info@pyc.net
Newsletter Archive

The Internet and Privacy

September 2004

Whether you connect online infrequently or constantly, you need to be aware of the specific risks and benefits the Internet vehicles present and the ways that you can limit your risk. This article discusses safe practices when using e-mail and enrolling at member websites. 

The Internet is a vast, complex network of services, servers and information sources widely available and used by hundreds of millions of people around the world every day. It includes telecommunication carriers, Internet Service Providers (ISPs), enterprises, governments, universities and research institutes…and you as a user.

When you are on the Internet, your online request is routed through the servers, routers and switches that form the electronic backbone of the worldwide Web (WWW). If you trace the routing of a message electronically, you may be surprised at how many unknown intermediary parties are involved as your information travels across the Internet.

Using E-mail

E-mail gives everyone the ability to exchange and share information widely and quickly… but not necessarily confidentially. E-mail can be read by anyone because you do not know how many intermediates or servers the e-mail passes through and where the content may be stored and retained.

When deciding whether you should communicate certain information in an e-mail, the simple test is: Would you send this sensitive information on a postcard in the regular postal service to this person or organization? Would you expect the recipient to reply on a postcard?

If you use the Internet to send e-mail that includes family stories, comments on the weather and other like topics and occasionally attach a picture or a joke, you are a low-risk user. However, if you use e-mail to communicate with your financial services institution about your finances and investments or to provide sensitive information such as checking your credit record, your risk would range from moderate to high, depending on the precautions you take. Generally, e-mail is a low-risk activity if you take the proper preventative measures and have installed a virus scanner on your system.

If you must send sensitive information by e-mail, consider using encryption software. Encryption (also called encypherment) is the process of encoding data to prevent unauthorized access, especially during transmission over the Internet. The encrypted information or data is unreadable and meaningless until the person with the key (password) unscrambles (decrypts) it. Someone can only unscramble the information with the password/key and compatible encryption software.

 When sending and receiving e-mail:

•  Treat your e-mail like a postcard that can be read by anyone.

•  Do NOT send e-mails containing sensitive personal, financial or private information unless you secure them by using encryption software.

•  Delete all spam e-mail without opening it. Do NOT react or respond to it.

•  Do NOT open attachments and e-mail from unknown or suspicious sources. They could contain viruses or other malicious code.

•  Integrate your e-mail software and virus scanner to ensure all e-mail is automatically scanned.

Enrolling at Websites

Some websites require you to enroll as a member, such as the websites of a hotel or car rental company, and may ask you for basic personal information relevant to the service they offer. This information may include your name, address and telephone number, credit card information and membership number to redeem rewards, such as air miles. While you may want to take advantage of member benefits such as faster check-in/check-out and special discounts, you need to be sure that these benefits do not entail risks to your identity and privacy.

When enrolling on some websites, you may be given options about whether you must provide certain personal information. This option may simply be presented in the form of a request as to whether you would like to be sent e-mails notifying you about products and special offers. A reputable website will ensure that your information, including your e-mail address, is only used for purposes to which you have agreed.

Secure websites are recognized with HTTPS before the site address instead of HTTP. The HTTPS indicates that the site is secured by SSL (Secure Sockets Layer). Depending on your browser, you may also see a closed padlock or key icon displayed that indicates the use of SSL.

When you complete your visit to a log-on website, these three simple practices can help protect your privacy:

•  Log Off

Always log off after you have completed your session at a log-on website, such as at the website of your financial services institution or web-based e-mail. If you do not terminate the session properly, someone could take it over to perform actions as if you were still online.

•  Close the Browser

Always close down the browser software when you have finished a session. When you close the browser software, you prevent the next user from simply clicking on the back button in the browser to reload your pages from cache and potentially read your financial statement, investment records or other sensitive information you may have just used.

•  Shut Down Your Computer

If you are not going to use your computer for some time, either close it down or ensure that it automatically goes into sleep or hibernation mode. This protective step is particularly important where your computer is continuously connected to the Internet, i.e., by cable or DSL (high speed).

Get Proactive

While the Information Age has brought new ways of performing day-to-day activities such as banking, shopping, and communicating, it has also created new opportunities for spying, theft, fraud and other crimes. Take proactive steps to protect your money, privacy and identity:

Be cautious about what personal, financial or private information you disclose when giving information over the Internet.

Only provide personal or financial information at websites of reputable, known organizations.

Only rely on the security practices (i.e., SSL or more advanced security) of your financial services institution, government sites and well-known reputable companies and service providers. Be wary about providing personal or tax information at other websites.