Privacy is likely to be a growing concern as Internet-based communications and commerce increase. Designers and operators of web sites who disregard the privacy of users do so at their own peril. Users of web services who are not concerned with privacy may soon find they have none. Users who feel that their privacy has been violated may leave the Web. Stories of problems may keep others away. Thus, it behooves everyone to pay attention to the task of protecting personal privacy on the Web.
Every time a web browser views a page on the web, a record is kept in that web server’s log files.
Log files are under the control of the person or organization that controls the web server. They could be used against you in a court of law. They could be given to your employer to show what you do during the day when you’re being paid to work. They could be used by a jilted lover to spy on your activities. Worse things have happened. But most likely, the information will lay low, never raising its head. It might even be deleted . . . then again, it might not.
Each time a page is downloaded or a CGI script is run from a web server, the web server records the following information in its log files:
The name and IP address of the computer that made the connection
The time of the request
The URL that was requested
The time it took to download the file
The username of the person who downloaded the file, if HTTP authentication was used
Any errors that occurred
The previous web ...