While you're surfing the Web for information, the Web may be surfing for information about you.
Hardly a day goes by without another report of cybersnooping -- not by criminals or teen-age hackers, but by corporate America.
Wherever you travel online, businesses are hungry for information about you. The advertising industry wants to know what you think, where you live and what you want to buy -- and critics say they're all too willing to invade your privacy to do it.
Consider some Orwellian examples:
Where to find information on Web privacy
Sites about privacy on the Web:
Privacy Rights Clearinghouse
The Privacy Page
FTC Bureau of Consumer Protection
Electronic Privacy Information Center www.epic.org
--Through "spyware" files embedded in many popular programs, advertisers can learn what information you download, what music you listen to, and what Web sites you visit. These files often remain even when you've deleted the original program.
--Companies offering wireless Web surfing through cellular phones may leave your phone number on every Web site you visit.
--If you're using a wireless modem, your exact location can be pinpointed -- and even plotted out mile-by-mile on a map -- by companies hoping to send you an instant ad for a department store you may have just driven past.
--Whistle-blowers or letter-writers who think they're anonymous may find that their names can be easily traced by digital imprints that Microsoft has stamped on Word documents.
Concerned by regular disclosures of new intrusions into the everyday lives of Internet users, privacy advocates are blitzing the public, business leaders, government agencies and Congress with warnings.
"We're being watched a lot while we use our computers," said Richard M. Smith, a Massachusetts-based software engineer and privacy expert who has exposed some of the most celebrated intruders. "Our lives are going to be a lot more closely monitored from now on."
One of the biggest concerns among privacy advocates is the increasing use of spyware programs by advertisers and companies trying to study consumer habits.
"The greater threat to privacy is not being posed by 'Big Brother' government but from private industry," said Steven A. Hetcher, an assistant professor of law at Vanderbilt University and an Internet privacy expert.
"In the modern age, computers are the recording boxes of our lives. There's a lot of information to be gained. As time goes on, more and more people are going to try and tap into the richly detailed dossiers that are being created about people."
"Spyware" refers to software that can quietly collect information about your digital habits, including your favorite Web sites and what files you've downloaded. The programs -- embedded in hundreds of popular titles that include RealJukebox, the Go!zilla download manager, and various Netscape utilities -- are capable of quietly relaying personal information back to cyber advertisers.
Typically, these programs operate for months or years until they're discovered and exposed by independent testers and computer privacy advocates such as Smith and Steve Gibson, head of California-based Gibson Research. Just as typically, the companies caught deny any wrongdoing -- but agree to remove the spyware.
"We're trying to shine some bright lights on this bad behavior," said Gibson, whose Web site has adopted the rallying cry, "IT'S MY COMPUTER."
"By exposing what's happening, we're hoping that tremendous public pressure and outcry will result in involuntary change by these companies."
Often, the pressure works.
For example, early this year the marketing company Double Click came under fire for its plans to track surfers by name and street address without their knowledge and combine the information with outside databases. It abandoned those plans in March.
Last week, America Online announced it was removing a spyware feature in the SmartDownload manager of its Netscape Web browser that had provoked users to file a lawsuit.
"There's just been a free-for-all for a few years with companies thinking they can have free reign of people's computers," Gibson said. "I have a fundamental problem with the lack of informed consent. I consider it rude and anti-social behavior to go and stick programs on people's computers without their permission."
A recent report by the Federal Trade Commission concluded that "a high number" of Web sites fail to protect consumer privacy, but couldn't estimate the extent or nature of the abuses.
Smith, who blew the electronic whistle on Mircosoft and RealNetworks for clandestinely collecting personal data and recently joined forces with the new Privacy Center at the University of Denver, is trying to get a handle on what's happening.
He already has some ideas.
"A lot of information is being gathered for market intelligence," he said. "But all this information is going to end up in databases, and more and more lawyers are going to want to get at it. That's a frightening thought."
Even before the Internet, private and public data banks compiled huge amounts of personal information on consumers from sources such as credit card companies, direct marketers and public records.
For example, a Florida-based service called AutoTrack allows lawyers, detectives, newspapers and other organizations to dial in and create instant profiles of citizens that include current and former addresses, unpublished phone numbers, names of relatives, car registration information and the existence of any lawsuits.
Privacy advocates fear that spyware sources could make such databases even more detailed -- for instance, the dossiers could also contain information about what political or medical Web sites you visit, what you like to buy online and who you communicate with on your computer.
While most Web sites post "privacy policies" that tell surfers what information they collect and what they do with it, those assurances don't always hold up.
Just last week, the FTC sought a permanent injunction against Toysmart.com, an online toy seller and Disney subsidiary that went belly-up in May. Toysmart had told visitors their information would be kept private; but once it was out of business, the company tried to auction its customer database to satisfy creditors.
Bad publicity is enough to force companies to change their practices. For example, Smith found that Sprint was routinely conveying callers' cell phone numbers as a "unique identifier" to every Web site they visited with their wireless browsers.
Sprint officials acknowledged the practice but denied they had betrayed customers' trust.
A phone number is communicated to Web sites as a "unique identifier," but that practice will stop early next month, said Paul Reddick, Sprint's vice president of management and development.
"It's a perceived problem, so we're going to solve it," Reddick said. "We haven't had a single customer call to say they've gotten any unsolicited phone calls. No one's called us to complain. ..."
Last week, the FTC approved a self-regulation proposal by the online advertising industry that would curtail some abuses and would give consumers more choice about what happens to their information. The agency also proposed legislation that would impose the same rules on Web sites who don't agree to the industry's proposal.
Meanwhile, many advertisers who admit to sending and receiving information defend the practice by saying that they aren't using the Web to collect personal data but rather are tracking banner ads they've attached to programs that wouldn't be free without advertising.
"I'm sure the software could be used to collect personal information, but I haven't heard of anybody doing that," said Peter Fuller, a spokesman for Radiate, a company that works with dozens of software firms to embed advertising files capable of sending and receiving information. "What we're doing is trying to communicate back what banners have been seen on someone's computer, nothing more. We are simply serving ads to our users."
Radiate is one of the companies that Gibson has kept a watchful eye on. He said it's unclear what information they are extracting out of people's computers, since the company routinely encrypts, or scrambles, the data.
"I'd like to see what it is that they're sending. But it's scrambled -- so I can't," Gibson said.
Distributed by the Los Angeles Times-Washington Post News Service
Brainerd Dispatch ©2013. All Rights Reserved.