How to protect your online privacy

Simply because a site asks for or demands personal information from you does not mean you have to give it.

Jan 1st, 2003

Since January is traditionally the time for making New Year's Resolutions, I'd like to offer 12 pretty good ideas for your own protection in this interconnected global village. For the resolutions, I am indebted to Stanton McCandlish, the technology director of the Electronic Frontier Foundation (EFF), the San Francisco-based watchdog group set up by Lotus founder Mitch Kapor and colleagues. I've condensed the commentary significantly, so I urge you to go to the source (www.eff.org) and get the full impact of McCandlish's advice.

1. Do not reveal personal information inadvertently. You may be "shedding" personal details, including e-mail addresses and other contact information, unless you properly configure your Web browser. In your browser's "Options" or "Preferences" menus, you may wish to use a pseudonym.

2. Turn on cookie notices in your Web browser. Browsers now allow user control over cookies.

3. Keep a "clean" e-mail address. When mailing to unknown parties; posting to newsgroups, mailing lists, chat rooms and other public spaces on the Net; or publishing a Web page that mentions your e-mail address, it is best to do this from a pseudonymous "side" account.

4. Don't reveal personal details to strangers. The speed of Internet communication is often mirrored in rapid online acquaintanceships and friendships, but you don't really know who these people are or what they are like in real life.

5. Realize you may be monitored at work. Avoid sending highly personal e-mail to mailing lists, and keep sensitive files on your home computer. In most U.S. states and many countries, employees have little privacy protection from monitoring by employers.

6. Beware sites that offer a prize in exchange for your contact information. They are probably gathering this information for direct marketing purposes. In many cases your name and address are worth much more to them because they can sell it to other marketers.

7. Do not reply to spammers for any reason. If you get a spammed advertisment, don't bother replying with "REMOVE" in the subject line. This simply confirms that your mail is being read by a real person and you'll find yourself on dozens more spammers' lists in no time.

8. Be conscious of Web security. Never submit a credit card number or other sensitive personal information without making sure your connection is secure (encrypted)--look for a closed lock (Windows) or unbroken key (Mac) icon on the browser window.

9. Be conscious of home computer security. Your own computer may be a trouble spot for Internet security. If you have a DSL line or cable modem or other connection to the Internet that is up and running 24 hours, turn your computer off when it's not in use.

10. Examine privacy policies and seals. When you are considering doing business with a Web site, there are factors to consider other than a secure connection. Does the site provide offline contact information, including a postal address? Does the site have a prominently posted privacy policy?

11. Remember that YOU decide what information about yourself to reveal. Simply because a site asks for or demands personal information from you does not mean you have to give it.

12. Use encryption! There are other privacy threats besides abusive marketers, nosy bosses, spammers, and scammers. Relatively easy-to-use e-mail encryption software is available for free, such as Pretty Good Privacy (PGP, available at: www.pgpi.org).

By following these recommendations, not only will you stand a better chance of protecting your personal information from use by the "bad guys," but you will also reduce the chances of misuse by legitimate organizations. That's a good thing, in my view.

Jeffrey Bairstow
Online Editor
jbairstow@pennwell.com

More in Software