Privacy and Online Shopping

For consumers who prefer purchasing goods with some amount of privacy, online shopping offers an alternative to shopping malls and other, more-public venues. But while you may be sitting alone in front of the computer, your shopping history or passwords could be compromised by countless prying eyes. Very few things in life are truly private anymore, but you will have much better control over your privacy by understanding how your data becomes exposed online in the first place.

This article focuses on privacy issues pertaining to online shopping. See Paying Online for Goods, Problems with Online Shopping, and How Do I Shop Safely Online? for related information.

Cookies and Online Tracking

Online merchants have employed a number of different technologies designed to make the shopping experience more pleasant and efficient, with the goal of boosting sales. For example, many online retailers have the option of remembering your credit card information and collect information to get a pretty good idea of what other products you may like to buy. But this typically means you have to give something up in return, usually some amount of privacy.

When you return to a website where you may have done business in the past, even just to browse, it often "remembers" your last session. This is done using something known as "cookies," which are pieces of code left on your computer's browser that track your shopping and Web surfing habits. You can always turn off cookies in your privacy settings, but you will have to reenter passwords and will not get the personal level of interaction to which you may have grown accustomed.

You may also see advertisements on unrelated websites that closely track to search inquiries and other purchases you might have made. It's one thing if you are purchasing a pair of sneakers, but someone buying a self-help book on depression may not want that information shared. Also, privacy advocates worry that targeted ads may lead to marketing profiles of online shoppers that reveal too much about us, including personally identifiable data (such as our name, address, Social Security Number, etc.).

If you are worried about the privacy of online shopping on public or shared computers, it is best to turn off cookies while shopping.

Sharing Information When Shopping Online

As a rule of thumb, reveal only that which is required to complete your order. While social media such as Facebook and Twitter have contributed to a culture of "sharers," there are certain details about yourself that no online retailer needs to know. Retailers often try to collect additional details, such as annual household income or favorite types of entertainment, but usually just for marketing purposes. Often it is benign, but sometimes the disclosure of nonessential information can lead to spam, telemarketing calls, or worse.

Certain types of information must never be shared when making online purchases. The primary example of this would be your Social Security Number (SSN). With the abundance of other personal data that may already be online, including your birth date and mailing address, an intercepted SSN could lead to identity theft. Also, do not share any information if you do not have a secure connection, which means it is encrypted (look for "https" or the picture of a padlock before the URL).

Protecting Your Password

The most sophisticated online security technology in the world is no match for a compromised password. When you enter a password, you tell the server that you are a certain individual and typically gain access to privileged information. Therefore, choosing a strong password -- one with at least 10 characters, that is difficult to guess, and which has a combination of letters, number, and symbols -- is imperative to protecting your online privacy. Also, do not use the same password for every site.

Once you have chosen a password, it is important that you do not write it down or otherwise make it vulnerable to third parties. Also, public computers (public libraries, Internet cafes) often save or "cache" browsing history and sometimes even your login information, which includes your password. Logging out of all sites visited and emptying the cache is one way to protect your privacy, but you may want to limit your online shopping to a home computer or other secure device.

Some computer viruses or spyware may capture keystrokes and otherwise compromise your password. Keeping software up to date and using up-to-date antivirus software on a computer can help safeguard a machine. But remember, even "low tech" methods of interception such as peering over a person's shoulder as they type in a password can result in a privacy breach.

About Privacy Policies

Most online shoppers immediately click "agree" when asked to check a box indicating that they have read and understand the company's privacy policy. In fact, most online privacy policies go unread before transactions are finalized. Privacy policies may be heavy on the "legalese," but they generally address the following areas:

  • Sharing of Information: Whether or not, or to what extent, any information you provide may be shared with third parties.
  • Tracking/Cookies: What information the company is requesting for tracking purposes, how it is being logged, and how it is being used.
  • Mandatory/Optional Data: Overview of which information is mandatory for completing a transaction and which is optional, plus an explanation of how optional information will be used.
  • Information Collected: Explanation of all customer data collected and how it is being used (or may be used), particularly for personally identifiable information such as your phone number.

While privacy and online shopping may sometimes be at odds with one another, proper precautions can help you avoid having your most sensitive information compromised.Â