<-- Previous page

Referring to the pictures of the three different Internet access scenarios on the previous page, the following are the steps through which you are browsing a website on the Internet:

(a) Your computer requests an access permission to your ISP. Physically, it's the ISP's node closest to you (known as Point of Presence or PoP) that serves your request.

(b) Your ISP grants an Internet access after an authorization and authentication mechanism and assigns your computer an IP address from a pool of IP addresses allocated to certain group of users, if your subscription gives you a dynamic IP address. If your subscription guarantees a static IP address (usually costs higher), then in all Internet sessions you use the same IP address.

(c) Your Internet browser sends an HTTP request to a web server that stores the website you wish to visit. At this time, the web server captures your IP address if you are using Scenario 1 when accessing a website. By matching your IP address with an IP address to location database, it can be converted to these details: country, region, city, ZIP code, ISP, language, longitude, latitude, and time zone. This set of information per se can not identify you personally. However, it can be used for geolocation targeting and general profiling.

In an investigation of a cyber crime, the suspect's IP address usually is the starting point that gives a clue to his/her personal identity and whereabouts. His/her identity can be acquired via his/her ISP. Although an anonymizer service that uses an anonymous proxy server (see Scenario 3 above) is legal and meant to protect one's privacy on the Internet, in some cases it had been misused for illegal purposes such as spreading spams. The spammer feels safe because his/her IP address is hidden behind the proxy and he/she can pretend to be coming from another country/region where the proxy server resides. But actually such an anonymous proxy server may keep a log of it users' connections (i.e. who is connected to whom) for several days or longer period depending on its administrator policy.

(d) the web server responds with an access permission and the content of the requested page is downloaded to the user terminal. Very often, it's not only the requested content that is sent to a web visitor's computer, but also ads and cookies. If you are connected using Scenario 3, then it is the proxy server you are using that actually receives the content and then forward it to you. The proxy may also add it to its cache to speed up access to frequently requested web pages. A proxy server (especially the paid one or ISP/company-owned) may have additional features such as encryption, firewall, spam blocker, antivirus, and anti-spyware.

If cookies are employed by the website you visits or in most cases by its advertising partners, your personal preference with regards to your Internet habit (e.g. what kinds of websites you have visited, what kinds of goods or services you have purchased) can be determined if you are connected using Scenario 1 or Scenario 2. Location targeting (i.e. the customization of web content based on a web visitor's whereabouts) and personalization (i.e. the customization of web pages based on a website visitor's preference) are in most cases useful for a web surfer. But a unique visitor profiling that's tied to his/her personal identity without his/her consent is something that should be avoided because it robs other person's privacy.