I think it’s fair to assume that every keystroke you apply to your keyboard at home or at work is at risk of being recorded out there somewhere. Then, you read about secure Web sites that are supposed to make it perfectly safe to enter your credit card number when you want to complete an online purchase. As soon as the transaction goes through, your information appears in a database, a construct from which it’s nearly impossible to delete what is known about you. Data goes in, it never comes out. It’s a system that would make the KGB jealous.
You’re aware that any privacy rights that you can derive from the U.S. Constitution apply only to your interaction with the government. You’re fair game for anyone else, including businesses that collect data about you and sell it to anyone who possesses sufficient cash. The only way to absolutely, positively guarantee that you have maximum online privacy is to refrain from booting up your computer. Because functioning in the modern world makes that approach impossible, we take this opportunity to offer you some credible, practical, zero-cost, noncommercial, registration-free resources that might be able to keep your actions out of range of those prying eyes. Remember, we search the Web so you don’t have to.
A 12-step program
Founded in 1990, the Electronic Frontier Foundation (EFF) claims to be our first line of defense against digital-world threats to our cherished free speech, privacy, innovation and consumer rights. If you were to surmise that this organization knows a bit about helping you keep from being enmeshed in some nefarious online plot that poses a potential risk to your even more cherished pocketbook, you’d be correct. Its recommendations are detailed in “EFF's Top 12 Ways to Protect Your Online Privacy,” a 3,900-word article by Stanton McCandlish. Of the dozen suggestions, the third offers a possible response when a Web site demands that you reveal your e-mail address before it will allow you to access the content you want to see. If your Internet service provider doesn’t provide an effective spam filter, read section seven to learn what options you have for solving the problem yourself. You should mouse over to www.eff.org and enter the phrase “12 ways” in the site search box. Look for a link to the article. Unfortunately, it doesn’t provide a detailed recipe for implementing any of the fixes, and some of the embedded links don’t function as the body copy would have you believe. The article was posted in April 2002, after all.
Government actions
The Center for Democracy and Technology is a nonprofit public policy organization that conceptualizes, develops and implements public policies that preserve and enhance free expression, privacy and open access. The organization’s major activities are centered on laws that apply to privacy in communications. This is important; consider the USA PATRIOT Act and the controversy it produced. It’s worthwhile to have a better understanding of that legislation and other potential abuses of your privacy that are outlined in “CDT’s Guide to Online Privacy,” which you can wiretap at www.cdt.org/privacy/guide. The five chapters in the guide are loaded with links to other material, so you should get a good grounding that will prove useful at the next cocktail party you attend.
From Down Under
Australia’s Office of the Privacy Commissioner is an independent entity that actively promotes awareness of privacy issues and encourages debate on the topic as it applies to individuals, business, health-care organizations and, of course, the government. Its user-friendly Web site provides links to sites where you can download firewalls, cookie removers, e-mail encryption, advertising filters and bug-detection software; access anonymous Web-surfing services as well as get anti-spam and anti-spyware tools. This resource is worth your time, mate. Send your kangaroo mouse to www.privacy.gov.au/Internet/tools and read the item titled “Five steps to better online privacy.”
Customer trust
In this economy, if you’re not on the Internet, you simply don’t exist. No doubt, your employer maintains its own Web site as an efficient way to interact with the customers who help pay your salary. That’s a group that should be treated with utmost respect — and privacy — when they visit your Web site. To that end, your site ought to have a realistic privacy policy. For guidance in formulating one, I direct your attention to the Online Privacy Alliance, a coalition of companies and associations that advocates having privacy policies containing specific elements that engender trust when customers must interact with a vendor online. The policy guidelines are available at www.privacyalliance.org. When you get there, read both “OPA's privacy policy guidelines” and “Guidelines for effective enforcement of self-regulation.” Then, check your own policy to verify that it conforms.
You can examine the Plant Services privacy policy at www.putman.net/privacy_policy/privacy_policy.php?s=ps and can view another typical privacy policy at www.bii1.com/privacy.php.
