Copyright 2000 The Washington Post
The Washington
Post
January 2, 2000, Sunday, Final Edition
SECTION: FINANCIAL; Pg. H01
LENGTH: 1940 words
HEADLINE:
HORNING IN ON PRIVACY; As Databases Collect Personal Details Well Beyond
Credit-Card Numbers, It's Time to Guard Yourself
BYLINE: Robert O'Harrow Jr., Washington Post Staff
Writer
BODY:
Now that we've lived
in the new millennium for a whole day, it seems sensible to begin worrying what
great bugaboos it will bring. My candidate: the loss of privacy.
Yes,
everybody knows it's hard to do much these days without having someone somehow
recording our business. Think about the personal details you shared to buy gifts
at Amazon.com or holiday meals with a Safeway Club card.
Amazon
"learned" your credit-card number, your phone number, your e-mail address and
the fact that you or your family like hard-boiled detective stories. Safeway
recorded for posterity your need for Head & Shoulders dandruff shampoo.
Small potatoes, maybe, but consider this: It's just the beginning. Wait until
marketers, the police and snoops of all sorts get really good at sweeping up and
analyzing all that data. The question is, what can we do when all that scrutiny
makes us as queasy as cheap champagne?
You could become a hermit.
Renounce Information Age pleasures, which means cutting up your credit cards and
turning your back on the Internet. But that's no guarantee. They found serial
bomber Theodore Kaczynski in his mountain shack, didn't they?
For most
of us, less-drastic measures will be enough. After all, we want to take
advantage of the benefits that computers, networks and electronic commerce
offer. But to have both the benefits and our privacy, we will have to make an
effort, give up some conveniences and be smarter about the trade-offs we make.
Perhaps the following ideas will become part of your New Millennium resolutions.
* Take stock of how much information you routinely share about
yourself, and think about the trade-offs.
How often do you use a
supermarket discount card or buy things over the telephone or on the Internet?
Do you use an electronic Smart Tag on the Dulles Greenway? Sign on to World Wide
Web sites? Fill out appliance-registration cards? Register for sweepstakes?
Here, then, is the big trade-off: Avoiding these things means forgoing,
for instance, the discount that a frequent-shopper card offers, or the
convenience of an online buy, or the lower toll for cars using Smart Tag.
Signing up for them opens you up to a general data sweep.
By themselves,
details about you don't mean a whole lot (except to your mother). But when
brought together in an electronic dossier and massaged by new computer programs,
personal minutiae can give marketers, government officials and even police
remarkable insight into who you are, how you think and what are you are likely
to do.
Don't think you are alone--or just paranoid--in worrying about
such things. This new exposure is unnerving to many. Not long ago, Assistant
Secretary of Commerce Larry Irving acknowledged using a made-up name when he got
a Safeway Club card: He worried that the record of his purchases might somehow
come back to haunt him.
* Ask data collectors questions, and
politely demand specific answers about how your personal information is gathered
and used.
This is not always easy. Retail clerks who ask for your home
telephone number or Social Security number when you just want to buy a battery
or a length of phone wire often don't know what their company does with the
information. You will find puzzled, even irritated, looks coming your way when
you ask why they need the information, which is often used as digital "hooks"
for lots of other information about you.
But even some direct marketers,
who are among the biggest data collectors, say customers ought to take a more
active role in managing their own personal data. H. Robert Wientzen, president
of the Direct Marketing Association, believes consumers "have a right to know
what information is being collected."
"They have the option of opting
out of everything . . . We don't want to spend the money to talk to you if you
don't want to hear from us," he said.
Wientzen also said that those who
share personal information with trustworthy businesses will receive more
personalized services and better products than ever before. So, to keep the data
flowing and to head off the threat of federal restrictions, his association has
been pushing members to be more forthcoming about how they collect and use
personal information.
* Learn more about how data is swept up
and about those who stand to gain from it.
The computing revolution
offers both remarkable benefits and new risks. And the changes have come so
quickly that few people can keep up. Try anyway.
Every time you sign up
for an online sweepstakes to win a computer or Florida vacation, look at the
fine-print disclosures to learn who keeps your name, address, telephone number,
etc. When you call a toll-free number to get a coupon for a new drug, ask who is
actually collecting your information. Assume that information is being mined for
all it's worth--drug companies, along with retailers and catalogue companies,
are building giant databases of consumer data.
* Pay attention
to what you (and your children) do on the Internet. Be aware of "cookies." Watch
your e-mail.
Privacy specialists implore people to look for privacy
policies at Web sites. (Be brave. The legalese can be daunting.)
Teach
children to be wary about sharing information about themselves or their
families. And parents should know there's a 1998 law that requires Web sites to
obtain parental permission before collecting personal data from children under
13.
"Take advantage of the notice you get as a consumer, and make good
choices," said Peter P. Swire, the Clinton administration's chief counselor of
privacy.
