Whenever you are working on your computer, do you get the sense you’re being watched? I’m not referring to the wandering pair of eyes belonging to a work colleague, friend or spouse, but rather the “spying eyes” of those many gremlins that seem to be loitering in cyberspace. Whether you are doing simple research or making an on-line purchase, you cannot be sure of what is going on “behind the screen” and what information is being collected on you.

You can never stop the disclosure of some of your private data, but exercising a little bit of caution can go a long way to reducing your exposure to larger risks. The following are some of the biggest areas that can be the playground for cyber shenanigans.

Financial Information. Credit card companies, mortgage companies, banks and insurance companies often sell your financial information, such as payment records, order histories and account balances to marketers. What happens next? You guessed it! A tidal wave of promotional snail mail, e-mail and phone calls.

What can you do? One simple step is to ask the four major credit card companies not to disclose your credit information. Guidance that was only partially correct came out on July 1, 2003, in a prerecorded message. It claimed that you could call the toll-free number 888-5OPTOUT and inform all the credit card companies not to disclose your credit information. This number is still in use.

The message confused two separate federal laws. The Financial Services Modernization Act of 1999, also known as Gramm-Leach-Bliley (GLB) Act, required financial institutions to notify all their customers by July 1, 2001, and once a year thereafter, of their own privacy policies. If the bank, credit card company, mortgage company, insurance company, or brokerage firm sells customer data to third-party companies, it must provide customers the ability to say "no" to such data sharing. In other words, you can "opt-out."

This law did not say anything about a toll-free number enabling individuals to do one-stop opting-out. That's a requirement of an amendment to another federal law, the Fair Credit Reporting Act (FCRA). The FCRA became law in 1970. When it was amended in 1996, one of the provisions was a requirement that the credit bureaus provide an opt-out opportunity for consumers who do not want their names and addresses sold to credit grantors for marketing solicitations. The toll-free number was established then and has been available to consumers for several years.

The credit bureaus sell names and addresses to credit card companies, who in turn mail pre-approved offers of credit to consumers. If you do not want to receive such solicitations, you can call this federally-mandated toll-free number to opt-out. It's important to note that this toll-free number has a limited purpose - simply to enable consumers to opt-out of receiving pre-approved offers of credit. Nothing more. As an aside, should you discard the promotional credit card that has your name already preprinted, be sure to use a scissors to cut the card in pieces before it goes in the trash. This avoids the potential of being victimized by identity theft should someone sift through your garbage.

You can learn more about the credit bureaus and the law that governs how they use personal information at the Privacy Rights Clearinghouse web site, Fact Sheet No. 6.

Social Security. This is a biggie. You are your social security number. Anyone who gains access to your social security number (SSN) will have all they need to know about you financially, medically and otherwise. What can you do? Do not put your SSN on any checks you write. This may be unavoidable when you have to issue a check to the IRS for taxes owed; but you can avoid its use elsewhere. The requirement to provide your SSN depends on the agency. Some government agencies, including tax authorities, welfare offices and state Departments of Motor Vehicles, can require your SSN as mandated by federal law (42 USC 405 (c)(2)(C)(v)
and (i)). Others may request the SSN in a manner that leads you to believe it’s necessary.

The Privacy Act of 1974 requires all government agencies – federal, state and local – that request SSNs to provide a "disclosure" statement on the form. The statement explains whether you are required to provide your SSN or if it is optional; how the SSN will be used; and under what statutory or other authority the number is requested (5 USC 552a, note). The U.S. Office of Management and Budget [Office of Information and Regulatory Affairs (OIRA)] provides guidance and oversight regarding the Privacy Act of 1974.

You should disclose your SSN only to private companies when the issue of taxes exists, such as with a bank for interest-earned purposes; brokerage firms for stock and bond transactions; mortgage companies for mortgage interest; and real estate taxes, if appropriate.

There is no law, however, that prevents businesses from requesting your SSN, and there are no restrictions on what businesses can do with it. Although you are not required to disclose your SSN, the business does not have to provide you with service if you refuse to release it.

Finally, the government now sends out a statement two to three months prior to your next birthday that shows your social security status from the time you started working. You should carefully review this statement. If the information is incorrect or you need to have information immediately, contact the Social Security Administration.

Online Work. Our e-mail boxes are flooded everyday with solicitations, advertisements and promotions; much of the information we refer to as spam. But consider this: Anyone with knowledge of your e-mail can find out where you live. How can you protect against this?

• Never reply to junk e-mail or spam, even if it asks you to respond that you want to be removed from the list. By responding, it will confirm the validity of your e-mail and subject you to even more spam.
• Alter your browser so you’ll reveal less personal information when files are downloaded.
• Read the “privacy policy” before you use a website. Some sites allow you to “opt out” if you don’t want to receive an e-mail solicitation from marketers.
• Reserve a special e-mail address for surfing the Internet, such as when you visit chat rooms like those on Yahoo.com; newsgroups; or to register on a website for any purpose. These areas are where spammers troll the waters for new targets for e-mail messages. If you use your usual e-mail address when involved in newsgroups, you can include a “no spam” note when you are asked to provide your e-mail address.
• Go onto any search engine, such as excite.com or lycos.com to see what information about you is available on line. If you have written anything; or have been quoted, received some honor or distinction; or have posted anything on Internet newsgroups, search for this information on groups.google.com. If any of these databases list your address, phone number or e-mail address, ask to have your name removed from these lists.
• Use one specific credit card for on-line purchases, so if the card number is stolen or misused, you can easily cancel the card.

It takes only a few practical steps to ensure that no cyberspace gremlins are looking over your shoulder.

About the Author
Steven E. Sacks, CPA, is owner of Solutions to Results, LLC, in Fair Lawn, N.J., and a partner in the Industry Leader, an information resource for CPAs in business and industry. He specializes in strategic planning, communications, editorial services and educational development. Steve can be reached at stevensacks@msn.com.