Fear Not the Internet

Opinion: Shying away from the Web to protect your ID may do more harm than good.

When some new disease or potential epidemic hits the newsstands, people inevitably start doing things they think will protect them.

Of course, this isnt anything new—people always react strangely when a threat emerges. And the things people do to ward off new threats are usually simply amusing—such as not eating cooked chicken to prevent catching bird flu. But sometimes people react in a way that can actually cause them more harm than if they simply carried on their lives as usual.

When the mosquito-carried West Nile virus first hit the news in the Boston area several years ago, many people were afraid to go outside, especially around dusk. A story in one of the Boston newspapers quoted a mother who was so afraid of West Nile virus that she wouldnt let her kids play outside, instead having them run up and down the stairs of their apartment building to get exercise.

/zimages/1/28571.gifClick here to read about how Web threats are keeping users away.

As far as I know, none of her kids tripped down the stairs and got seriously injured. But the risk of that happening was astronomical compared with the fairly remote risk of contracting West Nile.

As it turns out, this kind of response isnt limited to the physical world. On the Internet, people react to hyped fears in much the same way.

A recent study of 1,500 people done by Consumer Reports WebWatch focused on the threat of identity theft and asked how it affected respondents use of the Web. According to the study, 30 percent of respondents had cut back on their Internet usage and 25 percent no longer purchased items online for fear of ID theft.

Now, dont get me wrong. Im all in favor of being aware of the dangers to your personal information on the Web and of being vigilant about protecting that information. But if people think that the Internet is their main area of risk when it comes to ID theft, theyre walking across a busy road with blinders on.

Last year, several events made big news when hundreds of thousands of users credit card data was lost, found its way into the hands of thieves, or both.

These events, which involved major banks and credit card processing facilities, were clearly major disasters. But did they have anything to do with Internet use? For the most part, no.

In almost all these cases, any person who used a credit card anywhere—even the local grocery store—was at risk. In fact, in some of these cases, data was at risk even if you owned a card but never used it. Thats because the data that was compromised in these cases was stolen far at the back end of the purchase process and was exposed due to negligence or mistakes on the part of the data caretakers. And no matter how much care a person takes when shopping—in the brick-and-mortar world or on the Web—these will always be the real areas of risk because they will always be more attractive to thieves looking for a big score.

The lessons to be learned in these cases were on the corporate side, and, hopefully, the companies that found themselves in compromised positions have made appropriate changes. Companies that take care of customer data need to take every step possible to make sure that their systems, processes and procedures are secure both from dedicated attackers and from human error.

But for those worried about using the Web, lighten up. In most cases, Im much more comfortable handing my credit card information to an online retailer than I am to a person. (Ever wonder why a waiter or clerk is gone for so long with your credit card?)

And, in this day and age, do you really want to be cutting back on your Internet use? If youre looking for studies, there are plenty of digital-divide statistics that show that savvy Internet users have it all over those who dont use the Internet or who use it ineffectively in shopping, education and other areas.

Falling behind on the Internet may not hurt as much as falling down the stairs, but it will still hurt.

Labs Director Jim Rapoza can be reached at jim_rapoza@ziffdavis.com.

/zimages/1/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.