Caught you!

Watch out, they’re trying to catch you. With all the Internet scams and hoaxes out there trying to trick you into divulging useful information about yourself, it’s getting hard to know whom you can trust to guard your privacy -- even if the company bills itself as a partner in protecting it.

Take the case of a company called PrivacyGuard.com and a reader we’ll call Mr. Catchings. When Mr. Catchings was talking to someone at his bank recently about his online account, the bank representative highly recommended he take advantage of a free trial offer with PrivacyGuard.com. “PrivacyGuard says they act as an intermediary between consumers and the three major credit-reporting agencies,” Mr. Catchings told me. “You give them your approval and identity information, and they collect, compile, and rate your credit score. They also alert you when there are any requests for your credit history information.”

That sounded as if it might be worthwhile to Mr. Catchings, but being a careful man, he read the PrivacyGuard.com online privacy policy closely. “It was your objectionable but standard privacy policy, essentially stating that using the Web site constitutes an agreement to [future changes in the] policy,” he noted. “What concerned me was that just creating a username and password required providing an e-mail address, social security number, mother’s maiden name -- all the same data one might give their bank. But, hey, this service was recommended by my bank, so it must be all right.”

Mr. Catchings went ahead and registered a username and was about to order his free credit report when he caught something. The order form contained some fine print with another reference to a privacy policy, plus a nonhighlighted link that only revealed itself when the mouse cursor moved over it. Following that link took him to a different privacy statement than the online document he’d read.

The second privacy policy document (which I later learned also served as the privacy policy for other free-credit-report sites such as ConsumerInfo.com and Freecreditreport.com) had several provisions that bothered Mr. Catchings enough that he decided not to order the credit report after all. One thing that particularly concerned him was a statement revealing that his information could be disclosed to companies that “perform services on our behalf, such as the credit reporting agencies from which we obtain your credit report(s), credit card processors, e-mail communications management firms, or call center providers.”

Mr. Catchings felt disturbed that he had provided PrivacyGuard.com with sensitive information to register his username before finding the hidden privacy policy that revealed how the information would be used. “I particularly did not like the sound of ‘e-mail communications management firms’ and ‘call center providers’ having my information,” says Mr. Catchings. “My two biggest objections are the ‘second-level’ privacy policy and the fact that this was promoted by my bank.”