The Rochester Running Page

Clubs for runnersPlaces to run in RochesterRunning groupsRaces coming up in RochesterResults from local racesWriting by our columnistsJoin a discussion on our message board Search this site

The Rochester Running Page's Privacy Policy

The pervasiveness of computers and their interconnectivity through the Internet has made the gathering and dissemination of our personal data without our permission a serious threat to personal privacy. There are junk mailers, telemarketers, email spammers and even less reputable types who can find out far too much about us through this technology. Our policy is simple:

The Rochester Running Page does not covertly acquire personal information about individuals who view this web site. Any personal information you decide to give us (in an email message, for example), be it name, phone number, email address, postal address or any other data, will not be sold, traded or given to anyone else without your explicit permission. (With the exception of email abuse/harrassment, etc., which may be posted to appropriate newsgroups or other fora...or reported to the authorities if laws are being broken.)

We don't send bulk unsolicited email under any circumstances.

There will be no disingenuous, small-print tricks ("check here if you don't want to be on our mailing list", for example) and no attempts to get personal data by offering special features, privileges or access in return.

The Rochester Running Page Message Board openly shows the I.P. address (i.e. 123.456.789.012) of each computer that posts a message there, but doesn't reveal anything about those who read messages.

Now you know our policy, read why it's important.

Cookies

A cookie, in Internet parlence, is a unique piece of data which a web site puts on your computer and reads back later in order to identify you. A web server might assign you a cookie of "qnr00032", for example and then track the pages "qnr00032" visits, when and how often. There is no way for the web server to know much about who "qnr00032" is...unless you also fill out a form with personal information while visiting that web page (which you probably have done at one time or another, right?). Many people still feel that this tracking of web usage is an invasion of privacy. Furthermore, web sites are not supposed to share their cookie data with each other, but there's no way of verifying whether they follow this policy and no legal obligation for them to do so if they don't feel like it. As amazing as it might seem, it's all on the honor system at the present time. A grey area exists regarding the sharing of cookie date amongst different web sites in the case of some banner ads that set cookies from the company that has placed the ad, rather than the web site you're visiting when you view the ad. There have also been some amarming instances of cookies being set by HTML email messages to reveal your email address and other information to web sites. See this article and this one to learn about this insidious and unethical practice.

There are legitimate uses for cookies. For example, if you are buying products from a web page and pick several items from various sub-pages, the web server needs to be able to tell that all these items were chosen by one particular person and a cookie is a way of achieving that. Cookies aren't inherently evil, it's just that it is possible for unscrupulous types to abuse them. We recommend the use of a third-party software package like Cookie Pal in conjunction with your web browser to block all cookies unless: 1) They're from the web site of a reputable business or organization, and 2) They're absolutely necessary for the functioning of the web page. You'll be amazed how many web sites set cookies on your computer when there's no technical need for them.

The Rochester Running Page does not set any cookies on your computer. We recommend use a product like Cookie Crusher to control cookies from other web sites.

For more information on cookies, visit Cookie Central. (Although, ironically enough, this web site uses potentially security-compromising ActiveX technology on some of its pages. See the next section...)

Scripts, etc.

You've probably heard of JavaScript, ActiveX and other Internet buzz words. You may not have heard that these technologies can be used to violate your privacy.

JavaScript and VBscript are, as their names imply, scripts. A script is a simple type of computer program that resides on a web page. They come in two basic flavors, server-side and client side. A server-side script is executed or run by the web server that holds the page on which it resides. A client-side script runs on your computer when you access the web page on which it resides.

JavaScript and VBscript are client-side scripts which can, in the hands of an unscrupulous programmer, theoretically access some personal data on your computer and possibly even be used to damage data on your computer. Supposedly, the bugs which allowed these kinds of abuses have all been fixed. But every time this claim has been made in the past, someone has found another security hole that Netscape and Microsoft have had to patch. Theoretically there is a chance that every possible weakness has now been addressed... but we believe it's foolish to bet on it. We recommend that you keep all scripting turned off on your web browser except for web pages that you really trust (the "Trusted Sites" feature of Internet Explorer is useful for automatically switching scripting on and off based on a list of sites that you consider reputable). The Rochester Running Page does not require any client-side scripting for use by its visitors. There is some JavaScript code to prevent malicious web sites from hijacking our pages, but these have no effect on visitors to our web page, whether or not they have scripting turned on. All out pages are 100% functional without JavaScript or VBScript. The Message Board uses a server-side script which runs on the web server, not on your computer.

Java (as opposed to JavaScript) and ActiveX are much more powerful programming languages. There is great debate over the security risks posed by these technologies and the companies behind them are constantly proclaiming their safety. How you run your computer is up to you, but our recommendation is that you keep Java and ActiveX turned off at all times and if you find a web page that absolutely requires their use that you take your business elsewhere. Caveat surfer.

Don't be paranoid, just careful

All this is not intended to ecourage paranoia, just to make you aware of the facts about what is technologically possible. The odds of your personal information being compromised or your computer attacked are very small...but it only takes one unscrupulous web site operator to get your personal data and sell it to thousands of others. And one malicious ActiveX program that wipes out your hard drive would be one too many. We believe, moreover, that almost all these technologies are unnecessary for most web pages. We don't use any of this stuff and we avoid web pages that do. We encourage others to do the same.

For much much more information on privacy issues and many useful tests and software packages, visit Privacy.net, a service of Consumer.net.

Back to page top

Copyright © 1999-2007 Mark Roberts