With October 2011 marking the eighth annual National Security Month, this blog represents the second in a series of six blogs on digital privacy and security. Our last blog addressed the importance of antivirus software in protecting you online information and security, and this blog focuses on five online and communications nuisances – spam, unsolicited calls and texts, cookies, monster cookies and adware.
Spam: Although declining relative to “tweets” and instant messages, emails remain popular. Some acquaintances are tolerant of dumb jokes, off-color jokes or incessant talking points from annoying politicians. If friends send you more emails than you think warranted, it’s OK to ask to be removed from their mailing list or just quietly instruct your email application to treat their mail as junk or spam. The Federal Trade Commission offers some advice and encourages you to complain about spam, but it lacks authority to ban it, so read on.
Some marketers rent email-lists hoping that an attractive email might draw you to their website, or get you to launch an application that prints a coupon (while depositing a cookie and gathering information about you), or encourages you to buy select items. Most of us regard wading through unwanted adverts as a nuisance. You can delete them – preferably unread, or flag them as “spam” to train your email application that in the future they should be sent directly to the junk or spam folder and not to the inbox that you intend to read.
Some emails are more than just a nuisance – they can be dangerous. They may look like spam, but have a faked superficial “from address” that is familiar (e.g. irs.gov, npr.org or apple.com), but when you follow their instructions, it leads to ghastly results – the link you are told to follow is a scammer’s site ready to download malicious programs as soon as you reach it. You can learn to distinguish real from faked return addresses, or you can use spam filtering software (imperfect, but helpful) or you can delete emails from all senders you don’t know or expect to contact you. Diligence is important.
Unsolicited Cellphone Calls and Text. Unsolicited cellphone calls from a commercial source are annoying and may cost you money, depending on your cellular plan. If you don’t want these calls, you should add your cellphone number to the “do-not-call” registry (www.donotcall.gov), just as you would add your landline.
The situation for unsolicited emails and texts is a mess. The FCC’s rules ban sending commercial email to wireless devices if an internet address is used (i.e. one that includes the “@”), unless you and the commercial sender have a prior relationship. But, the ban does not block short messages (i.e. SMS or text messages) from anyone (of course, politicians exempt their messages from any ban). Someone thinks they have a first amendment right to harass you with texting at your expense – and our regulators fell for it. There are technical means provided by telecom carriers to help block some of the unwanted messages. That said, you should be suspicious of anyone who attempts to sell you something or gather personal information during an unsolicited cell call. If they are willing to run up your bill or annoy you just to reach you, imagine what they’ll do with your personal information!
Cookie: Some marketers rely on you to “click” on an attractive-sounding application that deposits a cookie in your computer. A cookie is a small file containing information related to your use of the application that would be a nuisance to re-enter over and over. However, by downloading these cookies, you are permitting an applications provider to store information on your browsing history. How your information is used and how long it is stored on servers has raised privacy concerns with applications providers, specifically calling for limits on how long your data should be retained. For example, after pressure from privacy advocates, Google lowered its data retention to eighteen months, and set its cookies to expire in two years, instead of the year 2038. Normal cookies are stored on your computer in a standard place and they can be erased quickly by the computer’s operating system if you request that be done. Normal cookies are not a risk to you. You can set the operating system to refuse a cookie when an application asks it to store one. After that, some applications may fail to work as expected – a reasonable consequence.
Monster Cookie: Some advertising specialists use a highly persistent cookie (surveillance cookie) that tracks which websites you visit while online. That travel history includes your preferences and buying behavior on those sites, and compiles a hugely valuable dossier for deciding what kinds of adverts you are likely to respond to. Existence of that information lets them charge advertisers a premium rate for customized adverts that you are shown. Although not unlawful, many will find this distasteful. Monster cookies are difficult to eradicate, but negative publicity about who uses them has greatly reduced their use.
Adware is software that delivers and displays adverts to your computer, and often brings spyware and other malicious programs with it. If you don’t stomp on adware, you’ll get a diet of adverts and inevitably be infected by a key-logger program (one that keeps a record of everything you type – e.g. passwords & account numbers – then sends it to criminals for exploitation). You can set your browser to block “pop-ups,” the common way adware is launched into action, or you can rely on the antivirus component of most privacy and security suites to suppress adware. Some of us use both protections.
While most of these are examples of nuances are online and communications pests, my next blog will discuss how some online criminal threats that seek to financially rip you off.
Alan Daley is a retired businessman living in Florida. He follows public policy from the consumer’s perspective.