So you clicked on a certain picture or perhaps you’ve included ice fishing as one of your interests. Other people will probably find out.
The tales of sites tracking their users’ actions or pimping out personal information to marketers are becoming more commonplace. For the most part, though, this type of information exchange has become a tolerated side effect of life online.
But there are some types of information that consumers expect sites to keep private. Consider the number of times people save credit card information online, or enter bank account numbers into budgeting sites. Even the contents of our e-mails and Google Docs, which are all stored in cyberspace, are assumed to be safe from prying eyes.
Yet protection of even consumers’ most confidential information is sometimes lackluster, leaving those who share their information with online sites vulnerable to identity theft. Hackers aren’t the only problem.
Disclosure of private information may be due to actions of the very service providers entrusted with your information. Most Internet sites promise tough security and privacy policies; however, these protections may be exaggerated, according to Identity Theft 911, an identity theft resolution company. They warn against some of the dangers of cloud computing — in other words, storing data online rather than locally on your computer.
One problem is that some company privacy policies only protect what they call “personally identifiable information,” which includes a person’s name, Social Security number, date of birth and mother’s maiden name. Yet other sensitive tidbits fall outside this category. For example, bank account numbers and home addresses may not be included in the definition.
Even when service providers share seemingly innocuous details, over time, it may provide thieves with all the information they need.
“The identity theft problem continues to escalate, in part, because it’s too easy for companies to collect personal information and too difficult for individuals to safeguard it once it’s in someone else’s possession,” said Marc Rotenberg, executive director of the Washington D.C.-based think tank Electronic Privacy Information Center, in the Identity Theft 911 July newsletter.
Another drawback to cloud computing is the ease with which others may be able to access your e-mails and private documents. Though the Stored Communications Act is designed to safeguard online communications, loopholes allow anyone to sift through your communications as long as the service provider gives them permission. You have no say in what happens to these documents.
“This means that even if the author has not authorized anyone to access his or her private documents, a lot of people could still be looking at them, copying them and doing whatever they want with them,” said David Johnson, a Los Angeles attorney specializing in commercial and digital media law, to Identity Theft 911.
By 2020 most people will complete their work online rather than using software that runs locally on their computer, according to Pew Research Center’s Internet & American Life Project and Elon University’s Imagining the Internet Center. Since it’s nearly impossible that you will be able to avoid the cloud — the Internet — forever, how should you protect yourself?
I wish there were some magic way to avoid becoming yet another identity theft casualty. There isn’t, though. A lot of the recommendations provided are just repeats of other advice designed to keep you safe:
- Find out what happens if you stop using a particular site. Do they retain rights to the information you’ve stored there? Do you mind if this happens?
- Less is more protection for your identity. Keep as much personal information offline as possible.