Knowing You All Too Well

Early in George Orwell's "1984," one scene exemplifies a world without privacy. Ostensibly alone in his squalid London flat, Winston Smith turns his back to the telescreen trained on him, though "as he well knew, even a back can be revealing." He wants only to begin writing a diary--an act, however, punishable by death. He hesitates over his pen. "There was of course no way of knowing whether you were being watched at any given moment," Smith realizes. It was Orwell's bleak vision of the future.

He was wrong. It's not government that threatens privacy today; it's Internet commerce. The Web has evolved into a marketplace, and in the process transformed privacy from a right to a commodity. High-speed networking and powerful database technologies have made it possible for businesses to amass, quickly and at low cost, a wealth of personal information on nearly 200 million Americans, especially the 40 or so million who cruise the Web.

You want a list of people in the wealthy Westchester County suburbs of New York, sorted by household income and "lifestyle interests"? No problem. Go to, which will charge you as little as 16 cents a name, no questions asked. You want to know if a potential business partner has a history of bad credit or fraud? Hundreds of investigative sites, such as, will oblige. You want to buy the executive travel records of your competitor, so you can figure out not only where they're going but whom they're meeting with? Companies that do "competitive intelligence" can mine the database, as the giant accounting firm PricewaterhouseCoopers recently found out to its chagrin.

As a medium of open standards in constant flux, the Internet is inherently vulnerable. Breaches of security are common. Many are accidental: in August 1997, the giant credit bureau Experian (formerly TRW) began offering online delivery of credit reports, but shut down the service two days later, after learning that due to a sequencing problem in the software, seven out of 106 first-day applicants received someone else's report. (Experian today does not offer reports online, but other companies, such as, do.)

Other breaches are deliberate. A particularly disturbing example is identity theft. Someone acquires basic personal information about you, perhaps from an online data warehouse. Then he takes advantage of the medium's impersonality ("No one knows you're a dog on the Internet," as a famous New Yorker cartoon put it) to impersonate you. In January, for example, the Federal Trade Commission charged eight California businesses with billing consumers for unordered and fictitious Internet services, using their credit-card account numbers. It's a growing problem. Earlier this month, the Computer Security Institute released a study showing that losses due to Internet security breaches, including identity theft and theft of proprietary information, exceeded $100 million in 1998.

In the United States, unlike in Europe, there is no law of data privacy for anyone older than 12. The industry is essentially unregulated, and an FTC survey last year found that 85 percent of Web sites collect some personal information from visitors, but only 14 percent had posted privacy policies. FTC Chairman Robert Pitofsky has warned direct marketers that failure to adopt meaningful pledges by this summer will lead to federal regulation. The Direct Marketing Association is urging its members to comply, but mere formal compliance may not be enough.

Last summer, for example, GeoCities, a Web portal that claims nearly 20 million visitors a month, sold to outside marketers information solicited during its registration process, despite an explicit online assurance it would not do so. The data included demographic information such as income, education, marital status, occupation and personal interests. The FTC charged GeoCities with "misrepresenting the purpose for which it was collecting personal identifying information from children and adults," and in a settlement the company agreed, while denying wrongdoing, to strengthen its privacy protections. "If a corporation doesn't have a culture of privacy, it's not going to work," says Mary Culnan, a Georgetown University business professor who is conducting the 1999 survey of Web privacy policies. "And creating that culture is expensive."

Marketing imperatives place ever greater strains on privacy. It's not just that technology collates existing information like public records in new and faster ways. It also creates new kinds of information. One of the most interesting is "clickstream" monitoring, a page-by-page tracking of people as they wander through the Web. Your clickstream reveals your interests and tastes with unnerving precision. (Did you go from to a Volvo dealer's Web site? Did you then buy some brie from, the online grocery? You may be one of those limousine liberals we've been hearing about.) And when Web merchants combine clickstream analysis with another new software technique known as "collaborative filtering," which makes educated inferences about your likes and dislikes based on comparing your user profile with others in the database, they have a marketing tool of high potential not only for customer satisfaction but also for abuse. "The problem," says Lawrence Poneman, "global leader" for compliance risk management at Pricewaterhouse, "is that we have developed technologies that leapfrog [previous] norms of information use."

At the same time, Web merchants look to technology to solve some problems of their own, notably customer authentication. They need to know you are who you say you are, and Internet anonymity makes that difficult. The Pentium III chip was intended as one possible solution. In its initial version, each chip had a unique ID number that could be read remotely by a Web server. The machine, if not the actual user, could then be associated with clickstreams and other identifiable information. Privacy advocates like Jason Catlett of promptly launched a boycott, which caused Intel to beat a partial retreat by disabling the ID feature. The question, though, is whether merchants will eventually require online customers to turn the number back on as a condition of doing business. "If it becomes widely accepted... people who don't have it will be marginalized in the way that people without credit cards are marginalized at car rentals," says Catlett.

Justice Louis Brandeis famously defined privacy as "the right to be let alone," but in a networked world, that seems increasingly anachronistic. The Internet makes possible individually targeted marketing, so that is what we will have, in one form or another. Marketers will continue to rely on personal data, so for most consumers, the choice is how much information to surrender, and on what terms. One possibility: the merchant pays to use your data, or at least gives you a discount. After all, your information is your property; why should someone else use it to create value without sharing the proceeds?

Still, it would be naive to downplay the shrinking of the zone of privacy, or what longtime privacy advocate Arthur Bushkin calls the "tightening of the slack" in society. "The Internet is... not just a change in scale or speed, it's a qualitative change," says Bushkin, CEO of Pace Financial Network, a Web enterprise. "A car is not just a faster stagecoach. Data collection before the [network] computer was like the stagecoach; data collection afterwards is like the car. This is a new problem, not just more of the old one." The time to decide what to do is before the next technological leapfrog.

How to Hide From Prying Eyes

The current mantra of Web-site operators is "personalization," presented as user convenience but a benefit to marketers, too. If you don't want to get quite so personal, here are some things to think about: