Privacy on the Internet has become a much debated topic. One example of why this has occurred was revealed in a study conducted by the California HealthCare Foundation (CHCF) (www.chcf.org). CHCF studied the use of health information provided to 21 of the most heavily used health-related Web sites. The report stated that visitors to health Web sites did not remain anonymous because the sites shared the visitors information with third-party advertisers. These advertisers could "build detailed, personally identified profiles of individual's health conditions and patterns of Internet use."

     A major source of trouble with online privacy stems from the use of "cookies." A cookie is a message given to a Web browser by a Web server that is then stored by the browser in a text file called cookie.txt. The primary purposes of the cookie include identifying the user, storing data and helping to prepare a customized Web page for the visitor. Web sites also use cookies to help with online sales or services, to track popular links or demographics, and to help programmers keep the Web site on the cutting edge of the surfer's interests. Generally, you need to visit a site before you receive a cookie from that site.

     A recent controversy stems from DoubleClick's use of information they have gathered on Internet users. DoubleClick is an Internet advertising company that merged last year with Abacus Direct, a direct-marketing company. As a result of this merger, DoubleClick has the ability to combine information on Internet users, such as IP address and sites visited, with offline information for Abacus' files such as name, address and catalog purchase history. Generally, other market research firms collected anonymous information that could not be linked to any person because it was placed into a pool of data. However, cookies placed on computers by DoubleClick were assigned a unique number that DoubleClick could then follow around the Internet through the cookies. This information could then be acquired via subpoena by a variety of people including the police or anyone who filed a lawsuit against an Internet user. Privacy advocates mention George Orwell's book "1984" and "Big Brother" as they discuss DoubleClick's plan.

     Marketers want to track where an Internet user has been on the Web and share this information with companies who can in turn use targeted advertising. Privacy advocates see this as an opportunity for companies (even companies the Internet user has never heard of) to keep track of their Web moves. In DoubleClick's case, many Web surfers who have received cookies from DoubleClick may never have even heard of it.

     DoubleClick did not see a problem with its approach and in fact claimed consumers were benefitted because they were provided with more useful advertising. In response to DoubleClick's actions, the Federal Trade Commission (FTC), New York and Michigan launched investigations and various groups filed lawsuits. Michigan filed suit to prevent DoubleClick from placing cookies on Michigan consumers' computers without their permission. Since then, DoubleClick has stated that it would not combine "personally identifiable information to anonymous user activity across Web sites" until the government and the advertising industry establish privacy standards.
 

What can you do if you do not want cookies?

     There are a variety of things. You can simply delete the cookies from your computer, but this still allows cookies to be placed on your computer. You can set your browser to reject cookies. Unfortunately, some sites will not allow access unless they can place the cookie on your computer. Another approach is to opt out of letting your information be shared with third parties. In fact, DoubleClick took out full-page ads in several newspapers to let consumers know they can opt out of DoubleClick's monitoring by visiting www.privacychoices.org, a site developed by DoubleClick. There are many other Web sites that will help you with opting out of the sharing of your information, including www.junkbusters.com,  www.webwasher.com,   www.cookiecentral.com. You can also check with your Internet provider.

     It is also a good idea to review the privacy policies on the Web sites you visit to see what they will do with your information. Some Web sites have been certified by groups such as www.truste.org who check into the privacy policies of Web sites and place a certification seal on sites that meet their requirements.
 

Privacy, Cyber Crime, Government and Self-Regulation

     When the privacy issue is viewed in a larger context, answers are less clear. How do I protect my privacy? What do we do about cyber criminals? Who should regulate all of this? Lawmakers have responded in several ways. Senator Robert Torricelli (D-NJ) recently introduced privacy legislation that would require Web sites to actively notify visitors if cookies are being placed on their computers. In February of this year, a bipartisan group of lawmakers launched a Congressional Privacy Caucus that is intended to help create tough new privacy laws. Another bipartisan group of congressmen, lead by Asa Hutchinson (R-Ark) and Jim Moran (D-Va), wants to create a federal privacy commission to make recommendations on regulations that will apply to US companies. Other legislation before the House, includes the "Online Privacy Protection Act of 2000," proposed by Rodney Frelinghuysen (R-NJ) that would require all Web sites and Internet Service Providers to provide explanations about what personal information is being collected, how it will be used and what will be shared with third parties. The legislation would also require that users of the sites be offered a "meaningful and simple online process" to opt out of the sharing personal information. On the other hand, Internet businesses want to use self-regulation.

     While the Advisory Commission on Electronic Commerce ("ACEC"; for more about the ACEC, see "The Status of the E-Commerce Sales Tax Debate") was unable to reach any conclusions on Internet taxation, they reached near unanimity on the recommendation that Congress pass laws to protect American's online privacy.

     In regard to criminal matters, the Clinton administration created the Working Group on Unlawful Conduct on the Internet. Its purpose is to consider new laws and education programs to curb illegal Internet activity. The group stated that there is a "need for real-time tracing of Internet communications across traditional jurisdictional boundaries, both domestically and internationally [and] the need to track down sophisticated users who commit unlawful acts on the Internet while hiding their identifies." Likewise, the FBI and the Justice Department want more authority to store and analyze online data in order to protect businesses and consumers from cyber crime.

     While most people are concerned about cyber crime, many have expressed reservations about plans to trace Web surfers. House majority leader Dick Armey (R-Tx), expressed fear that tracing could be used as a "big brother monitoring program." Representative Charles Canady (R-Fla) said that Congress needs to review existing laws to determine if enough has been done to protect people from unreasonable searches and seizure. Privacy groups believe that this also calls into question the right to anonymous political speech, which was upheld in 1995 by the U.S. Supreme Court in McIntyre v. Ohio Elections Commission, 514 U.S. 334 (1995).

     The privacy issue is far from resolved. Please check back as we keep you updated on the status of this debate. For more information on this subject, please visit the sites listed on our links page. For more information on cookies, see www.cookiecentral.com.