Rima Berzin recently inherited a laptop computer from her husband and began an intense two-day honeymoon with the Internet. She went all the way: buying jeans at Gap, browsing for books at Barnesandnoble.com, and registering for Martha Stewart's online journal. While Berzin was shopping, something very un-Martha happened: Her spree left muddy digital footprints all over the Net.
Berzin, a Manhattan mother of two, is like a lot of other Americans just stepping onto the Web. When a friend told her how much personal information she had swapped for the convenience of home shopping, she was angry at first, then confused. On Berzin's first visit to Gap, hidden files called "cookies" were deposited on her computer. Other software programs whirred into action to track and analyze her online behavior. Marketers didn't know her name at first, but the anonymity evaporated when Berzin made her first purchase. "You can say no to being tracked," says the former strategic planning executive, "but it takes a great deal of work, and sometimes it pays to say yes."
"GET OVER IT." No one hacked Berzin's credit card or stole her identity. Such crimes are still rare on the Net. The apprehensions that engulfed Berzin are more far-reaching than fear of theft and resonate across society. Personal details are acquiring enormous financial value. They are the new currency of the digital economy. Indeed, a $50 billion freight train called electronic commerce is bearing down on Berzin and millions of consumers now venturing forth on the Net. That train is powered by an insatiable need for personal information--details about what individuals do online that help businesses zero in on customers.
This train is on a collision course with consumer sensibilities. Personal information is vulnerable to abuse. Failure to apply checks and balances today will change our lives and our notions of what belongs to us as individuals. "The ability to establish a digital trail is unlike anything we've had so far in history," says Constance E. Bagley, a Stanford University lecturer in law.
As companies race to collect personal data and exploit them, consumers are being confronted with urgent trade-offs and choices about how to cover their tracks in cyberspace--or whether they should. If they decide not to hide, how should they be compensated for the information they reveal? Businesses also face arduous trade-offs. Rightly, they fear a backlash over breaches of privacy. Cries for regulation have already reached Washington. If consumers like Berzin opt to conceal themselves or bolt from the Net or bind it in new laws, E-commerce could choke in its infancy.
By slapping high prices on personal information, E-business adds a frightening new dimension to the privacy debate. That fear extends across society. Hospitals and schools, for example, are constructing vast national databases with everything from your child's fourth-grade report card to the unique twists and turns of your DNA. Businesses want that information, and in the online world--where virtually every piece of data is for sale--they will probably get it. "You already have zero privacy. Get over it," Sun Microsystems Inc. CEO Scott G. McNealy glibly noted at a recent computer-fest.
Most Americans might find that hard to swallow. Many are starting to understand that what companies discover can hurt them. First comes the nuisance: a blizzard of junk mail. Then come the real dangers: Companies on the Web that know consumers' shopping habits and history can engage in sophisticated kinds of discrimination. If a business finds out that you, for example, are not a big spender, it may leave you dangling on help lines, refuse to notify you of juicy deals and discounts, or cut you off as a customer. And you won't even know you've been a victim. "It's very hard to show the discrimination occurred because somebody had access to personal information," says Deirdre Mulligan, staff counsel at the Center for Democracy & Technology in Washington.
Then there's the danger that the discrimination could be based on information that is false or out of date. "There hasn't been a data system built yet that is not fraught with inaccuracy," warns privacy activist Robert Ellis Smith. Even when information is correct, it may be damaging--and none of anyone's business. Digital trails that imply or prove that you have AIDS, for example, could cause employers or insurers to snub you. Suppose you're a college student accused of date rape, says Jason Catlett, a privacy advocate. "What happens when the prosecutor finds out that you were on a porno site the night before?"
To get consumers protection, privacy advocates have been mobilizing politicians, leading to scores of federal and state privacy bills. A few are calling for tight government controls on personal information. (Europe stiffened such safeguards last fall.) E-businesses can't abide these regulations, worrying that such steps will cost them money. So they are trying to police themselves. Many popular sites post privacy policies and increasingly sport seals of approval from the Better Business Bureau and others, which purport to verify adherence.
But all these efforts come up short--in part because life on the Net is so complex. Information you willingly share with one company may be sold without your knowledge to somebody else. Privacy pledges posted on Web sites have limits and may not be enforced. Your personal data can become the property of strangers through subpoenas, corporate mergers, police investigations, or hacker attacks. And the results of your latest medical exam could turn up in the hands of a potential employer.
One reason simple protective measures fail is that consumers aren't sure they want them. Although they are worried that their privacy may be violated, they realize that personalized service on the Web can be very attractive. A Web site that recalls your tastes and buying habits can save you time and find bargains that suit you. What you see may depend on where you live, where you browse, what images tend to hold your eyeballs, and whether you have the loot to do more than look.
