The announcement this week that a partnership between Earthlink and Google has won a bid to offer free wireless Internet access to all of San Francisco is raising eyebrows – for a number of reasons.

Chief among them are the privacy issues that often surround the rollout of a new Google service. The search giant plans to offer free wireless access to users, provided they submit to Google's familiar targeted text advertisements. The relevant ads already appear on Google's search results pages, but in this case, they would be targeted geographically – to an accuracy of 100 to 200 feet.

As website Ars Technica explains it:

Privacy advocates as well as potential customers have indicated concerns, not merely because Google will be able to track users as mobile phone companies do, but because of the accuracy of the information combined with the ability to gather knowledge of everything a user is doing online. All of that data in the hands of a private company is unsettling, but experience suggests that the goverment is likely to seek the information as well, and this has set off alarm bells in many sectors.

Information Week is reporting that the Electronic Frontier Foundation (EFF), based in San Francisco, has submitted their own recommendation for wireless privacy to the city. It wants people to be able to surf anonymously, and wants Google prevented from storing user data on its computers for any longer than necessary.

Some don't see what all the fuss is about. Technology blog Techdirt points out that "if people are really worried about this, it seems like there are much more worrisome location tracking services." It points to a report that shows tracking by mobile phone is much more likely to yield useful information. Also, to avoid all of this, citizens can pay a $20 monthly fee and get ad-free access – at speeds up to three times faster than the free service – city-wide.

Another wrinkle in all of this comes from a San Francisco Chronicle report on a rash of laptop thefts at wireless hotspots across the city. The article tells the story of one man who had his $2,500 Apple Powerbook stolen from him as he used it in a coffee shop that offered wireless access. As the man stood up to protest, one of the thieves stabbed him in the chest. While such violent attacks may be relatively unheard of, police data shows a rise in laptop thefts. From the Chronicle article:

San Francisco police statistics show a disturbing trend. Just 18 laptop computer robberies were logged in 2004, but the figure jumped to 48 last year. There were 18 as of the end of March, a pace that could surpass 70 crimes this year.

Of course the obvious question arises: When San Francisco's city-wide wireless network goes live and more users log on from their favorite park bench (or cable car), will a corresponding crime wave ensue? The common laptop locks from Targus and Kensington that interface with the near universal security ports on many computers are one solution, as are beefier offerings from Compucage, but even they have proven to be no obstacle for determined thieves.

Missouri-based software writer Randy Green has an innovative answer – at least for users of Apple's new Mac Book Pro. "iAlertU" works like a car alarm for your computer. As this video shows, users can "arm" their MacBook Pro by pushing a button on its included infrared remote - just like using a car's key fob. When the computer is moved (triggering the sudden motion sensor initially intended to safeguard the hard drive if the computer is dropped) the screen flashes, and an all-too-familiar siren blares through the computer's speakers. Now, this won't stop bold thieves like the ones from the San Francisco coffee shop, but it could prove useful for deterring office snoops or airplane seatmates during trips to the restroom. Just please, don't be the person who lets their siren go off for 20 minutes at three in the morning.

This may be a stretch, but it really feels as if Google just added its googol-th feature. It's an instant messaging add-in to the wildly popular Gmail e-mail service, and it blurs the line between the two popular Web communication mediums. I was an early adopter of Gmail, and in the past few days have experimented with the chat feature, trading instant messages with friends. It's pretty slick, but using it, I can't help wondering: Have we grown too complacent trusting Google with so much of our lives?

Now, I want to make clear off the bat, there's nothing about Gmail's IM feature that makes it particularly alarming. One difference between it and other popular messaging services like AIM and MSN Messenger is that they run in a standalone program, and it launches right in a Web browser, which is convenient. But the main thing that sets Google's apart is that it is by default set to save a record of IM conversations in users' e-mail inboxes. That may sound helpful, but it sends up a red flag to a privacy expert.

To understand the privacy issues, it's important to grasp how Gmail works. It's like pretty much every other free Web e-mail program, except that Gmail scans users' in-box messages and cross-checks the data collected with a database of paid advertisements. When a content match is found, text ads are inserted to the right of messages. They aren't invasive – most of the time I don't even see them – and occasionally I find one of interest and even (gasp) click on it. For example, if your friend has written to you about her new car, you're likely to see a listing for buying used cars, displayed to the right of her e-mail. It's no big deal – even helpful, maybe – to have contextual ads, but things start to sour when you think about the methods used to implement them.

Where does that data go?

When e-mails are scanned (which Google insists is done only by machine), are they stored? Nowadays it's not just e-mails (which people tend to write with a measure more discretion), but instant messages that are being scanned – and stored – by Google. How long does that data stick around? That question becomes even more important when one takes into account the recent efforts of the US government to subpoena queries from Google's bread-and-butter search engine. Though the company declined to cooperate in that case (and those were only searches), what's to say they'll continue this tack in the future?

Now, many out there will say that Google has prided itself in protecting its users' privacy - just look at its refusal to bow to the government's request for data. One of the company's lauded and oft-quoted "Ten things Google has found to be true" is that it's possible to make money without doing evil. That may seem comforting - and to be fair, the company treats its users very well – but the honest truth is that Google is a business, plain and simple. However great their services are, the company is still out to turn a profit, data you submit is being collected, and your definition of evil may not match theirs.

This is not meant to be a Google bashing session. "Free" has become the dictum of the Internet. From e-mail to blogs, photo storage to newspapers, Web users expect increasingly more handouts when surfing. Whether you're using search, e-mail, instant messaging, social networking, blog publishing, photo hosting, news aggregating, direction finding, video sharing, or using other gratis Web services, know that the companies that offer them are collecting data. Now, personally, I won't be dropping my Gmail account anytime soon, but it's important to realize that, as with lunches, there's no such thing as a free Web service.

