Internet Privacy: Why it's Important

The 'Net was not designed for privacy

When you surf the Web, send email, chat, and post to newsgroups, your computer leaves behind a digital footprint called an IP address. Physical footprints fade with time, but in cyberspace, your IP address is recorded alongside the pages you accessed, the contents of your chat sessions, and even email you thought was long gone. The Internet's 35,000 newsgroups are now fully archived and searchable online as well.

Combined with the tidbits of personal information you reveal while online--your name and address for instance--your computer's IP address can be linked to your real-life identity. Even if you provide false information to Web site registration forms, or use password-protected Web services, your personal information can easily be tracked down. Remember, the Internet was designed for computers to exchange information, not hide it.

Your life is an open book online

Internet traffic, such as e-mail messages, are just like postcards. Anyone with a little technical know-how can intercept and read your messages, and discover who you're communicating with and what you're saying. The same is true with online chat rooms. It "feels" like you're anonymous, because you might use an online alias, not your real name. And when your words scroll off the screen, it's like they're gone forever. This couldn't be further from the truth. Your IP address is recorded alongside your chat conversations, which are stored in company database logs. You can never take back what you say online.

You are the target (market)

Where you live, what you earn, where you went to school, your religious beliefs, who you voted for, your hobbies, your credit history, your marital status... Marketers want to know as much as they can about you, to identify what kind of car you might buy or what your next music purchase might be. The Internet is the perfect tool for marketers looking to compile detailed personal profiles of millions of consumers. Why? Because in the age of cheap data storage, most companies record every mouseclick. It only takes a few tidbits of personal data to connect your computer's IP address with your online communications, and all kinds of detailed information about you can be recorded, tracked, aggregated, bought and sold. If you think this sounds far-fetched, think again. This kind of surveillance is happening now.

Big business is watching

Many of the Web's most popular sites display banner advertising, almost always provided by one of several huge Web marketing companies. Whenever your computer accesses a page with one of their ads, they take a snapshot of what you were looking at and put it in your profile. This is usually accomplished using "cookies" (little pieces of identifying data stored on your computer's hard drive) to recognize you if you visit any other partner sites.

The next time you use a major search engine to look for a book, don't be surprised to find an ad for Amazon.com at the top of the page, and to get book club offers in the mail... for a long time. When a Web site asks for your birthday in order to display your horoscope, think about what you're revealing: linked to other info like your zip code (which you may have given out a few clicks back for the local weather report), and your IP address, your identity is easily determined. Suddenly all your habits and opinions are available to the highest bidder.

So what if they eavesdrop?

You're a good person with nothing to hide, so why should you care if your personal information and communications are vulnerable? There are lots of reasons why. Beyond the annoyance of being bombarded with marketing messages, companies, individuals and others may have a stake in learning about you.

Here are some examples of recent privacy breaches that can happen to you*:

• Bob's father has just been diagnosed with cancer. In an effort to learn more about it, Bob visits cancer websites and posts several inquiries to a discussion group. A month later, Bob's insurance company informs him that he is no longer eligible for a certain rate given his "condition".
• Mary is in the final stages of the interview process for a big job. Her employer decides to search the newsgroup archives using her name, and discovers that several years ago, she was keen on spreading her controversial political opinions. Mary is quietly passed over in favor of a less outspoken candidate.
• Kayla gets a phone call from her credit card company: Did she purchase top-of-the-line stereo equipment and a Mercedes on the same day? The police eventually catch up to the thief, who gained access to her card number by exploiting a flaw in the shopping cart software at a popular online flower shop.
• Rennie loves to chat online with other 12-year-olds. She knows she's not supposed to give out her address or phone number online, but she doesn't think anything of telling her chat friends that she's home by herself everyday from 4 to 6. Luckily, her Internet Service Provider refused to give out her parents' billing address to the man who called posing as her father.
• Jean and Mario are visiting the capital of a developing country, and are shocked at the police brutality they witness during a demonstration. They post accounts of what they saw to a human rights Web site, and are promptly arrested.

*These examples are based on real-life cases.

Who can you trust?

Many companies are taking advantage of consumer concern for online privacy by providing so-called "identity and relationship management" services. They ask you to fill out forms with all your personal information, and then hand out pieces of it to partner merchant sites. Problem is, you have no control over what happens to your personal info once it's been transferred to the merchant. That isn't privacy!

You sure can't trust most governments to respect your privacy, either. With systems such as Echelon in place, and agencies like the NSA (National Security Agency) in the US, monitoring your online transmissions is a routine matter for their computers. So what if most, or even all of your traffic is innocuous... they shouldn't be intruding on your personal business at all.

What you can do:

• Learn about the privacy policies of your ISP and the laws where you live. If you don't like your ISP's policy, find one that is more proactive about online privacy.
• Learn about the various products available to increase your system's security, choose the one that fits your needs best, and use it.
• Use PGP or some other strong encryption for all your e-mail. (Avoid Web-based e-mailers that are set up so that your passphrase and keys reside on their system; that means they can access all your supposedly private e-mail. The best of the privacy-oriented Web-based e-mailers that we've seen is Hushmail.)
• Research privacy tools online and use one to protect your privacy in Web browsing, e-mail (your identity is disguised by these, too, unlike with PGP), newsgroups, chat sessions, telnet sessions--anything you do online. For this, we recommend Freedom--an Internet privacy software solution that provides complete control over your personal information.

No one will be more diligent about your privacy than you are, and if you're serious about your privacy, you need to invest time and effort into it. We'll be covering some of these issue, and providing reviews of privacy tools, in future issues of DF!. Privacy is a big part of freedom, which is why we make every effort to respect each customer's privacy.