Security

Great American Privacy Makeover

Illustrations by Joe Zeff — Illustration: Joe Zeff

It starts out innocently enough. You're browsing the Web, dreaming of the weekend and your next golf game, and you happen across a great-looking site that promises to drop your handicap in three easy lessons. Sounds good, but you've got a meeting in 5 minutes, so you hastily sign up for the site's weekly newsletter and dash off.

When the newsletter arrives several days later, however, it's not alone. Every day, more and more new spam crams your mailbox, hawking Caviar Quarterly subscriptions or pitching wild weekends in Las Vegas.

Who knew one newsletter would have so many pushy friends--and who invited them in the first place?

Companies that collect facts about you often have obscure data-handling practices, so your name, address, and account numbers could end up spreading across the Web faster than a cold at a corporate retreat. Your problems don't stop there--you also have to guard against ever more sophisticated scammers and hackers who are out to steal your identity or your company's data. And studies show that these problems keep getting worse both for individuals and for businesses.

But how do you know what information is really necessary to complete a transaction and what's collected for marketing? Which utilities can safeguard your PC from prying eyes and invading worms? Once you've given out your credit card number or your mother's maiden name, how can you tell where the information is going, or who is watching it?

No wonder even savvy Internet users are confused. We at PC World wanted to find out how deep the problem ran, so we put together a survey and gave it to 1500 Internet users: 500 PC World subscribers, 500 PCWorld.com visitors, and 500 AOL or OpinionPlace.com users. We asked questions about their habits and concerns, as well as what they do to protect themselves online, and then we rated the answers to come up with a Privacy Quotient (PQ) score.

Our goal? To use what we learned about the vulnerabilities in users' security practices and offer practical, easy-to-follow advice to help you keep your personal information private and lead a safer life online.

Smart Users, Risky Choices

Our survey group was an advanced bunch, with about 87 percent rating themselves intermediate or higher in PC proficiency. They're serious Web geeks, too: Up to 70 percent spend 10 or more hours a week online. Despite this experience, the group had a PQ average of 56 (out of 100). Our own PC World editors also took the survey and did only slightly better, with an average of 60--which clearly shows that there's a big gap between knowing about privacy risks and precautions, and acting on them. All of us could do much better.

We quickly noticed discrepancies between respondents' concerns about online dangers and their practices. For example, 88 percent of the group worried about sites sharing or selling e-mail addresses, but only 33 percent frequently read privacy policies, and only 7 percent complain about a policy they disagree with.

Overall, we discovered that privacy slips occur most often in three key areas: password management, use of security tools such as antivirus software and firewalls, and habitual online behavior.

Unfortunately, "there are lots of ways to violate security, and there's no way to close up all the holes," observes Jay Foley, co-executive director of the Identity Theft Resource Center (ITRC) in San Diego. But you can greatly improve your chances with a little more care and just a bit of trouble.