Poughkeepsie Journal- 4 Jan 2002
 |
| Photo illustration by Darryl Bautista/Poughkeepsie Journal A variety of products are on the market for those concerned about Internet security. |
America has become a wired nation.
As 2002 approaches, analysts predict some 160 million people, or over half the population, will be connected.
And whether they know it or not, that half of the population can be taken for its personal information every time it connects to the World Wide Web.
''I think you have to realize that what you're doing is actually more open and you have less privacy than you did offline,'' said Sarah Andrews, research director for the Electronic Privacy Information Center in Washington. ''There are more people collecting that information. You're more open and transparent.''
As one Web site put it, going online can be like ''living in a large city and then visiting a major shopping center wearing a new T-shirt on which you had printed in big bold letters your name, your home address and your telephone number.''
Marketers, insurance companies, potential employers and even the government have a stake -- and a hand -- in collecting the mass of individual and demographic information being beamed around the earth and back again.
With the Internet, personal information has for a long time been fair game. According to a 1999 Georgetown Internet Privacy Policy Study, nine out of 10 of commercial Web sites surveyed collect some kind of identifying information about the person that visits it. This information can be personal, such as one's name or email address. Or it can be demographic -- age or marital status, for instance.
The study also said slightly more than half of those Web sites offer a privacy policy for visitors.
Robert Wright, executive director of the Nubian Directions II Inc., Electronic Study and Research Center, which teaches a range of computer skills to Poughkeepsie middle and high school students, said the courses make clear to students the privacy issues facing them on the Internet.
''We take steps to make sure that they're not doing anything to invite unwanted information or breaching security issues,'' Wright said.
Rishi Chellani, a native of India who is visiting Poughkeepsie, uses the Internet primarily as a means of communication with his friends and family back home. He, too, has dealt with some of the more subtle invasions of privacy most people experience on the Internet, mostly in the form of third parties listing and soliciting him through e-mail he did not request -- a product of invasive marketers buying e-mail addresses in bulk from other organizations.
''What I do is not that private,'' Chellani said. ''But if it could be private, it would definitely be better for me.''
Deleting messages harder
Chellani, like others, tries to delete the messages as soon as they come in. But this is becoming a harder task for users -- deceptive marketers often try to add a sense of familiarity in the subject line of their e-mails, even using the recipient's name if they have it.
With the passing of new anti-terror legislation that features expanded powers for online surveillance in addition to widespread commercial collection of personal data, a growing number of groups are warning that the average person is losing what few shreds of privacy they had left in the online world.
''Clearly, the individual is getting a raw deal here, because the surveillance that marketers have built into the Internet infrastructure is much stronger than what the average person would expect or want,'' said Jason Catlett, president of Junkbusters.com, a Web site that provides free information for those looking to safeguard their privacy. Catlett has testified before Congress on privacy issues. ''Governments traditionally help themselves to that information through subpoenas.''
Online marketing firms say they collect the data in an attempt to personalize online advertising.
Knowing a person frequently visits sites about modified cars might help them place banner ads hawking the new Toyota Supra's accessories for that visitor. It is especially helpful to advertisers because the Internet is almost exclusively a niche-advertising market, where every other piece of content is determined by the user and where they want to go.
But concern arises when that information makes its way to third parties, the vast majority of the time without consumer consent.
Experts warn of worst-case scenarios where the Web surfing habits of individuals could have repercussions on their lives in the real world.
Jennifer Blum, spokeswoman for Double Click, one of the largest online marketing firms, said the information the company collects is limited strictly to what is viewed on the Internet from a particular machine. The data, she said, is connected to numbers, not names, and so would remain anonymous.
''We don't have a direct relationship with our consumers,'' Blum said. ''It's our clients that have a relationship.''
Blum said the behavioral data the company collects is used for niche advertising, and for making sure consumers aren't over-saturated with the same advertisements each time they log on.
Another company, Choice Point, has been a source of frequent frustration for privacy advocates. Choice Point provides services like pre-employment background screening, credit, motor vehicle and criminal background checks to companies and government agencies. It also offers services to the individual -- verification and background checks for physicians, contractors and other consumer services are provided.