Search-engine wisdom
Ever since Google made it to the big time, online references to the competing Web browsers seem to have vanished. I’m glad to report that the Big Kahuna displays social responsibility to its users by addressing privacy issues on YouTube. The Google Privacy Channel is an initiative the search giant started in conjunction with the American Association of Retired Persons (AARP) as a way to keep users informed about its privacy policies and to offer tips about how you can protect your privacy while using Google. The content is a series of short, single-topic videos that show you how to perform specific browser-tweaking operations or provide a brief discussion and warning about the pitfalls one can encounter out on that Web of ours. Pay a visit to www.youtube.com/googleprivacy, where things are pretty much self-explanatory. The only warning — be careful what you do with the entries in the “Related video” frame. Not all of them are the work product of Google or AARP.
Junk food
Surfing the Web involves communications between your machine and the server to which you’re connected. What passes back and forth involves much more than merely your request for a specific page to be sent your way for viewing. One element in this invisible data stream is called a cookie, a snippet of software the remote Web server inserts on your hard drive. Cookies have a benign, legitimate purpose, but the technology can be misused by those wishing to make mischief. Fortunately, cookies can be deleted from your computer, and thus not compromise your privacy or other valued aspects of the Web experience. You can get a grounding in these bits of code at www.cookiecentral.com. Start with the “FAQ” button near the top center to read “The Unofficial Cookie FAQ” by David Whalen, an easily understood tutorial. Then, click the “News” icon at the upper left to see some interesting, if not harrowing, information about cookies, spyware, identity theft and other malicious things that can happen when you’re merrily surfing off into the sunset.
Blocking cookies
I’m going to guess that most of you are using Internet Explorer for your browsing activities. That software gives you control over its willingness to accept cookies, ranging from a completely closed door to one that’s wide open. It’s up to you. To tweak the controls, open IE and click the “Tools” button at the top of the screen and select “Internet Options” from the drop-down menu. Click the “Privacy” tab and use the slide device to set your cookie preference. Be aware that some Web sites and e-mail servers won’t function properly if you close the cookie door too tightly.
A seal of approval
Many commercial Web sites stand ready, willing and able to trade your credit-card number for a promise to provide some tangible good or service, either immediately or after a delay. It’s one thing to entrust your 16 digits to the care of a well-known entity, but quite another if you’re not familiar with the folks on the other side of the transaction. Industry has a record of responding to such problems. In the more simple days of 1909, Clark W. Bryan established the Good Housekeeping Seal as a third-party endorsement of product quality. Likewise, 88 years later, TRUSTe established a seal intended to allow online companies to communicate their commitment to customer privacy. Companies that adhere to specific privacy best practices can display the TRUSTe seal of approval on Web sites. The TRUSTe Web site, www.truste.org, has a list of approved companies and a mechanism to report violations of customer privacy. So, go to the site, where you’ll see the seal displayed prominently, and look for that image before you spend money online.
Leave irrelevant tracks
Every time you send or receive an e-mail, your e-mail address is flying through that chaotic void we call the Web. Not to be too paranoiac about the matter, someone out there, cleverer than you or I, can grab the e-mail address. Think about it. Spam doesn’t come into existence spontaneously, with senders, whoever they might be, randomly and successfully guessing your address. It’s possible to track anonymous terrorists, after all. But, it’s possible to thwart much spam by means of a free, disposable e-mail address that can be abandoned without regret when the spam load becomes intolerable. Your official e-mail address is reserved for friends, family and business associates. If you go this route, you have plenty of choices, as depicted at http://email.about.com. There are at least a dozen options available, some of which offer multiple e-mail addresses and some with unlimited storage. The trick is that you must show activity on the free account or it can be deleted. If you’re going to buy things from Web sites, it might be worthwhile to get a separate credit card to be used expressly for online purchases. In fact, it would be nice to establish a completely fictitious persona for those transactions. But, that’s a matter for another day.
E-mail Executive Editor Russ Kratowicz, P.E., CMRP, at [email protected].