Your privacy is valuable and should be guarded! If it is treated carelessly, you could find that unauthorized charges have been made to your credit card, or that your credit has been damaged, or even that your credit profile and financial reputation have been hijacked by another.
Less seriously, you could even find yourself swamped with unsolicited email, an increased amount of junk postal mail, or more telemarketing calls. The benefits of being online far outweigh the risks, but being aware of the risks and knowing about available resources and support is important.
Make sure you know whom you are giving private information to, why they need it, who will have access to it, how it is protected, and what it may be used for. Also find out how you can correct any errors, or remove yourself from a company's database. If you're ordering a gift for a friend, will the recipient mind the disclosure of his or her personal information?
Be especially cautious when asked to provide Personally Identifiable Information (PII), such as:
Profiling, also called "creating a digital profile" or a digital persona, is the practice of compiling information about your habits, preferences, and interestsgathered primarily by tracking your movements online. While your movements and interests at one site may not be significant, the combination of your total movements, interests, and purchases across the Internet paint a more complete (if, at times, false) picture. Using the resulting consumer profiles, advertisers create targeted advertising for any web site you visit. Some consumers enjoy this personalized experience; others consider it an invasion of their privacy.
Some sites work in covert partnership to convey visitor information to each other. Data can then be compiled about you in many ways and places.
If you are concerned about your privacy, you might find it helpful to research some of your interests anonymously, using one of several anonymizing web services as a proxy for your surfing.
Another option is to use a ¹disposable email address. A good ¹disposable email address is separate from a personal or work email address and prevents strangers from easily gaining information about the sender merely by looking at the address. The email address would not make a good ¹disposable address because strangers can easily decipher that the address belongs to someone at NetAction whose last name is ¹Smith. But an address like doesnØt reveal anything about the sender.
Good places to obtain ¹disposable email addresses are web sites that offer free webmail, such as Yahoo or Hotmail. A list of free email services is at:
Cookies, the little bits of text placed on your computer by web sites you visit, help the vendor identify you, including when your last visit was, which pages you visited, and references to past or potential purchases, among many other things. A cookie can stay on your computer for minutes or for years.
Cookies are also placed on your computer by advertising companies as a part of their banner ads. Whenever you click on such an ad, a little bit of data about you gets added to their "digital profile" of who you are and what you're interested in. The Marketing section has more on this.
In your browser's preference settings, you can choose to turn cookies off or receive an alert each time a site wants to set a cookie on your computer. If you turn cookies off, some sites (shopping carts or other features) may be disabled or less functional. However, not all shopping technologies are dependent on cookies, and not all sites tell you if cookies are required. You should feel free to explore your options to find a level of functionality and comfort that suits you.
Low- and no-cost programs are available to edit your cookies file. You may wish to get rid of those cookies from one-time visits or from specific sites or advertisers.
Remembering all of your data interactionsaccount identification, password, and other registration detailscan be a challenge. In this time of major corporate mergers and acquisitions, the company that collects your data may, along the way, be operating under different policies. Even without changes in administration, information-use policies may be changed, even retroactively, so it is advisable to keep track of your vendor's evolving behavior. Check your accounts and site policies occasionally, and exercise your option to correct information or opt out of your vendor's database.
There are many practical and common sense things you can do to help guard your privacy if you are concerned.
These voluntary seal programs vary widely in their use and effectiveness. Some programs are new, while others may sound familiar. There are no significant punishments for violators. None of these programs is legally enforceable, and not all businesses displaying these seals are valid program participants.
Three of the more widely-recognized programs are briefly discussed below.
Web sites and online services displaying a BBBOnline Privacy Seal have also committed to the BBBOnline dispute resolution process, and are subject to random independent audits of their information practices. Penalties for violators are minimal.
The Platform for Privacy Preferences Project (P3P) enables privacy practices to be retrieved automatically, interpreted easily, and responded to automatically, in a standard format, as part of your interactions with a web site. The focus is to automate decision-making and transfer of basic visitor information when appropriate. This approach is not yet widely adopted and lacks enforcement mechanisms.
TRUSTe is a partnership and seal program that requires a web site to have a posted policy explaining its privacy practices. That policy "will openly share, at a minimum, what personal information is being gathered; how it will be used; with whom it will be shared; who is gathering the information; what options the user has; what security procedures are in place to prevent misuse or loss and how users can correct information to control its dissemination." TRUSTe came out of efforts lead by the Electronic Frontier Foundation; it remains controversial. One reason: several TRUSTe members were found to violate their own privacy policies.
Most of the information moving around the Internet is designed to be as widely read as possible. In order to protect private or sensitive information from wide dissemination, some form of encryption, or codinglike that used in a secure servershould be used.
Online ordering systems generally use a secure server, allowing your personal informaton to be encrypted as it moves across the Internet. However, the costs of setting up and maintaining a secure server are not trivial, and smaller vendors may offer other options. Some include using a third party's secure server (whose privacy policies may be different from your chosen vendor's); online ordering without the benefit of a secure server and encryption; or possibly offering an order form to be returned by fax or email. Remember that if you send credit card or personal information in a regular email message, it is not going to be secure. The level of security offered by any vendor is a matter for your consideration and trust. Don't order from any sites using methods that you don't trust. For more information on payment options, see the section on Paying Online.
Most web browsers have a little key or a lock in the lower left corner to indicate your browser's connection to a regular or secure server. See how your browser looks.
It's generally considered risky to type in any Personally Identifiable Information (PII), such as your credit card number or Social Security number, if the key or padlock is broken. If you aren't sure, call the merchant on the phone or make your purchase from another online store. Pay attention to all requests for personal information. Never share your password.
Here's a little more information about secure sites.
The Secure Socket Layer (SSL) creates a protected, encrypted connection between your home or work computer and your store's server. The URL (web address) of a secure site always begins with https:// (you will need to type it in). The more common, but insecure, http:// is assumed when you type a regular URL.
SSL uses technology called public key encryption, one of the strongest safeguards available today. Encryption is a process by which plain text (what you type into the order form) is "scrambled" into a code that can't be read without a special key that unscrambles the code. Your vendor, if he offers a secure site for taking your orders, has this special private key.
Next: Prevention from Fraud | Contents