When I published Gotcha Capitalism two years ago, I was in for a big surprise.  As I talked about systemic hidden fee fraud all around the country, many, many friends (and even co-workers) found me and asked in hushed tones, "What's a mutual fund?" "What's comprehensive and collision?" "What's a mortgage point?" 

It was obvious from these conversations that millions of Americans are severely lacking in financial basics, and this shortcoming played a major role in the housing bubble and the resulting economic collapse. I wanted to know why.

---

I'm the hidden fee guy, the “Gotcha” guy.  People like me usually rant about dreadful banks are and how unfair big companies are, about how corporate greed caused our economic collapse and about how rampant unfairness built the house of cards that just collapsed all around us and sent the world into a global recession.

But it's impossible to ignore the fact that individual consumers made a lot of really bad choices in the past decade. They bought homes with $2,000 mortgages when they only earned $3,000 a month. They borrowed money at 30 percent interest to buy granite countertops.  Aren't they to blame for their own demise?  To be an honest journalist, I had to ask: Why are American consumers so gullible, so seemingly out of control? Is there something wrong with us?

Yes, several things. But most important is this: Americans are terrible at math.

I know you know that. But my research shows we are far worse at math than you think.

Exhibit A: Think about the last time you had lunch with four or more friends. What happened when the bill came?  Everyone pulled out calculators, there was a lot of murmuring and head scratching and still some of your friends just ended up throwing down a $20 bill and hoping for the best.  Now, imagine that crowd in a car dealership or with a mortgage broker. They wouldn't stand a chance.

Turns out, there's an entire field of study -- albeit a small one -- devoted to this subject. It's called “innumeracy” -- or mathematical illiteracy. It’s a hidden epidemic in our society. And the consequences are dire.

Just as there is a hidden epidemic of people who are functionally illiterate in our country, there is big problem (bigger, by my reckoning) with people who can't do basic math. There's no way to function in our society without understanding money, percentages, interest calculation and so on. Yet in a recent government study, less than one in seven American adults ranked "proficient" at math.  

Here are a few examples of innumeracy in action:

According to the Department of Education's National Assessment of Adult Literacy, U.S. adults are terrible at solving real-world math problems, like calculating tips or comparing prices in grocery stores.  Some dismal results:

• Only 42 percent were able to pick out two items on a menu, add them, and calculate a tip.
• Only 1 in 5 could reliably calculate mortgage interest.
• 1 in 5 could not calculate weekly salary when told an hourly pay rate.
• Only 13 percent were deemed "proficient."  Worse yet, only 1 in 10 women, 1 in 25 Hispanics and 1 in 50 African Americans made the grade.
• Americans are terrified of numbers when it counts most: 20 million Americans pay someone to file their 1040EZ, a one-page tax form with around 10 blanks to fill out.

Also, these numbers show up in U.S. student math scores, which are abysmal:

• The U.S. ranks 25th among 30 industrialized nations in math scores, down near Serbia and Uruguay. U.S. students thought they had the highest grades of any nation in the study, however.
• Half of 17 year olds couldn't do enough math to work in an auto plant, according to President's National Mathematics Advisory Panel.

Study after study shows U.S. achievement falls off the cliff during middle school, when subjects like fractions and percentages are introduced -- exactly the skills you need as a consumer or, for that matter, to move on to algebra, calculus and advanced sciences.

But here's another essential point. How can Johnny learn to add if Johnny's teachers can't?

• In 18 U.S. states, not even one elementary math class is required for certification.
• Some teaching colleges allow admittance as long as students have math skills equal to their future students -- that is, as long as they could pass a 5th grade math test.
• It's possible in some states to pass the teacher certification exam (Praxis) without answering a single math question correctly.
• In Massachusetts, there's a special program to reacquaint teachers with math. The man who runs the program says half of teachers can't answer basic questions involving fractions and has concluded that many elementary teachers are "phobic" about math.
• Teachers seem to be math-averse from the start. College bound seniors headed for elementary education have math SAT scores significantly lower than the national average (483 vs. 515).

There are many, many other reasons why U.S. consumers tripped and fell down a mine shaft during the past two years.  In my new book, "Stop Getting Ripped Off," I lay out a series of other explanations: Greed, laziness, lack of government regulation and magical thinking. And I offer up my own handy guide to solving today’s consumer puzzles, from buying a home to saving for retirement.  But innumeracy is the biggest culprit.

Two years ago, I would have had to lay out a doomsday scenario to draw attention to this ticking time bomb. Well, the bomb's gone off.  People who were bad at math could hardly have been expected to see through the consequences of an adjustable-rate mortgage, or to make a sound bet on their future earnings potential. These consumers didn't stand a chance against mortgage brokers, real estate agent and an overheated market. They can't fight with financial planners over fees that are swallowing one-third of their retirement savings. Heck, they can't even stop taking out 250 percent APR payday loans, 1,000 percent overdraft protection loans or paying tax preparation firms $100 for three minutes work to fill out simple tax forms.  Now, millions of individuals are losing their homes and are on pace to become destitute in old age.

If I only shine a light on only one topic with this book, I hope it will be the hidden epidemic of innumeracy in America. Because if we can't add, if we continue suffer from an extreme lack of mathematical self-confidence, any recovery we begin is surely doomed.

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

About once a year, computer security news leaps out of the technology section and onto the front page and the top of network news broadcasts.  This year, the day was April Fools' Day, as the Conficker worm became the latest malicious program with the power to eat the Internet.  Somehow, we soldiered on, most of us without ever having to kick on the emergency power generators or dig into that can of spam in the basement shelter.

But Conficker, while no dramatic outbreak, was also no laughing matter to the hundreds of thousands of Web users who were infected.  The problem with the hype cycle in computer security news is that it can have an incremental "cry wolf" effect on computer users.  The odds that the Internet will topple over in 2010 are, once again, quite low.  But serious threats abound and bad guys are mostly still outpacing good guys in our virtual world, which will be slightly more dangerous than this year. Here are 12 reasons why:

---

1. E-mail attachments are back

The LoveBug and Melissa virus, which did bring the Web to its knees 10 years ago, both used the simplest of delivery mechanisms -- an e-mail attachment.  Sure enough, that method stopped working after companies banned attachments and users wised up. Attachment viruses nearly dried up.  Then, a new generation of users came online who hadn't learned the Melissa lesson and older users forgot. So this year, virus writers began dusting off their old methods and -- surprise! -- they worked again.  Next year, be on guard for unexpected attachments,  says Carl Leonard, head of the Websense threat lab.

"Sometimes you think this stuff has gone away and then it comes back," he said. "We're definitely seeing an uptick in Trojans that come through e-mail."

2. Anti-virus products less effective

Old-fashioned virus screening tools now catch only about three out of every four viruses through what's called "signature-based" detection, says Martin Lee of Symantec.  Basic anti-virus tools scan all programs using a list of known malicious programs, looking for electronic "signatures."  Virus writers now generate so much malicious software that the good guys just can't keep up. Logo_miniTo make matters worse, virus writers are employing a technique known as "polymorphism," so the virus can electronically mutate and evade detection.  That means about 25 percent of viruses can evade detection by scanners. New "heuristic" antivirus software detects malicious programs by watching what they do rather than inspecting what they are, but these products are far from perfect.

Making matters worse, viruses are now more stealthy after infections. Once upon a time, an infection was obvious, thanks to a dramatic slowdown in performance or some other obvious symptom.  Not true today.

"It's become increasingly difficult for people to be aware they've become infected," Lee said. "Often, end users just will not realize something has happened."

With few guarantees for protection, it's more important than ever to keep the kids off music piracy sites and for you to avoid other unsavory Web places -- and you know the ones I mean.

3. Fake anti-virus software

Knowing that your antivirus product might not be doing the job, you might be tempted to look online for an alternative, or to try one that surprisingly pops up on your desktop.  That's a bad idea: It's probably a criminal trying to extort you for money.  The art of selling rogue anti-virus software was perfected in 2009. Leonard says consumers shelled out $150 million for fake antivirus programs last year.

"People are selling malicious software and dressing it up as an antivirus product," he said.  "It surprises me the volume that they are selling. You would think people have become used to seeing these things."

Obviously not. The Federal Trade Commission did shut down two rogue sellers last year, but not until they allegedly tricked nearly 1 million consumers into downloading their software.

The technique, which works like a charm, will expand next year.

4. Social networking

Facebook-based attacks grew dramatically in 2009, and will continue to increase in the coming year.

There are basically two flavors -- viruses that take advantage of the platform's liberal rules for information sharing among applications; and impersonation/identity theft, where a criminal hijacks an innocent user's account and tricks trusted friends and family. But other variations are certain to appear. Criminals can use publicly available information to personalize attacks ("Hey, check out these pictures from Paramus Catholic's Class of 1986!"). Facebook is easily farmed for password-generating information such as "What was your high school mascot?"  And all those "click here" e-mails from Facebook are a Christmas present for would-be phishers, who can easily imitate them.

"People are getting comfortable in social networking situations and I think that they should really re-examine their level of trust and interaction," said Mary Landesman, senior security researcher at ScanSafe.

