Often without their knowledge, let alone their permission, people surfing the Internet reveal minute facts about themselves with every click of the mouse. "One of the first rules for people moving around online is to understand who is watching," says Lori Fena, executive director of the Electronic Frontier Foundation, a nonprofit group focusing on ethics and civil liberties in cyberspace. Fena, 35, recently spoke with staff correspondent Ron Arias from her office in San Francisco about how privacy is being invaded in this brave new world.
How do users reveal information about themselves on the Internet?
Two ways—voluntarily and involuntarily. Let's say a single, 30-year-old woman wants to check out adventure-travel information. She goes to a travel site on the World Wide Web. It asks her to register, then steps her through questions that enable the company to tailor a vacation for her. The more the site knows about her, the Web page explains, the better it can serve her. She reveals that she's a legal secretary, lives in Boston, likes to hike and listen to bluegrass, is a diabetic but is otherwise in good physical condition, likes to read mysteries and travel in the tropics. The site may ask her for added information—her income, education, homeowner status, even credit card data—to make the profile more complete.
Can such information be misused?
How do Internet users provide information involuntarily?
Imagine that you went to a shopping mall and somebody attached a TV camera to you and monitored every stop you made: where you went, how long you looked at an item, what you bought. In the real world we wouldn't put up with that. But it can happen on the Internet.
But is this legal? Is an insurance company permitted to snoop as we surf the net?
How does an Internet spy operate?
Experts in data mining typically combine information offered either voluntarily or unwittingly with public records from the motor-vehicles database, the marriage database, birth records as well as property records and mailing lists. And they end up with a pretty complete profile of you.
What about children on the Internet? Are they at risk?
We need to educate kids, especially about things like creating home pages on the World Wide Web. Some schools are teaching kids to put up their own pages so they can publish their poems, stories and artwork. Parents should make sure there isn't a way for predators, by looking at a site, to be able to contact the child.
Is it dangerous to shop online?
Your credit card is probably just as safe online as it is when you hand it to a waiter or buy from a catalog company. Most online shopping services have installed secure servers, units that encode the information you give the company so that it would be useless in the wrong hands.
How about banking on the Net?
At an ATM all that is needed is your card and PIN number to drain an account. But online banks have taken more stringent precautions to secure your account.
We're at the forefront of a new age. I envision a time when privacy practices will be used around the world. Users should be notified and allowed to give consent for the use of data. We should all be playing by the same rules.
By now everyone has heard how the Internet brings remote corners of the world to the desktop computer, enabling users to drop in on groups as diverse as the National Rifle Association and the American Museum of Fly Fishing, to shop for cars, books and wine or to consult the summer timetable of the French national railway. Less well-known, however, is the quantity of information that flows the other way—from consumer to marketing company, patient to insurance company, employee to boss.