Privacy in personal communications has always been well-guarded. 18th century European royal clerics would emboss envelopes with specialized wax seals to ensure a message arrived unopened to its recipient. The US Postal Service's earliest laws famously assert that opening another person’s mail is a felony. However, in the newest form of communication, e-mails, privacy appears a bit more elusive.

To many, e-mails seem the most confidential of correspondence. They are passed along anonymous servers until they reach their intended addresses. However, if these servers were likened to human hands, passing the message from one person to another, and the e-mail likened to a letter, without the protection of a stamp or envelope, a more worrisome picture emerges.

The US Patriot Act awakened many Americans to the public nature of e-mail correspondence. Section 216 expanded the use of trap-and-trace and pen-register devices from telephones to a variety of digital communications, including e-mail, web surfing, and instant messaging. Suddenly, it emerged that e-mail is actually the most public of personal communication forms, easily accessed along the various steps of server “hands” that pass it along to its destination.

The release of Google’s free e-mail service, "Gmail", raised even more debate when the Web company announced that it would index the e-mails of its customers. Suddenly people were aware of the possibility that their e-mails could be searched for key words, and sorted and classified by their content.

Although Google is most likely not the only e-mail service provider to index their customers' e-mails, (the US government has a much more intrusive program, called Carnivore, that flags e-mails as they move between mail servers), the publicity surrounding Gmail’s release heightened awareness over the very public nature of e-mails.

To return to an analogy made earlier, if a person were able to provide a virtual envelope and stamp to protect the contents of their e-mails, it would be much more difficult for unwanted eyes to see the data within the e-mail. This exact service lies at the heart of encrypted e-mails.

PGP Corporation is a leading provider of encryption software. Its program, PGP (Pretty Good Privacy), provides the user with two virtual keys. One unlocks the code that the other key makes. A user of PGP would send correspondents the public key in order to send messages – only those people who have the key can send the user an encrypted message. The user keeps the other key in order to decrypt messages sent by someone using the public key. There are also other types of encrypted e-mail, such as GnuPG, which provides a free (open source) version that is compatible with PGP, but not as well-developed.

Encrypted e-mail does have some obvious drawbacks. Not enough people are currently using it to make it effective. It also limits what was once a very open communication system. Gone are the days where a person could post their e-mail address on an open forum for those who are interested in an e-mail conversation (though, thanks to spam, a person would be unwise to post their e-mail in a public forum anyway).

Encrypted e-mail offers users the possibility of privacy in a virtual world of increasingly public communication. Though it isn't as flashy as waxed seals, encrypted e-mail is a 21st-century stamp to make sure personal business stays that way.

When I'm standing on the shores of the Internet, getting ready to surf, I make sure I have the cyber equivalent of a lifeguard installed on my computer – software that blocks and/or deletes spyware and other unwanted tracking code.

Just what software you ask? That depends.

A good anti-spyware package will diagnose and remove spyware from your computer. Since more than 95% of computer users have Microsoft operating systems, it doesn't hurt to read the fat boy in the software-canoe's pitch on the subject – but remember it's promotional.

I would recommend a non-Microsoft developer to protect your Microsoft operating system.

I use Ad-aware 6.0 at work on a PC (our tech staff installed it for me) and Aladdin Internet Cleanup for Mac OSX at home. But there are many more options than these two.

If you google "spyware protection software" you’ll get pages of links. There are dozens of programs to deal with this problem – but that just makes it more daunting for the non-geek to know which is best.

Regardless of which one you choose, realize that after installing it you'll need to routinely check for updates to stay current because the spyware offenders continuously "improve" - read "make more invasive" - their software.

My advice is seek out a savvy friend, a colleague at work, (even find a discussion group online on the subject of spyware) who can become your net lifeguard. You'll be surprised how easy it is to find someone who has forgotten more about software than you will ever know. That's who to chat with.

If there is a class of human beings more willing to share what they know than computer mavens, I haven’t met them.

Ask him or her what's the best current software, at a reasonable price (more than $100 stops being "reasonable" for me), to keep your home computer safe from malicious software from the 'cyber deep.'

You will need to let this lifeguard know a few things about your computer: operating system, browser, type of connection (dial-up or broadband), whether you have a pop-up blocker installed already, and so on.

Your computer at work should already be equipped with blocking software by your tech staff (fire someone if it hasn’t). If you use a similar system at home, just buy the same software used at work.

Good software does its spyware search-and-destroy mission in the background while you continue working on that literary masterpiece, or the mixing and burning of the definitive soundtrack of Lyle Lovett.

There’s one more thing. Make sure you use your anit-spyware software after you install it. It doesn't work automatically. And not just once a month. At the very minimum at least once a week. Probably more, even daily if you go online a lot.

Note: This is the third of three articles on spyware. See: Spyware: the need for legislation, and, Spyware: Time to look back at who's looking at you (by Jim Bencivenga)

You’ve probably heard the quip: “Just because you’re paranoid, doesn’t mean they’re not out to get you.”

When it comes to spyware on your PC, the quip is not just a quip.

Sadly, software placed on your computer that you neither authorized nor knew was being placed there, software that is actively reporting on where you surf, even recording the keystrokes you type into your computer, and then sending that information to a third party, has fast become a fact of life for Internet users.

Such software goes by the names “spyware” and “adware” (see related Scitech blog ). The stealthy nature by which programs of this ilk are being placed on millions of computers is creating a groundswell of support in the US, at both the state and federal level, for legislation banning or severely regulating them.

Short of having your own tech staff - which most individual or small business computer users don’t – passing some form of spyware legislation, and then keeping it current as "snooping and sniffing" software inevitably evolves, is seen by many as crucial to future individual use of the Internet.

So far, three principles govern current and proposed legislation: