed as icons in the toolbar. Colored “privacy beavers” in the bottom right of the browser give users a quick summary of the answers – for example, a grey beaver with a red “x” indicates that the privacy officer has not responded to the questionnaire. The result is a store of information about the privacy practices of a range of organizations that is collectively gathered and shared by users – the same idea behind sites like Wikipedia
Reading a website’s privacy policy is still the best way to go (that juicy orange or crunchy green pepper really isn’t so bad after all) but initiatives like the PIPWATCH toolbar mean that Canadians have one more tool to help make sense of privacy concerns when it comes to their online lives.
10 Responses
3:03 am
Looks like your two links are both buggy.
http://http//www3.fis.utoronto.ca/research/iprp/
http://http//flug.fis.utoronto.ca/%7EPIPWatch/index.php?q=download
You have an extra “http//” in the above code. It is a common problem thats why someone has set up a website there to catch this kind of traffic.
2:00 pm
Thanks for catching that. I’ve fixed it now.
2:27 pm
The implementation of the PIPWatch toolbar raises privacy concerns. From http://flug.fis.utoronto.ca/~PIPWatch/index.php?q=privacypolicy:
“When you install the PIPWatch toolbar on your system, the toolbar communicates with our server to retrieve information about the websites you visit.
This means that every time you visit a website, a new query is made to our central database. Although we do not keep a record of which websites you personally visit, we do store this information in aggregate form. We use this information to analyze what websites our users are visiting, and how often visitors of certain types of websites use the toolbar.”
First, what does “aggregate form” mean? If not carefully done, aggregated information can still leak sensitive information about individuals.
Second, even though PIPWatch claims not to store detailed information, they could easily be forced to do so by a court order.
In short, PIPWatch’s architecture is fundamentally flawed in terms of privacy. It would be much better to have the toolbar download the database with the privacy information about different websites once a day or so.
Ironically, when going to the website of the Office of the Privacy Commissioner of Canada, PIPWatch tells me “No Response: Send another request.” Oops.
2:50 pm
Those are some good points. Why not raise them with PIPWatch themselves at:
http://flug.fis.utoronto.ca/~PIPWatch/index.php?q=forum
7:44 pm
John,
Thanks for your comments, but I don’t believe that the architecture is flawed in the ways you suggest. See my detailed response in the PIPWatch Forum:
http://flug.fis.utoronto.ca/~PIPWatch/?q=node/617#comment-21
PS Thanks Colin for your summary of PIPWatch and making the link.
4:58 pm
colored or coloured?
This is Canadian right?
5:07 pm
Good catch. Would “I was trying to save taxpayers money on translation costs by cutting back on unnecessary vowels” work as an excuse?
3:32 pm
LOL
6:55 pm
Of course it’s Canadian. Has anyone heard of PIPEDA in the US?
I agree that the nature of the toolbar reporting back to the mother ship to see if it’s safe to play with friends is a fundamental flaw. The mere suggestion that data is being transmitted to a third party for verification on a browsing basis is enough to raise brows. There ought to be daily definitions broadcasted similar to those of antivirus services. When a user visits a webpage, the URL is checked against the list of definitions stored locally.
10:49 am
I know this entry is getting a little old, but the toolbar came up again recently.
Sure the toolbar might communicate with the “mothership” (haha) but come on SomeGuy and John, how else would it work?! How are they supposed to put out an effective toolbar without gathering aggregated data about what their users are visiting which provides them with necessary measures of effectiveness and feedback? If you were to make a toolbar that does something like this, how would yours work?
It sounds like the PIPWatch toolbar should be bought by Google and installed with their Google toolbar bundle with Firefox. It’s not like anyone who cares about privacy is using Internet Explorer anyway, right? RIGHT???