It pays to be paranoid online
August 8, 1998
by Cathryn Baskin
(IDG) -- We've turned into a nation of paranoids, justifiably so. Web sites surreptitiously gather information about where we go online and what we read. Massive databases sell information about us we don't share even with our families. Spam -- fraudulent and otherwise -- continues to skyrocket, clogging overtaxed networks. The number one deterrent to Internet commerce, polls say, is fear.
As privacy continues to dwindle, there's not much agreement about how to protect the little that remains. In the last two months, lawmakers, computer industry alliances, and consumer groups have proposed all kinds of laws and voluntary guidelines to protect consumers and businesses and make e-commerce safe. But as this issue goes to press, little has been resolved.
Much talk, little action
In early June, the Federal Trade Commission released the results of its survey of Web sites. The commission found that 92 percent of commercial Web sites surveyed collect personal information, but only 14 percent let individuals know what they do with that information. Eighty-nine percent of children's sites surveyed collect personal information, but less than a quarter instruct kids to get their parents' permission before providing that information. In response, the FTC outlined legislative recommendations for children's sites, with more to come later this summer.
On June 22, a group of companies that sell products on the Web formed the Online Privacy Alliance, calling for more industry self-regulation in an effort to stop government legislation. Members of the group include America Online, Microsoft, Netscape, AT&T, and Equifax, the credit-report supplier. The group says it will develop privacy rules and announce its enforcement policy by mid-September.
On June 23, the Department of Commerce convened its Internet privacy summit. Both Commerce Secretary William Daley and Vice President Gore warned that the government would intervene unless the industry cleaned up its act.
On June 24 and 25, two new antispam bills were introduced in Congress, joining five other federal bills trying to outlaw or curb spam. One proposal would make it illegal for spammers to use fake e-mail addresses; prohibit using individuals' "remove" requests to create new mailing databases; and impose fines of $10,000 or more on violators. Another would also make it illegal to use fake e-mail addresses and would authorize the Federal Communications Commission to create a national database of e-mail addresses for people who want to opt out of unsolicited mailings.
On July 14, a broad consortium of computer industry, telecommunications, and consumer organizations released to the FTC the results of its year-long study on unsolicited commercial e-mail. Consortium members include Internet service providers, America Online, AT&T, MCI, the ACLU, the Center for Democracy and Technology, the Direct Marketing Association, IBM, and Microsoft.
This group calls for a mix of industry self-regulation and government oversight. Among its proposed solutions: filters and additional tools to help individuals exercise greater control over incoming e-mail messages; regulations to prohibit the use of fake e-mail headers; efforts by e-mail providers to create opt-in and opt-out programs; and increased government efforts to eliminate e-mail fraud, with the FTC, the Justice Department, and state offices clarifying their jurisdiction by taking on test cases. The group also recommends that the industry study the costs of the e-mail system in order to more fairly allocate the costs of spam and find ways to ease the load that spam places on the global network.
* Finally, also on July 14, the FTC released its "Dirty Dozen" list, identifying the 12 most common types of fraudulent e-mail, ranging from camouflaged pyramid schemes and chain letters to bogus investment opportunities and credit card scams.
Only the paranoid survive
In the next few months, government agencies and Congress will continue to at least debate bills. The industry will make at least a show of beefing up Web privacy policies. E-mail providers will make at least modest efforts to cut down on spam, if only because of the costs they incur. Short of pulling the e-mail plug and retreating to self-sufficient hideouts in the woods, we can only flood our legislators, e-mail providers, and Web sites with spam of our own, letting them know what measures we favor and what we won't tolerate. In the meantime, as the government and industry continue their posturing, it pays to be paranoid.
Cathryn Baskin is editor in chief of PC World.