As people spend more of their lives connected to the Internet, they're also making a kind ofFaustian bargain—swapping privacy for the convenience of digital technology. When consumers buy a book online or even just surf the Web, someone, somewhere, may be compiling data about them. "We have an Internet in which there isn't a lot of trust that you can part with personal information and know if'll be handled only in ways you've specified," says Jonathan L. Zittrain, 30, executive director of the Berkman Center for Internet & Society at Harvard Law School. Zittrain, who also lectures at the Kennedy School of Government—and personally uses the Net for everything from research to long-distance teaching to ordering pizza—discussed online privacy, and what each of us can do to preserve it, with contributor Nancy Day.
Why has Internet privacy become such a hot-button issue?
People want to be left alone. They want details about their lives and habits kept private. They want assurance that what they choose to browse, buy or read online isn't available to an employer, reporter or investigator.
What does a computer "cookie" have to do with this data?
A cookie is information that a Web site stores so that it can recognize you the next time you visit. In theory the site can't find out anything except what you tell it. The problem comes when a company sells information gathered about you from its own site to another.
An example is something called DoubleClick, which places ads on Web sites and develops databases about the people who visit them. DoubleClick can ensure, for example, that dog-food ads go to dog owners, or at least to people who've bought items at a pet site. This sounds innocuous. It's a sophisticated version of what's been going on for years with mailing lists. But as your behaviors, purchases and interests accumulate in a file on you, it gets unsettling. Responding to public concerns, DoubleClick is joining a consortium of 26 Internet companies that will require members to allow consumers to see what data are being collected about them and how it is used.
What else should we worry about?
Medical privacy, or lack of it, is something people should be aware of. Sites that have you take a quiz about your back pain may be gathering data about you. The site isn't going to know who you are if you don't tell it, but if it exchanges info with a site you have given your name to, the two can connect. Some health sites, including online pharmacies, might provide information about you to other sites. This is especially disturbing since insurers are denying coverage even for manageable conditions, and people fear such information could jeopardize their jobs.
So what can people do?
Be more careful when you visit sites. Don't automatically check boxes that say "Yes, I'd like a newsletter" or "Give me other offers." There are several services around—anonymizer.com and zeroknowledge.com are two—that act as a screen between you and the sites you visit, making your online behavior harder to track. Ideally, we wouldn't have to go out of our way just to assure a modicum of privacy.
What about legislation?
Privacy is a tricky thing to legislate, especially on the Internet, where the explosive growth so many of us applaud has occurred partly because it's been free from government control. That said, I think privacy rules should be worked into those databases the government is building now, especially when it comes to medical records. The future is not preordained. We have to demand that Internet architects make privacy a priority as they rebuild the Web.
Your Reaction
