[LINK] Psych department web stats

[Michael Still]

Richard Chirgwin wrote:

> So: it can be argued that a server log constitutes a breach of privacy, 
> since if you have sufficient data to associate an IP address with a user 
> you can identify the user. That's enough relating to static IPs.
> 
> With dynamic IP addresses, I would argue that server logs don't 
> constitute a breach of privacy. The server log as published is only 
> showing accesses over a period of time, not at a given instant. So the 
> 203.153.201.253 accessing a site 43 times in a (say) month probably 
> won't refer back to the same individual user for that month.

Surely there should be the question of the expectation of privacy?
Basically everyone collects server logs, and lots of people keep them
for very long times. In fact, many ISPs are collecting logs of what has
transmitted their network as well. Given the openness of the Internet,
why would someone expect that data to be private?

Surely people who cared about privacy in this sense would be using an
anonymous proxy or something like that?

To me, this expectation of privacy is like standing on Boston Commons
shouting your political sentiments, and then being surprised when people
later remember who you are. To me, the networks that make up the
Internet are a public place, much like a street or a park and you need
to take active action if you don't want people to observe your presence.

Mikal