Privacy Topics: IE 4.0, Census Privacy Survey, HHS HIPA Recommendations

Microsoft's Internet Explorer Version 4.0, released the last week of September, apparently includes a feature that permits a web page downloaded by a user running the browser to cause a log of the user's activities to be sent back to the site. The channel definition format (.CDF) documented at
includes a LOGTARGET feature that apparently allows a web site provider to make your browser deliver logs of your usage via an http post or put, including hits from cache.

In an unrelated item, the Census Bureau announced its intention to carry out a Study of Privacy Attitudes (SPA). From the Abstract, published in the Federal Register on 3 October:

The Census Bureau is interested in privacy issues for several reasons. Most notable is the steady decline in response rates to the Census Bureau's mailed questionnaire in recent decennial censuses, which may reflect the growing apathy toward and mistrust of the Federal government. With the recent growth and popularity of the Internet and world wide web, the issues of access to individual data and lack of data security have come to the forefront, adding to the notion that individual privacy is eroding away. A clear understanding of the public's beliefs regarding the Census Bureau and its practices may help decennial census planners offset the trend in declining responses rates, address new methods to acquire data, improve our ability to communicate privacy and confidentiality messages, and improve our ability to predict and effectively respond to negative publicity.

Finally, US Secretary of Health and Human Services Donna Shalala delivered the privacy recommendations required of her by the Health Insurance Portability and Accountability Act (Kennedy Kassebaum bill) passed a year ago. The recommendations can be found at: The recommendations provide strong arguments for establishing Federal standards regulating the flow of individually-identifiable health information, but leave considerable latitude to law enforcement organizations, who desire access to such data to detect fraud.