E.T. applications take advantage of a simple fact of Internet life: when we download software, most of us have no way of knowing what we're getting. We have to rely on the word of the company providing it — and of the software writer — that it does what it says it does and nothing else. "Any piece of software you download from the Internet is potentially a Trojan horse," warns David Kristol, a member of the technical staff at Lucent Technologies' Bell Labs. "You have no way of knowing what it's going to do."

That's what makes it so easy to spread computer viruses like Melissa, which traveled across the Internet in e-mail, embedded in innocuous-looking Word documents. It's what makes fraud so easy on the Net. A few years ago, the so-called Moldova scam lured users to free porno sites with such names as www.waysexygirls.com. When anyone downloaded a program that was necessary to see the way-sexy girls, it included Trojan-horse software, which unbeknownst to the user, hijacked the computer modem so that it dialed a phone number in the small East European nation of Moldova, charging the victim's phone bill at the rate of $3 a minute.

E.T. applications aren't quite that sinister. But they often spirit away personal information users would be appalled to know was being shared. "People may get a box to check, but they have no idea they're downloading tiny little spies that will report back on them," says Robert Ellis Smith, publisher of the Privacy Journal. "Most people don't even know that can be done."

Take the case of SurfMonkey, which is supposed to protect kids surfing the Web. The program blocks questionable language and prevents children from accessing inappropriate Web pages. But, according to Richard Smith, it also sends home information, including a user's personal ID, phone number and e-mail address. That's hardly privacy-friendly, says Smith.

SurfMonkey says it doesn't use the IDs to collect data on individuals; they're used to evaluate the appropriateness of websites for children. Any personal information that is gathered, the company says, is otherwise "ignored." In any case, the company plans to change its software in the next month to stop sending ID data to its server.

The roots of E.T. applications go back to a surprising place: Microsoft. When Windows 95 came out, it included a program called Registration Wizard, which let purchasers dispense with snail mail and register their Windows 95 software over the Internet. But it did something else too: it poked around on the purchaser's hard drive, making a list of other installed software — and sent the information back to Microsoft. Although Microsoft asked users for permission, it still caused an uproar. Critics contended that Bill Gates & Co. were snooping for commercial advantage: they charged that Microsoft wanted the data so that it could e-mail WordPerfect users to try to get them to switch to Microsoft's Word. Eventually the uproar died down, and Microsoft kept Registration Wizard just as it was.

WRITE TO US | PRIVACY POLICY
Copyright © 2000 Time Inc.

TOP || HOME