James Lee, a Choice Point spokesman, said the company has the proper safeguards to ensure individuals maintain their privacy.
''One of the things that sets us apart is we don't cater to the idly curious,'' Lee said. ''You have to have what is known as a permissible purpose before, even on a company level, we will do business with you. Obviously, there's a lot of room for mischief if someone were to misuse the information in our databases.''
Law allows some monitoring
Permissible purpose extends to reasons defined under law -- a company may request a background check prior to employment, but an individual may not. Lee said Choice Point conducts random audits of customers, and under a ''secret shopper program'' attempts to buy back information as a check against improper disclosure.
''It doesn't matter who the client is, we do that with the government as well as private companies,'' he said.
To complicate matters for the typical computer user, a good deal of information that could potentially get out to third parties is being transmitted from and by their own machines. ''Cookies'' -- software designed to log online activity and report that information back to Web companies and marketers -- are often downloaded without the user ever knowing.
''One of the things we noticed is that more and more companies are using cookies, which leaves the user without control,'' said Wright, the Poughkeepsie-based after school computer course executive director.
Some cookies are harmless; they may be the method by which a stock site coordinates and identifies users. Others are more invasive.
But on the positive side, a simple switch in settings can remedy any potentially invasive situation, without expensive add-on software.
Charlie Bornheimer, spokes-man for Anonymizer.com, a service which lets users elude online identification, related one example -- personal data buyouts from online marketing firms to insurance companies.
''If you were to go surf at a medical site and look up some sort of medical condition, the information that you personally visited could make it into a database about yourself that could make it to your employer, potentially,'' Bornheimer said. ''What (marketers) have done and attempted to do on a number of occasions is take information that has run across thousands of Web sites, and they can cross-reference to where individuals users have spent their time.''
But Bornheimer said as long as these threats exist to individuals, there will be a healthy interest in tools to combat invasions of privacy.
Anonymizer, like the now more corporate-oriented ZeroKnowledge, is often used by people in countries like China, where government censorship has been a mainstay, and Bornheimer said the technology maintains a strong following in the United States.
Tools like personal firewalls, which let the user control the traffic to and from their machine, are becoming more common as broadband access is expanded.
And more consumers are becoming aware, experts say, of the holes they may need to patch to make their private lives truly private.
''We see all types of standards,'' he said. ''We have a few tricks that we can pull, too.''
Relevant Web link
A report prepared by the U.S. Senate Judiciary Committee entitled ''Privacy in the Digital Age: A Resource for Internet Users'' can be found at http://judiciary.senate.gov/privacy.htm. Adobe Acrobat Reader is required to read this document.
AT A GLANCE
NET PRIVACY TIPS
- Get rid of the cookies. Despite their innocuous name, cookies are pieces of software downloaded to a computer that are designed to record online activity and report back to a Web site, usually a vendor or marketing firm. Marketers justify this by saying it helps tailor online advertising to individual tastes, but the information can still end up in a database and sold to others. Microsoft Internet Explorer, Net-scape Navigator, AOL and other browsers all feature different default settings for cookies and different levels of security. Find the defaults through help settings or live support and change them to your preference.
- Cable modem and DSL users should set up a firewall. Because cable and DSL leave a machine more open to intruders than a dial-up service, and because they connect the computer to the Internet whenever the machine is on, protection is needed. Firewalls like ZoneAlarm will allow the user to select which programs and services can access the Internet, while keeping unwanted visitors out.
- Know your rights. Nearly every Web site from a respectable company will offer a front-page link to that company's ''privacy policy.'' These policies outline what that particular company will, and won't, do with your personal information when you visit their site.
- Update your antivirus software. Aside from the potential to cause damage to both hardware and software, some viruses pose a significant security and privacy risk. Trojan horse programs may report sensitive information back to unwanted parties, and keystroke logs accompanying other programs may record crucial information such as passwords and credit card numbers.
Regular updates to antivirus software will help identify and destroy those threats.