Tracy Blackburn of Gainesville, Florida is a busy mom who finds shopping on the Internet a nice convenience. Recently, she got on line to hunt for the best interest rate for a home improvement loan. She was careful not to give out her name or address.
That's why she was quite surprised when, days later, she opened her mailbox to find a solicitation from a company whose web site she'd visited.
Somehow, that company had been able to connect her "anonymous" web searches to her name and home address-a connection that more Internet advertisers hope to make to millions of web users, CBS News Correspondent Sharyl Attkisson reports.
"I never gave my address or phone number to anyone on the Internet and I received the letter stating that they would be more than happy to help me with my home improvement loan," Blackburn said. "It really shocked me. I didn't know how they got all my home information and my name. So now I see that you can be tracked very easily."
Blackburn is one of a growing number of Americans who are coming to grips with the lack of privacy on the Internet.
James Green and David Moore work for 24/7 Media, a company that sells ads on the Internet. They admit that when a person "hits" one of their ads, they are looking for personal information: the person's age, where they work, how much they make, even their Social Security number.
"Our philosophy is that if you are enjoying the content on my web site, then you have to give me enough information so that I can sell your profile to an advertiser," said Moore.
24/7 Media says it gathers and sells data only with customer consent. But with other companies, serious privacy violations may be just a few clicks away.
"You can do some wild and crazy things on the Internet," said Green. "First of all, you can launch applications without the person knowing that they're run on your computer."
Moore explains that when an application is launched, the advertiser could look at anything that is on that person's computer and retrieve information from it.
That could be a bank statement, or private files-anything.
"It's difficult to do that because everyone stores things in different ways," said Moore. "But absolutely! Anything!"
Green stressed that 24/7 Media does not engage in that kind of conduct.
But while no company admits to actually doing the kind of cyber-snooping that Moore and Green described, most web sites are silently collecting basic data using something called a "cookie." Simply put, cookies are random numbers assigned to your computer when you visit a web site. They track what you do, what you buy, and where you go on the Internet.
Privacy advocates say it can all get very personal.
David Sobel of the Electronic Privacy Information Center, for example, did a search using the word "impotence" and, within secons, a special ad targeted for the impotent appeared on his screen.
Sobel claims, "It's an indication of the fact that a profile has already been created."
And there's nothing to stop sensitive Internet searches from eventually being matched up with real names by insurance companies or employers.
"Let's say the research has to do with sexually transmitted diseases," said Sobel. "I can see where there would be many employers who would see that information associated with a job applicant and make a decision they're not going to hire that individual."
An Internet ad agency in New York City called DoubleClick, wanting to go the farthest yet in getting personal with Internet users, recently announced plans to connect people's web surfing habits with their private personal information-available through non-Internet sources like credit reports-without the consumer's knowledge or consent.
That plan was stopped cold when Sobel's group lodged a complaint against DoubleClick with the Federal Trade Commission, and the FTC began an investigation.
DoubleClick, which has a business relationship with CBSNews.com, says its mistake was going ahead with the plan "in the absence of industry guidelines." Now, the company is working with others in the industry to develop such guidelines in an attempt to avert federal regulation.
Meantime, there is a way people can slow the erosion of their privacy: by periodically erasing their cookies.
First, search your hard drive for "cookie" to find your cookie file. When you get there, it will be a list of random numbers attached to some web site addresses you may recognize. These are the sites that have attached cookies to your computer.
All you have to do is click "delete," and watch the cookies crumble.
Tracy Blackburn still uses the Internet. Only now, she knows how little stands between her privacy and someone who wants to invade it.
"I feel that now anybody who is on the Internet, you take that risk," Blackburn said. "Technology has advanced so quickly, that many people haven't even thought of how their privacy may be breached. Just be prepared that it could happen to you."