(2 of 8)
It has been two years since Sun Microsystems CEO Scott McNealy delivered his famous warning: "You have zero privacy [on the Internet] anyway. Get over it." Privacy advocates resisted that pessimistic assessment at the time. But since then, hardly a week goes by without a news story suggesting McNealy was on to something. Russian hackers breaking into e-commerce sites to steal credit-card numbers. Rings of Nigerian identity thieves. Cyberstalkers.
Just last week, Microsoft conceded that all versions of Windows 2000, and early "beta" versions of its new XP operating system due out this fall, have a "serious vulnerability" that lets hackers take control of victims' machines. Microsoft, which is making patches available for Windows 2000, has urged consumers to "take action immediately" to fix the glitch. And it is promising to cure the problem before XP's rollout.
Internet users are well aware they are trading off privacy when they dial up their modems. In a recent TIME/CNN poll conducted by Yankelovich Partners, 61% of respondents said they were "very concerned" or "somewhat concerned" that information about their Internet usage was being collected without their knowledge.
Yet websites that track users' movements are the least of it. Privacy advocates and law enforcement are homing in on nine areas--from spyware to identity theft--where they say the Internet's threat to privacy is the greatest. Here are the nine, followed by 10 ways individuals can defend themselves (see box):
1 SOMEONE MIGHT USE THE INTERNET TO STEAL YOUR IDENTITY
When police arrested Brooklyn, N.Y., busboy Abraham Abdallah in March, he had Forbes magazine's issue on the 400 richest people in America, plus Social Security numbers, credit-card numbers, bank-account information and mothers' maiden names of an A list of intended victims drawn from the issue, including Steven Spielberg, Oprah Winfrey and Martha Stewart. Abdallah is accused of using websites, e-mail and off-line methods to try to steal the celebrities' identities and make off with millions in assets. One scheme that was caught in time: he allegedly sent an e-mail purporting to come from Siebel Systems founder Thomas Siebel to Merrill, Lynch, directing that $10 million be transferred to an offshore account. (Abdallah, who has yet to be indicted on federal charges, denied all wrongdoing at the time of his arrest.)
Abdallah's high-profile arrest brought national attention to identity theft, which the FBI says is the nation's fastest-growing white-collar crime. An estimated 500,000 Americans have their identities stolen each year. A sign of the times: at least four insurance companies now offer ID-theft policies. The Privacy Rights Clearinghouse, which works with victims, says it takes an average victim of identity theft two years to clear his credit rating. A growing worst-case scenario: "criminal-identity theft," in which thieves use the stolen identity when they are arrested, leaving their victims with a criminal record that can be difficult to expunge.
Most identity theft still begins off-line, often in such low-tech ways as a criminal sifting through garbage to find an unwanted preapproved credit card. But once an ID theft is under way, the Internet can make the work considerably easier. A particular problem: fast-proliferating websites that sell fake IDs.