Study: U.S. residents at risk for online exploitation

IDG News Service - U.S. Internet users are dangerously ignorant about the type of data that Web site owners collect from them and how that data is used, according to a new study by the University of Pennsylvania's Annenberg Public Policy Center.
The lack of awareness makes U.S. Internet users vulnerable to online exploitation, such as misuse of personal information, fraud and overcharging, the study said.
Titled "Open to Exploitation: American Shoppers Online and Offline," the study was released today (download PDF). It involved 1,500 adult U.S. Internet users who were asked true-or-false questions about topics such as Web site privacy policies and retailers' pricing schemes. Respondents on average failed the test, answering on average fewer than 7 out of 17 questions correctly.
Interviews for the study, conducted between early February and mid-March, yielded some findings that the authors consider alarming. Those findings include:

• Seventy-five percent of respondents wrongly believe that if a Web site has a privacy policy, it won't share their information with third parties.


• Almost half of the respondents, 49%, couldn't identify "phishing" scam e-mail messages, which information thieves dress up to look as though they come from a legitimate company, such as a bank or store, to lure users to enter sensitive information. Requested information might include Social Security numbers, passwords and bank account numbers.


• Sixty-two percent of respondents didn't know that an online store can simultaneously charge different prices for the same item based on information it has on different shoppers, a practice that can make users into victims of what study authors call "price discrimination."

• The U.S. Federal Trade Commission should mandate that Web sites replace the term "Privacy Policy" with "Using Your Information" to combat users' misconception over Web sites' pledges not to share their information with third parties.


• Consumer education and media literacy should be taught in elementary, middle and high schools in the U.S.


• By government decree, online retailers should disclose what data they have collected about customers, as well as when and how they will use that data.