Feb 19

Security & Privacy on the Web
Sun Review Feb. 19, 2000

Every day, private communications, credit card transactions and sensitive medical and financial information flow through computer databases, across the Internet, and between cell phones, fax machines and pagers.

But there's a trade-off: the ability to move this type of information quickly and easily around the globe may be critical for the future of our economy, but it also raises important privacy and security concerns.

What can you do to ensure the safety of your personal information on the Internet? E-mail The odds of someone intercepting your e-mail are very small (after all, how many of us lead such interesting lives?), but it's a good idea to treat e-mail as you would a postcard, and never include any sensitive information such as your credit card number.

Remember those magic encoder/decoder rings? If you do need to e-mail any sensitive or personal information, you should use a strong encryption program such as PGP (Pretty Good Privacy - www.pgp.com), which integrates seamlessly with most popular e-mail software. Encryption programs scramble or encode the information contained in the e-mail so that it can only be read by the intended recipient. Anyone who intercepts an encrypted e-mail will not be able to decode it.

Surfing the Web: Before you send any personal information to a website, look for a privacy policy that tells you what happens to the information that is collected. If you are shopping online, make sure you are submitting your payment information securely (look for the locked lock or unbroken key icon on your browser).

Cookies: A "cookie" is a small piece of information that a web server stores temporarily in memory until you exit your browser, and then saves in a cookie file on your hard drive. Cookies may contain passwords and user IDs, so that you do not have to keep retyping them every time you load a new page at the site that issued the cookie, or they may keep track of your shopping preferences. A cookie file is not a secret way for a web server to find out everything about you and what you have on your hard drive. The only way that any private information can get in your cookie file is if you personally gave that information to a web server in the first place. You can set your web browser to warn you before accepting a cookie, you can delete your cookie files regularly, and you can even turn cookies off. You will find more answers to your cookie questions at Cookie Central (www.cookiecentral.com).

Beyond cookies, there are other means of tracking web surfers. Every time you log on to a website, you give away information such as your Internet Service Provider, operating system, the type of browser you're using and more.

You can stop this flow of information by surfing anonymously through Anonymizer (www.anonymizer.com).

For more information on security and privacy on the Internet, visit the Electronic Frontier Foundation (www.eff.org), an organization dedicated to protecting rights and promoting freedom in the electronic frontier.