You can even use your computer as a tool to see who's
collecting information about you and to limit their access to it. Consider
setting your Web browser to alert you when a site wants to place a "cookie" on
your computer. For hints on how to do this, check the "help" section on your
browser, or visit a Web site devoted to privacy issues; see the box on this
page.
Cookies are simple strings of computer code that Web sites place
on a PC to help the site keep track of visitors and provide personalized service
(how did you think Amazon.com knew to say "Happy New Year, Joe" to you last
week?). It used to be that a particular cookie could be understood by only one
site. Now advertising services, such as DoubleClick Inc., use cookies to track
and profile the behavior of people at related sites across the Web, often
without the knowledge of the computer user.
Now, if you click "no" every
time a new Web site asks if you will accept a cookie, you may not get onto some
sites (some let you on anyway). You may relent or you may leave the site, but
either way you'll be making an informed choice.
You may also want to try
one of the anonymous surf services on the Web. Anonymizer.com, for instance,
acts as a sort of middleman between you and a Web site.
And consider
taking better care of your e-mail. Encryption programs such as PGP (Pretty Good
Privacy), which turn your writing into gibberish for everyone but your intended
recipient, are readily available online. Some sites, such as the Global Internet
Liberty Campaign (www.gilc.org), offer the ability to send anonymous e-mail.
* In some cases, there's not much you can do.
You have
to give your name, address and photograph to get a driver's license. Many
states, in turn, sell driver records to marketers and information services to
bolster state coffers. Not much you can do about it.
You also must
permit affiliated banks, securities firms and insurance companies to trade
highly refined records about your balances, transactions and the like. Congress
recently decided that the financial industry's ability to market their products
trumped traditional confidentiality.
This is where Marc Rotenberg of the
Electronic Privacy Information Center weighs in. He believes government
officials are
putting too much of the privacy burden on individuals. So
he urges people to become more active in calling for new laws.
Harriet
Pearson, a spokeswoman for International Business Machines Corp., agreed that
the burden should be on companies, not on individuals. But, she added, "be an
active and smart consumer, and make your views known" to the companies you do
business with.
Why Worry?
But must we really
worry about what marketers and corporations know about us and think about us?
Well, yes, say privacy and civil liberties activists. As companies amass
personal information, they use their insights to discriminate between the most
profitable people--and all the rest. In fact, that's becoming a central thrust
of many marketing efforts.
That means you may never hear about certain
deals because you're tagged as frugal or a bargain hunter. At the same time, law
enforcement investigators (hopefully armed with subpoenas) are beginning to tap
private data reservoirs, such as grocery purchases and electronic toll records.
State and federal officials are using a massive new data system to track parents
who owe child support.
Whatever you decide to do, begin now. Richard M.
Smith, a computer security specialist in Brookline, Mass., who has exposed a
series of security breaches on the Internet, recommends being especially careful
online. "Any data that you give to Web sites might end up in other people's
hands," Smith said.
Said Ari Schwartz, policy analyst at the Center for
Democracy and Technology, another privacy-oriented group: "Individuals who take
the necessary steps to protect their privacy now are getting a jump on the
future."
Privacy Resources
An array of World
Wide Web sites and books offer information and tools to help people better
control their personal information. Here are some of them:
* The Online Guide to Practical Privacy Tools
at the Electronic Privacy Information Center (www.epic.org/privacy/tools.html).
EPIC offers links to encryption programs, anonymous surf services, anonymous
e-mail services and related sites.
* The Center for Democracy
and Technology's data privacy pages (www.cdt.org/privacy/) include a new
initiative to make it easier for people to remove their names from research,
marketing and telemarketing databases. The group also offers background material
about privacy.
* Junkbusters (www.junkbusters.com), a business
specializing in privacy issues, has legal information, technical tools and other
material of interest.
* The Federal Trade Commission has placed
a strong emphasis on privacy at its Web site (www.ftc.gov). The agency provides
easy access to new regulations governing the collection of information online.
It also provides educational material about identity theft, online profiling and
related subjects.
* The Direct Marketing Association maintains a
variety of Web pages devoted to consumer and privacy issues (www.the-dma.org).
Included are answers to frequently asked questions about data collection by
marketers.
People who want to be removed from the mailing lists of
participating business can write to the DMA at Mail Preference Service, Direct
Marketing Association, P.O. Box 9008, Farmingdale, N.Y. 11735.
To
register with the group's do-not-call file, write to Telephone Preference
Service, Direct Marketing Association, P.O. Box 9014, Farmingdale, N.Y. 11735.
* "The Privacy Rights Handbook: How to Take Control of Your
Personal Information,"by Beth Givens and the
Privacy Rights Clearinghouse (Avon Books, $ 12.50) offers
practical tips about medical records, telemarketing, computer privacy and much
more. Privacy Rights Clearinghouse is at www.privacyrights.org.
--Robert
O'Harrow Jr.
GRAPHIC: IG,,TWP
LOAD-DATE: January 02, 2000