AICPA Joins Global Accounting Profession in Paris to Explore Solutions to E-Commerce Risks; Group Recommends Top 10 Ways to Protect Online Privacy

Business Wire, August 1, 2000

Business Editors

NEW YORK--(BUSINESS WIRE)--Aug. 1, 2000

The American Institute of Certified Public Accountants announced today that representatives of the global accounting profession gathered in Paris last week for a three-day conference to explore solutions to the risks of e-commerce, including protection of online privacy.

Opportunities for data mining of private information by businesses, government and individuals have increased exponentially with the growth of the Internet, creating concern in many sectors. Along with the increased use of the Internet as a medium of exchange for goods and services comes the need to find the correct balance between the appropriate use of information for business purposes and real privacy protection for individuals.

"Privacy is one of the most pressing concerns of consumers in the U.S. and other countries," said Robert Elliott, Chairman of the AICPA. "In a recent IBM/Harris Poll, 94% of U.S. citizens said they were concerned about the possible misuse of their personal information. As the representative of over 335,000 individual members of the accounting profession who deal with confidential information on behalf of both individuals and businesses, we feel strongly about the need to protect private information. Consumers and businesses want to know that their privacy is protected both on- and off-line."

Representing Canada, Denmark, England, France, Germany, Hong Kong, Ireland, Italy, Netherlands, Scotland, Spain, the United States and Wales, the group recommends the following ten ways in which Internet users can protect their personal privacy:

(1) Be cautious about giving personal information. Do not disclose

your personal information, such as your address, telephone number

or email address, unless you know WHO is collecting the

information, WHY they are collecting it, and HOW they will use it. (2) Use a secure Internet browser. Your browser is used to navigate

the Internet and should comply with industry security standards

using a technology like Secure Sockets Layer (SSL) encryption. The

SSL technology encrypts or scrambles your Internet transaction

information, thereby ensuring the security of your transaction.

Most computers come with a browser already installed. You should

check to see that it incorporates SSL technology. You can also

download more secure browser versions from the Internet at no

cost. (3) Make sure the merchant site is secure and review its privacy

policy. Look at the merchant's Web site address, referred to as

the Uniform Resource Locator, or "URL," to see of the site is

secure. A secure URL address begins with "https://," where the "s"

refers to the fact that the site is secure. In addition, review

the security disclosures of the sites you visit, along with their

privacy policies regarding the collection and use of your personal

information. Some disclosures are easier to locate than others.

Look at the bottom of the site's "home page," on the transaction

page, or in the "About" or "FAQs" section of a site. If you cannot

locate these disclosures, or the website does not allow you to opt

out of having your personal information gathered for marketing or

other purposes, consider moving to another site for your

transaction. Use digital signatures to help authenticate the

identity of senders and recipients on the Internet. (4) Pay by credit or charge card. In some countries, if you pay for

online purchases with a credit or charge card, your transaction

may be protected by additional laws or regulations. Some card

issuers offer online shopping guarantees that ensure that you will

not be held responsible for unauthorized charges made online, and

others also may offer additional warranty, return and/or purchase

protection benefits. (5) Beware of "Trojan Horse" programs. Be careful when downloading

programs off of the Internet from an unknown source. Avoid

programs that carry harmful code inside what appears to be benign

programs or data - these programs can gather your personal

information such as passwords or banking information that exists

on both public and private computers. Known as "Trojan horses,"

these programs are designed to sneak through firewalls designed to

protect you. If you suspect a Trojan horse has hit your computer,

remember that they are NOT viruses. This means that anti-virus

software will not protect you against them nor will it stop the

programs form gathering your private information. You should

download a detection program to find Trojan horses and eliminate

or disable them. (6) Never give your passwords to anyone online. This warning includes

your Internet Service Provider (ISP). Try to be original when you

create a password. The safest type of password includes unusual

combinations of numbers and upper- and lower-case alpha

characters, in addition to symbols. Avoid using your name,

telephone number, birth date or other easily identifiable number

or code. (7) Keep records of your online transactions and check your credit

card statements. Always keep a copy of each purchase order along