Consumers are their own worst enemies when it comes to protecting their privacy online, according to experts and privacy advocates. They use their names as passwords, don’t update their anti-virus software, and don’t install firewalls to keep hackers out of their home PCs. They want the government to protect them from Internet fraud, but not if it means Big Brother is watching their every keystroke and mouse click.
But either they should do something or the government must, say experts at a U.S. Federal Trade Commission conference in May. And government agencies and private organizations alike prefer that people take more responsibility for their own security.
The event was part of the FTC’s battle to protect consumer privacy through technology and to fight digital crime and nuisances, including spam, that clog the engines of e-commerce.
“We put computers in all the schools, but we’re not teaching kids cyber-citizenship or cyber-security,” says Larry Clinton, chief of staff at the Internet Security Alliance. The alliance is a non-profit research forum affiliated with Carnegie-Mellon’s CERT security centre.
What’s more, say experts, a “privacy paradox” exists in which consumer behaviour undermines their security interests.
For example, the nation’s identification systems — such as birth certificates and Social Security numbers — are “cobbled together” in different databases maintained by various agencies. But “hook them all together, and we start freaking out about national identity schemes,” says Richard Purcell, chief executive officer of the Corporate Privacy Group, a privacy-issues consulting firm.
Consumers “hate the weaknesses of the system” but reject government protection systems that might infringe on their civil liberties, Purcell says.
Identity fraud is the fastest-growing U.S. financial crime, partly because hackers can access massive amounts of data on the Internet, according to FTC research. Criminals hack into networks and steal identities and credit card numbers from the digital pools of information held by corporations and individual PCs.
That reservoir of data is growing exponentially, as more people shop, bank, and make travel reservations online.
For example, online purchases using Visa credit cards now account for seven per cent of the company’s retail transactions. Online usage has tripled since 2000, says Mark MacCarthy, Visa USA senior vice president for public policy.
However, 15 per cent of Visa’s total losses stem from Internet purchases made with stolen credit card numbers.
Experts say consumers simply must become savvier surfers. Too often, consumers trust a Web site based on its colours and design, not its content. They frequently skip over the dry but honest privacy policies that legitimate businesses post, according to a Consumer Web Watch Survey in 2002.
“National security demands [that] consumers, government, and industry protect personal privacy,” says Mary Culnan, an information technology professor at Bentley College in Boston. In fact, suggestions for ways individual users can help secure the Internet is part of the administration’s National Strategy to Secure Cyberspace.
But “all the software [protection] in the world is not going to change people’s behaviour,” Culnan warns.