|
One of the hottest Web debates today concerns privacy: with so many Web sites soliciting (or requiring) information about users, people worry about how sites use the personal data they submit.
While this has led to an uproar about Internet privacy, the ?danger? really comes down to two simple ideas: spam and unapproved (but generally anonymous) market research.
The first is obvious enough. The e-mails of consumers ? collected through site registrations and online orders -- are sold or exchanged to companies for advertising and sales purposes.
But the more compelling -- and complicated -- privacy concern generally rises at sites that offer personalization. In order for people to take advantage of customization options at sites, Web pages typically save identifying information on the computers of visitors.
But if a site can recognize consumers when they return, it can also track their behaviors and interests -- information that is of interest (and value) to marketers, advertisers and researchers.
And beyond just privacy, sites that automatically identify users can also raise security concerns.
Cookies
Most of the privacy concerns on the Net revolve around customization on sites. In order for news organizations, portals or e-commerce sites to provide content personalized to individual preferences and interests, they must have a way to keep track of visitors.
If your browser is set to accept them, Web sites can save information about you in a specific folder on your hard drive (Internet Explorer and Netscape Navigator save cookie entries in different locations). Cookies are organized and stored according to the Web sites that create them.
When you visit a Web site that uses cookies, that site asks your browser to check and see if it there is a cookie entry from that site on your computer. Cookie files can contain personal identifiers, as well as general information and preferences.
For instance, a visitor might tell a news site her favorite sports teams, news topics and stocks. Then, every time she visits that site, a custom frontpage would be built with tailored content according to information and preferences saved in the cookie file on her computer.
The benefit and convenience of cookie files are obvious. The alternative would be to have to log in to a site every time one visited, or to have to re-define preferences and customized settings each visit if you did not want to create a permanent user profile.
But identifying users through cookies serves more than just the consumer -- customer tracking allows Web sites to gather very specific demographic and behavioral information. And many organizations are willing to pay for detailed information on consumer behavior and interests.
Tracking users through sites
For many sites, tracking user identities is about more than offering personalized content to the end-user. Every page you visit, every link you click or avoid, is information collected toward building statistical data on consumer behavior.
And the more detailed the ?registration information? a site collects (when you sign-up for customized content), the more valuable (and detailed) the consumer profile data that can be generated.
For example, let?s think about e-commerce motivations. Most products have different target markets, commonly divided up by age, income levels, location -- coincidentally three of the most common user questions sites ask visitors.
So when a site has a user profile of you that includes that information, it can compare your behavior and interests with your demographics to create useful statistical data.
This allows advertisers and manufacturers to find out not only what products people of certain profiles are purchasing, but -- perhaps more importantly -- which products they are looking at and not
It might surprise people to know that direct marketing is not the end-goal of most of this kind of user tracking -- sites most commonly sell this demographic statistical data without names. The departments in organizations with an interest in cumulative user behavior typically tend to focus on user trends and preferences, rather than on making sales to individuals.
Which makes this privacy concern more of a battle over abstract principals (sites making profits off your behavior and statistical information), as opposed to a direct compromise of or intrusion on your privacy.
But targeted or direct marketing does rear its ugly (and intrusive) head on the Internet ? just from another (although similar) source.
Checking form boxes
Have you ever filled out a Web form for a site, perhaps to register so you can view certain content such as New York Times articles, or to request information on a product or service? When filling out ?free? registration forms, do you ever pause to read the paragraphs of texts (the online ?fine print?) commonly located at the bottom of forms, with little checkboxes next to them?
Many Web registration and information request forms -- and just about all of those on commercial sites -- try to automatically enter your e-mail address into a database so they can re-use or sell your name to the Internet equivalent of junk-mail lists.
Unfortunately, one of those checkbox options you might normally skim over probably says something like ?It is all right to share my e-mail address with other reputable companies? or ?Please tell me about future offers.? And unfortunately for you, many sites are kind enough to pre-check that box.
This privacy concern is simply a new spin on an old marketing and sales problem -- reselling of consumer names and information.
Similar to snail mail catalog chains -- where you sign up for a product or catalog and then are deluged with similar catalogs through postal mail -- after filling out a free online subscription, newsletter or offer, your electronic mailbox is suddenly spammed with unsolicited offers.
In most cases, though, the user had an out to avoid getting the electronic river of advertising -- but simply missed it. Rather than skipping over the checkboxes and fine print, carefully read Web forms you fill out. In particular, be wary of checkboxes accompanied by small print.
A cautionary note about saving login IDs
With each upgrade of browsers such as Internet Explorer and Netscape, new features are added to try to make surfing the Web easier and more convenient. But new technological ?conveniences? often raise privacy and security concerns.
One of the most common (and repetitive) online tasks is logging into Web sites that requires user accounts.
Let?s say you are a ?pay? subscriber to ESPN.com; in order to read certain content, you have to ?log in? using your subscriber username and password. Every time you visit the site you have to type in your user ID and password into two form fields.
In order to save you time, Internet Explorer features an ?AutoComplete? option that will remember information you enter into form fields on certain sites -- so that on subsequent visits that information will automatically be entered in the proper form fields on the login page.
But like cookie-based storage of login information, this means that if someone besides the valid user tries to log into that location using the same computer, the valid user?s login will be entered -- giving someone else access to that site (using the other consumer?s account) and all the information it contains.
Importance of personal login information
So why should you care if someone is able to get into a site using your login ID?
Sure, much of the content that is protected by user logins is innocuous information such as ?subscriber only? content on news sites such as ESPN.com or the Wall Street Journal.
But what about e-mail? Many people have flocked to Web-based e-mail pages -- where you can read e-mail through Web pages from any computer (as opposed to using an e-mail program such as Microsoft Outlook or Netscape Messenger). Would you want someone sitting down at your computer and reading your messages?
Plus, many e-commerce sites are now adding the ?convenience? of allowing you to save your shipping and billing information (including your credit card number) so that when you purchase items you don?t have to fill out the same form every time. But if someone else logs into that site under your ID, they could go on a spending spree on your dime.
Now, many sites try to protect users by forcing logins (as opposed to saving ID information solely in a cookie), but IE?s AutoComplete option, and similar services by third-party software, can compromise your privacy and security.
The best way to address this concern is to simply not use those services -- or at least to consciously consider the form information it offers to save. When the Internet Explorer Auto Complete option comes up, you can always click ?Cancel.?
Now, obviously, if you are using a secure computer (such as your home computer), this may not be an issue -- and options like AutoComplete are not only convenient but can improve your online experience.
But if you use a computer that others have access to, such as at the office, you can protect yourself by being aware of privacy and security vulnerabilities, and making informed choices when saving your personal information.
|
Article Feed
