Privacy On the Internet: Countermeasures
Roger Clarke

Principal, Xamax Consultancy Pty Ltd, Canberra

Visiting Fellow, Department of Computer Science, Australian National University

Version of 19 October 1997

© Xamax Consultancy Pty Ltd, 1997

Invited Address to the IBC 1997 Australian Privacy Forum, Gazebo Hotel, Sydney, 21-22 October 1997

Substantially revised version of a paper for a Seminar on 'Consumer Protection on the Internet', run by The Policy Network, Mitchell Library, Sydney, 1 May 1997

This paper is at


This paper is one of a set of documents that consider privacy in the context of the Internet. It identifies generic measures to address the various threats.



Net-Community Information-Sharing

Net-Community Direct Action

Industry Self-Regulation

Anonymity and Pseudonymity Tools

Privacy-Protective Infrastructure




This paper assumes that the reader is familiar with privacy generally. An introduction is available.

This paper is designed to be read as a subsidiary document to its parent-paper, 'Privacy on the Internet: Threats, Measures and Policy'. It is designed to be read after the paper on 'Privacy on the Internet: Threats', and before the paper on 'Privacy on the Internet: Policy'.

The predecessor paper identified specific countermeasures appropriate to specific threats. The following sections examine a series of more generic ways in which privacy intrusions in the context of the Internet can be addressed.

Net-Community Information-Sharing

Members of net-communities can report to one another about organisations whose practices abuse privacy, or indeed whose practices are privacy-friendly. This may be performed:

These approaches can be further formalised, through the establishment of a process for maintaining and providing access to reports on organisations. This might be performed by:

Such mechanisms offer prospects, but are subject to potentially serious limitations, in particular:

Net-Community Direct Action

The 'market forces' approach involves netizens taking action designed to force change in the practices of organisations that invade people's privacy. The action may take the form of:

The actions may be directed at:

One source of information relating to net-community direct action is NetAction.

Such mechanisms offer prospects, but are subject to potentially serious limitations, in particular:

Conventional broadcast-media have been harnessed with some success by community movements, e.g. by Ralph Nader in relation to consumer interests, Greenpeace in relation to environmental matters, and the Australian Privacy Foundation in relation to the defeat of the Australia Card proposal. There are prospects that the Internet may enable interaction among consumers and citizens in a more effective manner than ever before, and hence provide a basis for a fundamental shift in the balance of power.

Industry Self-Regulation

There are instances of corporations recognising the significance of privacy as a strategic factor. An example that is frequently quoted is the giant international financial services corporation American Express; but the company's privacy policy is not readily findable on its web-site. Another is the Australian insurance company AAMI. For a treatise on why more companies and government agencies should be taking actions like these, see Clarke (1996).

Some industry associations are also taking positive action. Of particular interest is the [U.S.] Direct Marketing Association. The Australian equivalent, ADMA, has yet to make a move of this kind.

In addition, new services are emerging, as entrepreneurs sense opportunities to intermediate between consumers and marketers. Examples are Firefly and PowerAgent. Hagel & Armstrong's recent book 'Net Gain' analyses what they see as the maturation of 'electronic communities' into 'demand alliances'.

It is highly unlikely, however, that self-regulation will provide the protections that people want. EPIC's 1997 review of 100 frequently visited web sites checked whether sites collected personal information, had established privacy policies, made use of cookies, and allowed people to visit without disclosing their actual identity. Few web sites had explicit privacy policies (17/100) and none met basic standards for privacy protection.

No similar study has yet been conducted in Australia, but the Price Waterhouse 1997 survey found that only about one-third of respondent organisations had formal corporate privacy policies in place. This is despite the 25-year history of privacy concerns in Australia, the high level of public concern in Australia, and the widespread expectation that privacy regulation will be extended to the private sector generally.

Attempts are being made to encourage corporations to recognise privacy, using language and mechanisms that they understand. The TRUSTe initiative, for example, is endeavouring to establish itself as a brand-name, with an associated trade-mark, which is meant to engender consumer confidence in corporations that display the mark.

The position of the Australian privacy lobby on the question of self-regulation as a sufficient mechanism for a privacy protection regime is clear and unequivocal: corporate self-responsibility, and industry association codes, are valuable elements of a complete regime; but they are simply inadequate, in the absence of a wtachdog agency with sufficient powers, and statutory sanctions to ensure that the scheme as a whole is taken seriously by all players.

Anonymity and Pseudonymity Tools

A movement with the net-community argues that the Internet has already dramatically changed the balance of power between individuals and the institutions within society, including not only corporations and individual government agencies, but even the nation-state itself.

The vehicle for the self-protective approach is cryptography applied in such a manner as to protect individual messages, and to produce anonymity and pseudonymity. Separate papers provide background to cryptography, and an assessment of the debates between 'crypto-anarchists' and 'cypherpunks' on the one hand, and the rearguard action on behalf of the nation-state, labelled by this author as the 'crypto-authoritarians'.

Examples of tools that are available now, and that implement these principles, include:

EPIC maintains a list of Internet privacy tools.

In addition, many forms of anonymous and pseudonymous net-based payment mechanisms variously have been designed, prototyped, and in some cases implemented.

Privacy-Protective Infrastructure

Proposals have been developed for mechanisms whereby the nature of the infrastructure could be such that privacy is protected.

One example is the emergent formal specification for cookies, which may default to privacy-protective form, and only operate in an intrusive manner with the user's explicit authority.

Another is the World-Wide Web Consortium's Platform for Privacy Preferences (P3) initiative (in which this author is directly engaged). The intention is to deliver a mechanism whereby:


This paper has built upon the analysis of privacy threats presented in a predecessor paper, 'Privacy on the Internet: Threats', and has identified measures to address those threats.

A further paper is available on on 'Privacy on the Internet: Policy', which considers the approaches available to governments in dealing with the matter.


A comprehensive set of resources is provided in the main paper.


Go to Roger's Home Page.

Go to the contents-page for this segment.

Send an email to Roger

Created: 29 April 1997

Last Amended: 19 October 1997

These community service pages are a joint offering of the Australian National University (which provides the infrastructure), and Roger Clarke (who provides the content).
The Australian National University
Visiting Fellow, Faculty of
Engineering and Information Technology,
Information Sciences Building Room 211
Xamax Consultancy Pty Ltd, ACN: 002 360 456
78 Sidaway St
Chapman ACT 2611 AUSTRALIA
Tel: +61 6 288 6916 Fax: +61 6 288 1472