With the development of the Internet, privacy and ethical issues have gained momentum. From e-commerce and consumer perspective, the collection of personal information facilitates online transactions of goods and services. However, such data can be exploited by nefarious actors in order to gain financial benefit as well. Therefore, Internet users should be aware of both opportunities and risks of dissemination and misuse of their personally identifiable information (PII).
Development of information technology has caused dramatic ethical changes. While information technology is widely used, there is an abundant opportunity for individuals to use information in an unethical manner. Web has blurred the line between private and public life, legal and illegal, ethical and unacceptable. While catering for the privacy needs of some users, others put at risk of identity theft. The Internet has become an open platform both for discussions and illegal and unethical activities. Its dubious nature neither guarantees privacy of information, nor prohibits anonymous and fake access to its services.
The Internet is a virtual encyclopedia of people’s lives. It collects and stores individual’s bank, credit, and other financial accounting data, accumulates information about shopping habits, social interactions, web sites visited, etc. In addition, a great amount of personal data is stored in educational, medical, and governmental establishments’ databases. Such information is a prime target of identity thieves and other bad actors. Schneier was right to point out that “who controls our data controls our lives” (Sprague & Ciocchetti, 2009, p. 3). Even seemingly innocuous data like phone number or employment address can be exploited for financial benefit of cyber thieves. Therefore, Internet privacy is a growing concern nowadays.
There is a number of ways in which privacy of personally identifiable information may be put at risk. Primarily, thieves collect PII by tracking private communication in mailboxes, chat rooms, and even by checking letters kept in trash bins. Therefore, all emails and documents containing personal information should be securely stored or shred when they are no more needed. If there is no PII in the mail, one may be attacked with some kind of malware leading to a false login page asking to verify personal financial information. Such attacks help savvy thieves impersonate a user and ultimately steal his or her identity.
Social networking sites are especially thirsty for personal information about their users. Invention of social networks have made it easier for criminals to collect personal information directly through registration data, thus it has facilitated locating potential victims. Additionally, social networking sites are often used by malicious actors to target users more efficiently with scams (Commonwealth of Australia, 2010). Attackers can impersonate a user within a social network with the aim of obtaining the user’s personal login details (so-called phishing attack). Once the thief utilizes such attack and collects enough personal and financial information about the victim, he or she can further commit various illegal activities. The offender may break into the online banking accounts, open new accounts, and commit further crimes using the victim’s identity. Moreover, a computer hacker can impersonate an authoritative person in order to gain access to his or her business contracts or acquaintances.
Children are the most vulnerable and easy target of identity thieves. The vast majority of teenagers frequently use the Internet and social networking sites. On the one hand, online social environment provides training wheels for teenagers who are preparing to enter adult world. On the other hand, they may unknowingly share personal information and, consequently, facilitate dissemination of their personally identifiable information. Accordingly, a wide range of personal information displayed on children’s profiles has made it easier for nefarious adults locate children with the aim of grooming potential victims for sexual abuse (Choo, 2009). The anonymous nature of the web enabled them to pretend to be children in personal communication, and in such a way gain trust of their victims. The possibility to masquerade as children made it possible for sexual predators to arrange a meeting in the real world, where their genuine intentions can be revealed.
Although identity theft is growing fast, American privacy laws guarantee little protection for its potential victims. There are three primary sources of privacy law in the United States: a common law right to privacy; a constitutional right to privacy inferred from the Fourth Amendment; and specific federal privacy statutes. However, current laws provide almost no remedy for victims of data breach and identity theft. They do not provide compensation to affected individuals for potential harm. Therefore, new stronger laws are needed to protect Internet users of illegal collection and dissemination of their PII.
The Internet provides a scene where crime can take place. Therefore, many web sites and online social networks have recognized their responsibilities for creating safe and secure online environment. They create security options and successfully cooperate with law enforcement agencies in order to increase user security. However, multidimensional approach to the problem, including coordination of efforts of governments, teachers, parents, health care professionals, other private organizations, and Internet users themselves, is needed to minimize the risk of identity theft.
Security and privacy measures do not ascertain the privacy of every Internet user, thus making the concept of Internet privacy utopian. However, users should remember that they are the main stakeholders of their Internet privacy. Personally identifiable information will be stored forever in digital minds of computer information systems and, when put together, will represent a detailed picture of one’s identity (Sprague & Ciocchetti, 2009). Therefore, every Internet user should beware of what digital footprint he or she leaves, while it may be exploited by identity thieves.