US residents at risk for online exploitation

Filed under
Security

U.S. Internet users are dangerously ignorant about the type of data Web site owners collect from them and how that data is used, a new study has found.

This lack of awareness makes U.S. Internet users vulnerable to online exploitation, such as personal information misuse, fraud and overcharging, according a study conducted by the University of Pennsylvania's Annenberg Public Policy Center.

For the study, titled "Open to Exploitation: American Shoppers Online and Offline" and released Wednesday, 1,500 adult U.S. Internet users were asked true-or-false questions about topics such as Web-site privacy policies and retailers' pricing schemes.

Respondents on average failed the test, answering correctly an average of 6.7 questions out of 17 questions. The study's interviews, conducted between early February and mid-March 2005, yielded some findings the authors consider alarming, including:

-- Seventy-five percent of respondents wrongly believe that if a Web site has a privacy policy, it will not share their information with third parties.

-- Almost half of respondents (49 percent) can't identify "phishing" scam e-mail messages, which information thieves dress up to look like they came from a legitimate company, such as a bank or store, to lure users to enter sensitive information. Requested information might include Social Security numbers, passwords and bank account numbers.

-- Sixty-two percent of respondents don't know that an online store can simultaneously charge different prices for the same item based on information it has on different shoppers, a practice that can make users victims of what study authors call "price discrimination."

To address the problems identified in the study, the Annenberg Public Policy Center is proposing three measures:

-- The U.S. Federal Trade Commission should mandate that Web sites replace the term "Privacy Policy" with "Using Your Information" to combat users' misconception that those documents are Web sites' pledges not to share their information with third parties.

-- Consumer education and media literacy should be taught in elementary, middle and high schools in the U.S.

-- By government decree, online retailers should disclose what data they have collected about customers, and when and how they will use that data.

Source.