The CEO of a major technology company once famously opined that, in the Internet Age, “You have zero privacy. Get over it.”
Some of us would rather not. We’d like to keep our personal information – whether it be what we share with friends on Facebook or our credit card details – under some control. We’d prefer not to let such information out into the wild, where it can be bought and sold and, often, used against us.
If you, too, are a privacy traditionalist, take heart: there are things you can do to make browsing, shopping, socialising, and other online activities less of a threat. That CEO was right in some ways: we probably can’t keep all of our private information private. But we can certainly make accessing it harder for those who’d like to make it public.
The risk Any time you use your credit card online, your identity is at risk. Criminals can harvest thousands or even millions of credit cards at a time. That’s a problem for two reasons.
First, of course, your card can be used to buy all kinds of goods in places you’ve never been. Second, an attacker can combine your credit card number with other personal data to steal your identity and secure credit in your name.
How to protect yourself Follow your instincts for one thing: does an online merchant feel legit? Next, do your homework. You can check through the merchants listed at www.shopsafe.co.uk – a UK online shopping directory that lists secure online shops – to see if your retailer is listed. You can also evaluate retailers at the Better Business Bureau (www.bbb.org) or the Internet Retailer Top 500 Guide (www.internetretailer.com/top500), both are US focused, but will offer you peace of mind when using US web retailers. You can also look for feedback on sites like Epinions (www.epinions.com) and Bizrate (www.bizrate.com).
Another option is to find out who has registered the site you wish to shop at. Enter the website URL at www.domaintools.com or www.whois.net. Additional information such as contact name, phone number and a company address may be available.
Make sure you’re actually on the site you think you’re on. Phishing or network-redirection attacks can link you from an email message or a web page to a fake site that looks like the real thing. One Firefox plug-in, LocationBar2 (free; addons.mozilla.org) can help: It makes clear what website you’re using.
Attackers will go to great lengths to make their domains look plausible – the rather lengthy www.amazon.com.itakeyourmoney.ru, may look like the real Amazon at first glance, if you don’t check the full URL. (And the fake URLs are never this obvious.)
Regardless of your best efforts, your personal information may still be compromised. That’s why it’s also important to monitor your identity through services such as FraudLock (£7.99 per month; www.fraudlock.co.uk), and Experian (£6.99 per month; www.protectmyid.co.uk). They will alert you when any new requests for credit appear in your file. Get into the habit of checking your credit card and bank accounts frequently to make sure there are no unauthorised charges.
The risk It’s convenient when online merchants email you offers for products you were thinking about buying. But wait – how did they know what you’re interested in? Well, it’s not a secret. You told them what you like to buy and when, or perhaps you told Google, as you were browsing web pages for similar products.
With the advent of tracking technologies and sophisticated analytics, many web merchants know exactly who you are and what you are most likely to buy. They know because you tell them through your buying and surfing patterns. This is valuable data, and merchants can (and do) sell it to each other.
How to protect yourself As mentioned above, reputable retailers spell out how they use your information in their privacy policies. Check to see if your favourites sell your information to other merchants. If they do, then see if you can opt out of offers from third parties.
Consider connecting to the internet through a VPN or private proxy, which will obscure your IP address and therefore your location. This is effective only when browsing; once you decide to buy, your identity will be exposed.
If you don’t want a retailer knowing that you have been shopping for a particular item – say a holiday – use a different browser for researching.
Finally, if you’re really paranoid, shop at a variety of sites to limit the depth of knowledge about you that any one retailer can acquire. This has its risks, however; buying from a merchant who may be shady just for the sake of variety is counterproductive.