aka You; Keep your online life private with common sense and software

THE BALTIMORE SUN

Although it's too early in this article to discuss exploding e-mail, suffice to say that crafty new techniques to protect your online privacy are about to make a bang.

And they're arriving not a moment too soon.

Studies show privacy is one of our greatest fears when we wander the World Wide Web. And for good reason: Like bread crumbs in a forest, every mouse click in cyberspace leaves an electronic trail, revealing bits about our identity, geographical location and tastes.

Online merchants and marketers routinely collect this information using software tools that are widely available to Web site operators. As a result, others may know more about who we are and what we like than we realize -- or want.

"We're starting to see the outlines of what could become a serious privacy problem," says David Sobel, general counsel for the Electronic Privacy Information Center in Washington. "The whole issue boils down to a consumer's control of data about them."

So what can you do to protect yourself?

Plenty. Even as online data collectors race to find out more about you, a growing number of start-ups are swooping in to help you take control of your identity and fend off online snoops.

Of course, privacy advocates caution that the best protection is still common sense.

"All the technology in the world won't help you if you start giving out your password or e-mail address voluntarily," notes Lance Cottrell, CEO of Anonymizer.com.

But common sense can only do so much. That's why Cottrell created one of the first Web sites to offer a technological solution to the online privacy dilemma.

Anonymizer.com does for your online correspondence and mouse trails what offshore banks do for cash: launders them by passing Web pages through its computers, scrubbing away every electronic trace of who you are or where you come from.

Specifically, Anonymizer hides your Internet Protocol address, a unique number assigned to every online computer that offers clues to its owner's real-world identity and location. It also diverts cookies, small data files that Web sites quietly insert on your hard drive to track you, as well as JavaScripts, programs embedded in Web pages that could be used to peek at the files on your computer.

The service -- and more recent imitators such as Aixs Net Privacy -- are simple to use: enter the address of the Web site you want to visit into an on-screen address bar.

Anonymous Web browsing comes at a price, however. Using these services is usually slower than surfing directly. Also, cookies and JavaScripts aren't always bad. Cookies, for example, save you from having to punch in your password repeatedly on a secure Web site and make it possible to customize your Yahoo! home page with local weather and the prices of your favorite stocks.

(Anonymizer.com offers a faster service for $50 a year that gives subscribers the option of choosing which cookies they want to keep and which they want to chuck.)

E-mail presents its own privacy dilemmas. Like a postcard, an electronic message can be read by any competent hacker as it hops from computer to computer to its destination. And its journey leaves a trail with your name at the beginning.

To keep your identity secret, you can use a "remailer." These services -- Anonymizer and Replay are two good ones -- strip away identifying information in the header of your e-mail and bounce the message through several computers to erase all traces of its origin.

Because of the circuitous routing, remailers are slower than sending e-mail directly. Also, since your recipient has no idea who sent the mail, they may have a hard time replying (which is why this technique is popular among junk e-mailers).

Launched this month, a new service called ZipLip offers an alternative for people who want to keep their correspondence private but want recipients to know who sent it.

To use it, you compose an e-mail on the secure ZipLip Web site. Afterward, ZipLip notifies the recipient that a letter is waiting. To read the message, the recipient punches in a password previously worked out with the sender. After the note has been read, ZipLip digitally shreds it.

Even more exotic technologies are on the way. Remember the tapes Peter Graves listened to on "Mission: Impossible"? Well, a start-up in Austin, Texas, has figured how to make an e-mail message self-destruct.

"It does everything but smoke," says Bob Gomes of Infraworks, which plans next month to unveil the free service, called InTether, which allows you to retain control of an e-mail after it arrives at its destination.

The service protects file attachments -- anything from a word processor document to a music file. To use it, both sender and recipient need a copy of the free software. Once installed, the sender can specify who can open the file, how many times it can be read or printed -- even how many minutes or hours it can be used before expiring. The file is then encrypted and dispatched.

Once the message expires, or if someone tries to tamper with it-- poof! The file goes bye-bye, wiped completely from the recipient's hard drive using a technique developed by the Defense Department to erase classified disks.

But not everything we do on the Internet has to be so cloak-and-dagger. After all, sometimes we actually want to let a merchant know who we are. How do we e-shop without totally losing control of our name, address and other personal information?

That's where "infomediaries" come in. Infomediaries are firms that play matchmaker between companies and consumers. It's a radically different take on traditional commercial relationships -- and one that not everyone is convinced will succeed.

Here's how it works: Say you're in the market for a trip to Europe. You contact your infomediary, who puts the word out to travel agents and tour companies, disclosing only nonidentifying demographic information such as your age or income level. Based on this data, travel companies dispatch targeted offers to you via e-mail.

If you like what you see, you respond. If not, they're none the wiser. "The consumer will be in control of a brand called 'me,' " says Cathy Meister, vice president of marketing at PrivaSeek Inc., a start-up infomediary in Colorado.

