ISPI Clips 5.51:
Your Online Profile--Where You Go, What You Buy--Is Vulnerable
Saturday October 17, 1998
This From: TIME.com Magazine, OCTOBER 12, 1998 VOL. 152 NO. 15
http://cgi.pathfinder.com/time/
Watch Your Tracks
Here's how to protect it
http://cgi.pathfinder.com/time/magazine/1998/dom/981012/personal_time.your_
tech2a.html
By MICHAEL KRANTZ
TIME technology writer
Run a search on your PC's hard drive for the phrase "User Profile," and
you'll find a long list of items like this: "yahoo.comTRUE/FALSE 3262463
493 Y v=1&n=82iosk148jr9n." This gibberish is just one in a series of
digital snapshots of my recent online travels: what websites I visited;
what pages I viewed and for how long; what I bought, downloaded or
printed. What's more, every site I visit can send programs called
"cookies" down the phone line into my machine to snag this data and either
use it to try to sell me something ("He spends time at E! Online? Let's
spam him with that Titanic-for-$5 offer!") or sell my "profile" to some
other marketer. Yikes.
For years, of course, everyone from insurance adjusters to credit-card
companies has made money swapping consumer profiles like baseball cards.
But the Web is bringing this great American pastime to new levels of
invasive splendor. Ironically, one of the most attractive features of the
Net--its ability to customize content instantly--morphs smoothly into one
of its most sinister: the ability to monitor who you are and what you're
doing online, even as you do it.
It's not just the embarrassment factor we're talking about here: the guy
whose wife checks out his log and finds the porn sites he hit last night.
Consider how much other personal data could become available as we conduct
more and more of our lives in this (thus far) happily unregulated
world--investing and paying our bills online, filling our prescriptions,
etc.
How forthright have websites been about telling users what data they're
unwittingly providing? Not very. Last spring the Federal Trade Commission
studied 1,400 sites and found that only 14% had posted privacy statements
of any kind (though 71 of the 100 busiest sites did so).
While a Senate committee last week approved legislation that would
authorize the FTC to regulate the profiling of children, the agency seems
willing to let the industry clean up its own act with regard to adults.
Enter TRUSTe, a nonprofit group that has persuaded 270 of the Web's most
popular sites to post and abide by statements telling what data they
collect from visitors, how they use that data and how visitors can
restrict that use. Web leaders such as America Online, Microsoft and
Netscape plan an announcement this Wednesday to address privacy concerns.
Some, though, are skeptical that a voluntary system will work. "If
anybody's going to make money off your identity," says Fred Davis, chief
executive officer of the software start-up Lumeria, based in Berkeley,
Calif., "it should be you." And, of course, Fred Davis. Due in early 1999,
Lumeria's software will, among other things, help you control your data,
keeping nosy marketers from grabbing your profile unless you let them. In
fact, Davis thinks companies will eventually pay for the privilege ("Hey,
visitor No. 85834: we see you bought Titanic last week. We'll give you 500
frequent-flyer miles to tell us your name, age and income!").
For now, here's how you can keep those pesky cookies away. If you use
Microsoft's Internet Explorer, choose Internet Options under your View
menu, click the Advanced tab, scroll down to the Cookies subsection and
choose "Disable all cookie use." If you use Netscape Navigator, go to Edit
Preferences under the Edit menu and choose Advanced, then "Turn all
cookies off." But be warned: many sites won't let you in if your browser
rejects cookies, and others will harass you with dialogue boxes urging you
to accept one.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Sat Oct 17 10:54:15 1998