Internet service provider Earthlink and Webroot Software recently monitored more than one million Internet-connected computers over a three-month period and found an average of 28 spyware programs on each computer. Most of the programs found--29 million of them--were cookies or harmless adware programs that display advertising or track web surfing.

 

However, the scan detected more than 184,000 Trojan horse programs and a similar number of system monitoring programs--such as key-logging software--in more than 30 percent of the computers. But the worst news is that the scan found more than 300,000 instances of programs that are capable of stealing personal information or providing unauthorized access to computers. These findings underscore that using the Internet places us all at risk for identify theft and other crimes of computer invasion. .

 

Spyware programs are sometimes surreptitiously bundled with software the user downloads voluntarily, such as peer-to-peer file-sharing programs. Once installed, they run invisibly in the background and can be difficult to detect and remove. But they also can be installed by websites that exploit weaknesses in Internet Explorer (“drive-by” downloads).

 

Most spyware and adware programs are benign, designed mainly to gather web-surfing habits in order to design targeted advertisements or to assist in market studies. But even at best, installing such programs without the user’s knowledge and consent is an invasion of privacy. 

 

Consider this: if someone secretly installed a GPS unit in your car that recorded everywhere you went, whether to the gym or your job or the grocery store or your favorite pub, surely you would be outraged, regardless of how the information was used. Certain parts of your life need to remain private; they are nobody’s business but your own.

 

Some measure of control may be on the way. Pending legislation in Congress would prohibit the installation of software on a computer without notice and consent, and would require easy ways to remove it, but so far there seems to be little support for it. Utah enacted anti-spyware legislation last month, and state legislatures in California and Iowa are considering action.

 

However, at an FTC workshop on April 19, Commissioner Mozelle Thompson said many spyware applications are already illegal under existing laws against consumer fraud and identity theft. Making the issue even more complicated is the fact that defining what spyware is or is not is a difficult task. For example, cookies are spyware under some definitions, but are almost always not only harmless, but useful to the user by simplifying access to websites they visit often.

 

These points fail to address the much more important fact that the source of most spyware is overseas. As I repeatedly point out in this column, the Internet is a wide open frontier, and a global one, where laws made in this country are largely ineffective against operatives working in Asia. I use tracking software to trace the sources of ‘phish’ emails, and it almost always takes me to an ISP in Asia that states they have no responsibility for how the IP addresses they sell are used.

 

How you can protect yourself

 

So I repeat again that you are on your own, just as if you were living in the Old West, where the only protection you could count on was what you could provide for yourself. It’s up to you to watch your back. Here are some things you can do to protect yourself:

 

First and foremost, don’t keep any key personal information that is not encrypted on your computer. This includes all your numbers for credit cards, bank accounts, Social Security, driver’s license, accounts at stores where you shop, and anything else that can be exploited by a hacker.

 

There are a number of programs available that will safekeep this information for you. My choice is RoboForm, which installs as a toolbar on your browser and saves all your user names and passwords in addition to the info above, and can be customized to save any kind of privileged information you want to keep there. A bargain at $30 after a 30-day free trial.