But critics wonder whether consumers will trust unknown infomediaries enough to hand over the same information -- name, address and credit card number -- that they don't want to give to marketers, notes Beth Givens of the Privacy Rights Clearinghouse.

That's why some privacy advocates are touting infomediaries such as Enonymous.com, a San Diego start-up that plans to connect buyers and sellers while remaining blind to the identity of its customers.

The firm is being praised for its new free software utility for checking the online privacy policies that more and more Web sites are posting to ease consumer fears and head off government regulation.

"Just because a site has a privacy policy, it doesn't mean companies are looking out for consumers," says David Taylor, CEO of Enonymous.com. "We found many privacy policies are like a sieve -- full of holes."

The company has scrutinized the policies of 10,000 Web sites, rating them with one to four stars. One-star sites are the ones most likely to sell you out to marketers, says Taylor, while four-star sites never share your personal information without permission.

Their findings were often surprising. Ebay and AOL were awarded four stars, while Yahoo! and Amazon.com were given one star.

"One-star sites are a much longer list," says Taylor.

5 tips for better privacy

1. Read the Web site's privacy statement to find out what information it gathers and how it's used. If you can't find the statement, e-mail the site and ask for it.

2. Don't enter personal information when you fill in online forms unless you plan to establish a relationship with the company. If a Web site doesn't allow blank entries, make something up.

3. Don't give out your personal e-mail address in online chat rooms, newsgroups or bulletin boards unless you like junk e-mail. If you want to be contacted, set up a free e-mail account with Hotmail, Yahoo! or another freemail provider.

4. Consider setting up your Web browser to disable cookies or have you notified when cookies are deposited.

5. Never send credit card or other personal information by regular e-mail unless it's been scrambled by the latest encryption technology.

PROTECT YOURSELF

The Web is full of busybodies. Here's a list of software, Web sites and other resources to help you preserve your privacy and sanity.

Junk mail filters

Most e-mail programs have filtering tools to weed out spam. But they're often hard to set up and maintain. The following spam killers come preset with thousands of filters to help rid your mailbox of unwanted junk.

SpamKiller 2.60 $29.95. Novasoft. www.spamkiller.com

Spam Buster 1.63 $19.95. Contact Plus Corp. www.contactplus.com

Cookie crumblers

Cookies are tiny files deposited on your computer -- often without your knowledge -- that can be used to track your movements across the Web. Most experts advise cleaning them out from time to time -- if only to reclaim hard drive space. But locating and removing these critters can be notoriously difficult. Here are two programs that can help.

Cookie Pal 1.5 $15. Kookaburra Software. www.kburra.com

Cookie Crusher 2.1 $15. The Limit Software. www.thelimitsoft.com

Password protection

Security experts advise you to use as many different passwords as possible on different Web sites. Human nature dictates otherwise. If you're having a tough time remembering whether to use your mother's maiden name or your dog's name, these password managers are for you.

Password Safe 1.7 Free. Counterpane. www.counterpane.com

v-Go Universal Password Free. PassLogix Inc. www.passlogix.com

Privacy Web sites

These sites offer the latest privacy news and tips, along with services that can keep you out of snoopers' sights. They may slow down browsing, however.

General

Junkbusters (www.junkbusters.com) Privacy-protection tips galore. Make this your first stop.

Electronic Privacy Information Center (www.epic.org)

Privacy Rights Clearinghouse (www.privacyrights.org) Come here to stay abreast of the latest privacy legislation and news.

Better Business Bureau (www.bbbonline.com)

TRUSTe (www.truste.org) Got burned online? You can lodge a complaint at either of these sites.

Anonymous Web browsing

Aixs Net Privacy (http://aixs.net/aixs)

Anonymizer.Com (www.anonymizer.com)

Janus (www.janus.de)

Anonymous remailers

Replay (www.replay.com)

Infomediaries

Enonymous (www.enonymous.com)

PrivaSeek Inc. (www.privaseek.com)

Offline protection

1. Check your credit report by calling the three national credit reporting agencies: Equifax (888-685-1111), Trans Union (800-888-4213) and Experian (888-397-3742).

2. Avoid junk mail and telemarketers by sending your name, address, phone number and signature to Mail Preference Service, P.O. Box 9008, Farmingdale, NY 11735-9008 and the Telephone Preference Service, P.O. Box 9014, Farmingdale, NY 11735-9014.

3. Get off "preapproved" credit card lists by calling 888-567-8688.

4. To foil identity theft, give out your Social Security number and mother's maiden name only when absolutely necessary. Don't put your address and driver's license number on personal checks unless it's required.

5. Check your Social Security Earnings and Benefit Statement every three years to head off mistakes. 800-772-1213.

Pub Date: 10/18/99

Copyright © 2019, The Baltimore Sun, a Baltimore Sun Media Group publication | Place an Ad
25°