IE 8’s Suggested Sites feature has raised some privacy questions. Internet Explorer Program Manager Jane Kim breaks it all down for you on the Internet Explorer Blog:
The IE8 feature Suggested Sites helps you discover related sites that can be helpful to get more information about your interests. Under the hood, Suggested Sites is a system that provides suggestions by using a collection of users’ visited sites. You may be wondering how Suggested Sites works with the investments we’ve made in privacy. Respecting user privacy and giving the user control over the data provided has been part of the design philosophy of Suggested Sites since the beginning. This blog post explains the methods we use to respect user privacy.
On the client:
- Requires user opt-in: Suggested Sites is off by default and the user must explicitly opt-in to the experience through the first-run settings wizard or through the tools menu. This follows Microsoft’s principle where every shipping feature requires consent for data transfers (Microsoft product policy guideline here).
- Disabled during InPrivate: Suggested Sites does not record or send any browsing activity during InPrivate browsing sessions.
- Respects history settings: Suggested Sites gathers the user’s visited sites and periodically sends it to the service. If the user deletes the history, these deleted entries are not uploaded to the server. Also, suggestions are not displayed for these deleted entries.
- Supports only public internet sites: Suggested Sites supports and discards the following URLs:
Intranet and local zone
DNS and IDN host
URL syntax with username and/or password, ex:
The full URL is used (no keystrokes), since some sites use URL parameters for navigation to portions of their web content. Using the full URL helps narrow down the interest such that the suggestion is more relevant. Note that this has the side effect of displaying search term like “banana bread” like: http://search.microsoft.com/results.aspx?form=MSHOME&mkt=en-US&setlang=en-US&q=banana%20bread. With the use of the full URL, Suggested Sites can provide more relevant results, and the use of the full URL is a common tactic by users today to share links with others (ex: copy-and-paste a URL from the address bar).
- Generate pattern ID to associate sessions: When the user opts-in to the feature, a random, unique identifier is generated to group usage patterns on the server. This ID is not used to identify the user. When the user clears the browsing history, this pattern ID is regenerated, and there is no way to correlate the previous pattern ID to the new pattern ID.
For instance, if I browse to allrecipes.com in one session and recipezaar.com in another session with the pattern ID 123456789, the Suggested Sites service is aware that allrecipes.com and recipezaar.com belong under one browsing experience. However, it is important to emphasize that the pattern ID is not linked to me personally, and the server removes any personal identifiable information such as the IP address (more on how the server handles this below).
Over the wire:
- Uses HTTPS protocol: All data sent over the wire is encrypted over an SSL connection. This helps protect cases of a man-in-the-middle attack.
On the server:
- Removes IP and cookie information: The server strips the data of any user identification, such as the client IP address and cookies so that it is not possible to personally indentify the user. The pattern ID is available for grouping of previous session to provide relevant results, but not used to identify the user.
We use this data to make the Suggested Sites feature better and continually improve the quality of the suggestions.
We’ve designed Suggested Sites so that user is in control of his/her data while balancing a new way to explore the web. If you’d like to try it out, you can opt-in or out of the feature through the Tools > Suggested Sites menu. You can read our full privacy statement online to learn more about how IE8 features handle your data.