Collecting data for the profiling of web users

Abstract

Internet technology allows web site administrators to monitor users visiting their sites. In the beginning the basic protocol used for the web (http) did not consider the concept of a session. It was impossible to recognise whether two requests came from the same user. Developers then found ways to follow visitors and implemented logins and shopping carts. These solutions included cookie session IDs encoded in the URL, or more recently the creation of a virtual host for each visitor. These mechanisms have also been used for statistical purposes, to study the behaviour of groups of users (group profiling) and to predict the behaviour of a specific user (user profiling). Usually, collecting information is not in itself reprehensible; however, the use of the data is more critical. One can never be sure if it will be used for statistics (on anonymised data), for one-to-one marketing, or be sold to a third party. The W3 Consortium has published a standard called P3P, giving web site administrators the possibility to declare their policy regarding privacy in a machine readable format. Unfortunately, most people are not yet aware of the sensitivity of collected data; there is therefore no wide resistance to the creation of huge interoperable databases. © 2008 Springer Netherlands.