Surfing in secret

Attention; warriors of the Internet Age:

Most people are aware of the Internet's benefits, but not everyone is aware of how the Internet can threaten personal privacy and the steps you can take to protect your privacy in cyberspace. Here are some simple steps you can take to safeguard your privacy

by Aditha Dissanayake

Remember the last time you gave your personal information; your full name, age, address, telephone number and even answers to questions about your personal preferences to gain access to a Web site? Beware! Someone, somewhere out there is collecting this information to build your profile and in next to no time, every web-site you visited will be splashed on the Sunday papers.

The warning given by Sun Microsystems CEO Scott McNealy two years ago to the warriors of the Internet Age: "You don't have any privacy. Get over it." can never have been more true.

Set down this, set down this; Many Web sites collect personal information; some are just more obvious about it while others collect information in more subtle ways such as making a record of your Internet Protocol (IP) address and of the Web pages you visit.

Web sites do this by placing one or more "cookies" on the hard drive of the computer you are using. "Cookies" are small files of text that can collect and store information such as: your IP address, how many times you have visited the site etc. The plus side of this is that this information allows Web sites to identify you the next time you pay a visit.

However, cookies also enable Web sites or marketing networks to create a profile of you based on the information you have provided and your browsing patterns, often for advertising purposes.

This profile may be forwarded to an advertiser who selects advertisements to pop up on your screen that appeal specifically to you. Advertisers may also use this information to send email ads for products and services they think you might like.

Once information is collected, it can be used, shared - and possibly abused - in countless ways. It can be difficult to determine what happens to personal information circulating on the Internet.

Media stories about hackers gaining access to supposedly secure Web sites and obtaining credit card numbers and other personal information suggest that few, if any, Web sites are completely secure. Poor information handling and security practices may cause risks to your privacy by allowing unauthorized access.

So may the dishonest or disgruntled insider who has legitimate access to your information but uses it fraudulently.

Obviously, the best way to protect the privacy of your personal information is by never giving it to a Web site - but that's not always practical. Using the Internet to shop, obtain services and get information is convenient and beneficial for many people. These activities may require the use of personal information.

In a perfect world, companies would always protect your personal information. Unfortunately, this is not the case. Here is what you can do

Always read the Web site privacy policies or statements before submitting personal information, particularly sensitive financial or medical information. Surf anonymously by using third party software that hides your real IP address and use a disposable email address instead of your usual one when giving contact information to unknown parties on the Internet.

If you take part in chat groups and other online discussion forums, then you may be posting messages to a public site that all the world can read. Anyone from the simply curious to potential employees can search for copies of your messages, which may be kept indefinitely.

It is possible to find the names of chat or discussion groups in which you participate, and the names of news groups to which you subscribe.

The names of those groups alone can reveal a lot about you.

What you can do:

Participate in chat or discussion groups under a pseudonym.

Be discreet. Don't provide personal information unless absolutely necessary.

Use a disposable email address that can be discarded.

Some groups that store your old messages offer tools that allow you to delete them for good; do it! Electronic mail

Email: What can happen:

Email is a highly convenient and cost-effective way to communicate. Your private email address, along with the content of personal email messages, is your personal information. You should be aware of the many privacy risks to email and what you can do to reduce them.

Unwanted solicitations or junk messages, otherwise known as spam, are clogging email boxes in increasingly intrusive and offensive ways. The collection, use and disclosure or your email address without your consent is serious and is a growing privacy concern. It may also be a fraudulent or criminal matter.

Some of the unwanted email messages you receive may seem to "know something" about you and be specifically targeted to your interests.

If so, you may have been profiled based on other personal information associated with your email address. If you have filled in an online survey, entered a contest, joined a mailing list, made an inquiry or purchase - and provided your email address - chances are that you have been profiled. Profiling is a common tactic in advertising and direct marketing, where reaching a specific type of customer is essential for success.

Email advertisers and marketers go to great lengths to personalize their email messages and to measure the response rates of direct marketing campaigns. If you click on a link within a message, this action may be registered and associated with your profile.

Spammers may even include fake opt-out links in their messages - clicking on any link may confirm the email address is "live" and fits the profile of someone who responds to direct marketing pitches. Any way in which you respond that is measurable may go into your profile. This profile is worth money. It can be sold dozens of times around the world, without your knowledge or consent, which leads to more spam - and a serious privacy concern.

Another common practice is the embedding of "Web bugs" in emails, which send messages back to the sender when previewed or opened. These bugs measure live views of the email, confirm valid email addresses, and may collect behavioral and computer information on the subject. A "Web bug" can also place a cookie on the hard drive, providing the IP address for pop-up ads.

A new very serious email scam is known as "phishing". A fraud artist sends an email that appears to come from a reputable company or business. The message indicates a problem with the recipient's account, and asks for account numbers and other personal information to "correct" the file. This information is then used to commit identity theft and fraud.

Some email messages introduce viruses, worms and Trojans into your computer system. Messages may contain attachments that embed malicious code into your computer to corrupt files or hijack your home page or modem. This code may spread itself to other computers using your email address book.

Remote surveillance tools can be installed that monitor and transmit your online behaviour, record your keystroke pattern, or open backdoors on your computer system that allow hackers to actually take control from a distance. Most of us have strong expectations of privacy when sending email, but the reality is that sending an email message is like sending a postcard.

The Ceo of Radinks Pvt Ltd. a Sri Lankan company that develops secure file transfer software says. "Email really is a postcard, anyone between you and the recipient can read a message that you send. If you are in an office, that includes the system administrator and your boss. And the recipient's boss can quite easily read it too.

The only way to avoid it is to use encryption, but you hardly ever see anyone sending encrypted mail'

It is not technically difficult for a copy to be made in transmission.

And once you send an email, you have lost control over it and its contents. In this world of electronic networks and instantaneous communications, your "personal" message can be forwarded to a public forum for the entire world to see with the click of a mouse.

Whether in the public domain or not, email messages are often permanently archived and subject to indexed search and retrieval. Perhaps one of the most serious privacy violations occur when someone else obtains your username and password to your email account. With this information, your incoming mail can be downloaded and read by others for years, without you ever knowing.

What you can do:

Be cautious when providing your email address online. Always read the privacy notice and be sure you are dealing with a legitimate entity. As a rule, don't provide someone else's email address online.

Use disposable email addresses for mailing lists, contests, etc

Read all your email messages offline. If possible, read them in text only format.

Do not respond to spam in any way. For legitimate businesses, choose to opt out as soon as possible.

Install and use anti-spam, firewall, anti-virus and other privacy and security enhancing software, and keep it up to date.

Download and install critical security patches from your operating system.

Do not open attachments from unknown senders.

Regularly change your password for accessing your email accounts.

When forwarding messages, delete the previous recipients' email addresses.

With all this, let's hope in the
year just begun you will be surfing
the net, safely and in secret.

Happy surfing.

Source: www.privcom.gc.ca
 

[email protected]