THE HOOK. As a result, consumers send confusing signals. One day, they are up in arms over Intel Corp.'s ability to track Web surfers through identifying codes on their new Pentium chips. The next, thousands race to trade their names, income levels, and hobbies in return for a Free-PC with built-in "market to one" advertising.
E-commerce, more than conventional business, needs this personal connection for several reasons. First, despite their lofty stock valuations, Web-based businesses with little or no earnings can't afford to constantly solicit new customers. They need repeat business. At Excite Inc., for example, customers who exchange tidbits about themselves in return for a personalized experience--in the form of selected news, movie listings, local weather, etc.--return to the site roughly 20 times more often than those who don't, says Joe Kraus, Excite's co-founder and senior vice-president.
Armed with loyal customers, Excite can then pile on additional services and boost its income. It can offer advertisers banner ads and "pop-ups" aimed only at the customers deemed most likely to respond. Sites can also earn commissions for routing customers to other locales. For example, visitors to technology review pages at CNET Inc., a news site, may click through to a computer company and purchase a PC. CNET gets a flat fee for each customer.
Customers' data will become more valuable as databases from various sites are linked. That includes information from cookies, the files that many sites deposit on your hard drive when you visit. These files, which identify you when you log on, were initially designed to communicate only with the site that deposits them. Now, though, online marketing firms with names like DoubleClick, AdKnowledge, MatchLogic, and Engage may merge data from multiple cookies. That, in turn, can be collated with personal information scattered among census and motor-vehicle databases, credit reports, education and health records, and toll systems such as E-Z Pass.
As they consolidate their reach across these offline databases, Web sites may also apply powerful software tools to monitor and make money from the buying and browsing habits of their visitors. For years, banks and telecom companies have been using technology called data mining to track customer trends and spot fraud. Now, the tools are getting more powerful, and they are moving onto the Web.
These tools are becoming available just as massive databases are consolidating. Experian Information Solutions Inc., the giant credit-report company, has a stake in online marketer AdForce Inc. Meanwhile, an information aggregator, Acxiom Corp., is hawking data on more than 176 million individuals and 96 million households. "They follow you more closely than the U.S. government," says Anthony Picardi, top software analyst at International Data Corp. Adds Thomas F. Kelly, president and CEO of Neuron Data Inc., a Silicon Valley maker of customer-tracking software: "The privacy trade-off is the dirty little secret that everyone in the business thinks about and talks about to each other but never brings up in public."
Consumers have caught a whiff of these secrets and don't like the smell. In a November Louis Harris & Associates Inc./Alan F. Westin survey of 1,000 adults, 82% complained they had lost all control over how their personal information is used by companies. Three out of four said businesses asked for too much information. And though millions of consumers bought gifts on the Web last Christmas, a BUSINESS WEEK/Harris poll last month showed that two-thirds of American adults are "not willing at all" to share personal and financial information about themselves online in return for more targeted advertising.
Even when it isn't threatening, personalization on the Net can get a little crass. Imagine if people fawned over you as much offline as they do online: Say you went to a restaurant with a date, had burgers, paid with a credit card, and left. It's over. But if it were online, the next time you showed up, the waitress, searching her file of private information, would say, "Hey Joe, how are you? Fran is over there; would you like to sit with her again?" Never mind that you're with another date. Then you would find out they've already cooked your burger and are ready to charge your card. When it comes to this kind of personalization online, says Tara Lemmey, executive director of the Electronic Frontier Foundation, "there's a fine line between good service and stalking."
Web startups aren't the only ones that know how to stalk. In January, Intel came under fire for designing its Pentium III chips with serial numbers that can be identified remotely on the Web. That makes it easier for users to be tracked. Two months later, privacy buffs hammered Microsoft Corp. because its Windows 98 software, used on a network, creates identifiers that are collected during registration. The result is a vast database of personal information about Microsoft customers.
"GOOD BUSINESS." Microsoft insists that the features it added were designed to improve services. But fearing a backlash, it has promised to modify the feature. It claims customers can bow out when they register for Win98, and it promises to expunge personal data it collected improperly. "This isn't just an ethical issue. Privacy is good business," says Saul Klein, a Microsoft senior manager of Web services.
GeoCities learned that lesson last year when the Federal Trade Commission accused the owners of this booming online community of selling personal information without members' consent. The site admitted no wrongdoing but agreed to implement tougher privacy policies. Says privacy activist Marc Rotenberg: "It's too easy for Web pages to turn into trick mirrors. The marketer gets to see through to you, but all you get to see is your own reflection."
When consumers see a big payoff, however, some of them are more than willing to trade their personal information. "As long as you give people something in return, they're thrilled," says Bill Gross, the Pasadena (Calif.) entrepreneur who founded idealab!, an incubator for Internet startups. In February, he unveiled Free-PC Inc. on the premise that people would part with detailed personal information and put up with a constant barrage of ads in exchange for a $500 computer. Privacy advocates mocked the proposition as a loser. But within days of announcing registration, the company fielded more than 1.2 million applications.
PECKING ORDER. Some companies use the gold mine of consumer data to discriminate against customers who don't make the grade. You might call it "Weblining." At Sanwa Bank in California, customer-service reps use Net-based programs to classify customers into A, B, and C categories. The least-valued Cs are the ones most likely to end up on hold when they call in for service. Angie Blackburn, who oversees Sanwa's phone and online banking, defends the practice. "Obviously, if we have a customer...who has a significant amount invested, you want [him or her] to be treated extra special," she says.
Weblining's grim implications are clear, however--and can be part of the software sales pitch. Makers of these tools say the onus lies with the company that uses them, not the creator. With data-mining software, "people can be segmented any way a company wants to slice and dice them," including creed, color, and religion, says Kenneth Volpe, an executive at Boston-based Art Technology Group, which sells such programs.
So far, Web marketers haven't broadened their quest for personal data to schools or hospitals. But it may be inevitable. Think of the advantages if they could hit you with ads for special foods for your diabetic aunt or Web-based tutoring for your struggling teenager. "If you are a business, data in health records add up to one big sales opportunity," says Dr. Richard Epstein, a psychiatrist in Bethesda, Md.
School districts from New York to Oregon have begun replacing old stand-alone computers with high-speed networks, each with the ability to profile and track students. One day, these networks will connect to a nationwide data-exchange program organized by the Education Dept. to boost school efficiency and pinpoint the sources of learning problems. The program will make student information available to other schools, universities, government agencies, and, potentially, to employers. It's not just the three Rs. Now, it can be parent income, health problems, and meetings with the school shrink. Gayle Cloud, a mother of six in Riverside, Calif., finds this alarming. "They want to track my children from cradle to grave," she says.
The medical parallel to this is even more disturbing. Pressed by health-maintenance organizations, hospitals are struggling to rein in costs, and they are loading up on information technology to help. As health records are linked to financial, employment, and managed-care databases, they can be hacked or transferred to outsiders when HMOs or hospitals merge or are dismembered by creditors. "If you have a medical record, you have a medical privacy problem," says Senator Patrick Leahy (D-Vt.), the chief architect of a closely watched medical privacy bill.
Consolidating this data in one place makes it more vulnerable to theft or abuse. Says Joe Pellegrino, manager of database administration for New York Presbyterian Hospital: "There's no question this is leading to a national universal medical database." Already, hospitals exchange data on individual patients, he says. "The next step is to take these statewide databases, containing details on your allergies, your mental health, or your sexually transmitted diseases, and make them accessible."
INFO BROKERS. There are, however, many jarring trade-offs in the medical-privacy debate. When managed right, medical data in digital form cut health-care costs, hasten and improve diagnoses, and reduce cases of prescription mix-ups. Computers also help administrators track doctors and spot unprofessional behavior. In genetics, digitized DNA repositories help scientists searching for links among genes and diseases--just as they help the FBI collaborate on manhunts across continents. Down the road, doctors will tailor drug treatments to patients' total medical profile, including their genetic makeup.
Even so, many Americans are deeply concerned about medical-data abuses. Neither doctors nor patients want records to leave the doctor's office except where necessary for insurance purposes. "Your doctor took the Hippocratic oath," says Robert Gellman, a privacy consultant in Washington. "The CEO of your health plan did not."
These concerns now have Washington's ear. Leahy's medical bill would give patients the right to limit disclosure of their medical records to those with a need to know. And in the financial arena, Senator Paul S. Sarbanes (D-Md.) and others are trying to regulate the sale of customers' records and the swapping of records in mergers.
E-businesses see regulation as the wolf at the door. The Online Privacy Alliance has mobilized more than 80 companies and trade associations to fight back. About 500 companies are already displaying a "trustmark" seal of approval from TRUSTe. Recently, the Better Business Bureau added its own seal of approval. In addition, the Net is spawning the "infomediary"--an information broker that protects Web users' privacy or barters it to find them bargains. The trouble is, infomediaries, like other Web businesses, must cough up their lists as soon as a cop or bankruptcy judge comes knocking.
Techies are at work on solutions to protect privacy. None of these efforts seems a silver bullet. David J. Farber, Moore Professor of Telecommunications at the University of Pennsylvania, believes nothing short of Europe's privacy directive will suffice. "Maybe you don't feel threatened in today's political climate," he says, "but imagine if this type of information and the tools to tap it were in the hands of a Joe McCarthy."
Sure enough, the secret codes, cookies, and digital trails are proliferating by the millisecond. Most of us have already surrendered more personal details than we could ever imagine. Cybernauts have one thing on Joe, though: The Net is a grand communications channel that returns a modicum of power to consumers. If you doubt it, note how quickly Microsoft and Intel backed off when a cry went out on the Web. Now comes the hard part: figuring out what we can get for the information we give.