And remember, even if Facebook old-timers are too smart for all these tricks, the service is teeming with older newbies.  If you've been friended by mom (or grandma) you know what I mean.  They'll have to endure the Facebook privacy learning curve, too. Be generous.  Spend a few minutes with older relatives this holiday getting them to tighten up their privacy settings.

5. Botnets

The bane of the Internet for the past five years -- botnets, or armies of compromised home computers -- will remain a problem this year.  And this year they may be even worse: botnets have become much more resilient.  Once upon a time, botnets could be disrupted by "cutting off their head," or disabling their command and control computers.  But now, criminals are "building disaster recovery" into the networks, Symantec's Lee said.  That makes them even more difficult to knock off line.

"You must have grudging respect for them and their techniques," Lee said.

6. Spam

Spammers took a body blow during 2009 when the notorious McColo Internet Service Provider was kicked off-line.  The volume of spam plummeted from around 80 percent of all e-mail to 20 percent.  Temporarily.  By year's end, nine out of 10 e-mails were spam, and the number keeps climbing.

"Can it get to 95 percent?," Lee asked, rhetorically. "It never ceases to amaze me how much we put up with this."

7. Finally, Apple gets respect - from cybercriminals

For years, the worst-kept secret in the computer security world was the safety of using Macintosh computers. It seemed that criminals didn't bother trying to attack Macs. This was no political statement, however. It was merely pragmatism: Apple products were a small target. But with the uptick in Mac market share, the increasingly popularity of Apple's Safari Web browser and the ubiquity of the iPhone, expect criminals to target Steve Jobs' products, says Leonard.  Already, he says, there have been a handful of iPhone attacks.

"Malware authors know where people are going," he said. "It's more worthwhile for them to go after these platforms."

8. Cell phones

Speaking of iPhones, 2010 might be the year that we see a significant attack against cell phone or smart phone users. Such an attack has been predicted for years, and has not yet materialized.  But each year, cell phones become more powerful, contain more personal information and are used for more financial transactions. In other words, they become "juicier targets" for criminals, says Lee.  An obvious attack -- like something that wipes out phone books -- might not be the breakthrough cell phone virus.  Lee says consumers should be on the lookout for a simple automated way to use mobile phones to steal cash. One possibility: some TV shows urge consumers to send text messages at $1 apiece. What happens when a criminal figures out how to redirect such messages, or initiate them?

9. SEO poisoning

You have probably noticed that companies can "game" Google and other search engines, puffing up their search engine results using a series of tricks such as creating fake pages that link heavily to each other.  Annoying, but relatively harmless.  Unfortunately, bad guys have perfected this method and use it to mercilessly attack information seekers every time a large news event occurs. Perhaps hundreds of thousands of users were infected after the death of Michael Jackson through this technique -- getting a booby-trapped Web page to rank 5th or 6th on a Google "Michael Jackson" search, even for just a few minutes, is probably the most effective malicious program attack used today.

"We see this sort of attack daily and especially when a signature event occurs, like Michael Jackson's death," said Leonard. Expect much more next year.  When the next big news hits -- however self-serving this may sound -- stick with news Web sites you trust.

10. WINDOWS 7

Naturally, as the year progresses, criminals will set their sights on the increasing install base of Windows 7.  Microsoft has continued to improve security and delivery of updates to its flagship operating system.  But there will be problems, no doubt. And then there's this troubling notion: Eight out of 10 existing Windows viruses will run on Windows 7, says Leonard.  Impressive forward-compatibility from the bad guys. For consumers, it means there's no time to be complacent.

11. URL shorteners

Services like bit.ly make sending links through Twitter and e-mail infinitely easier. Unfortunately, it also means criminals can turn obvious troublesome URLs, like https://RomanianDarkLords.Ro/$$$eBay.com into friendly-sounding links like http://bit.ly/5uuWwo.

That makes life easier for criminals, and harder for you, as it takes away one possible hint that a link is trouble.

Websense recently partnered with Bit.ly to help make the process safer. But you should stick with the old rule: Never click on a link you didn't expect, and always manually type URLs into your browser's address bar.

12. Gumblar

Last but not least, Landesman says the most troublesome development of 2009 could be the breakout security problem of 2010. The so-called Gumblar worm used an advanced technique to build a new kind of botnet. Rather than target thousands of home computers, Gumblar attacked Web hosts (Web sites) and turned them into "carriers."  The program managed to download a Web site's code, inject a hidden malicious program, then reload the now booby-trapped site.

Because Web sites act as a kind of hub online, they have the potential to spread a serious attack much more quickly. And 10,000 compromised Web sites are much harder to shut down than 10,000 compromised home computers, Landesman said.

Worse yet, a seriously successful Gumblar-style attack could undermine Web users' trust in the Internet. Sites that are one day safe and trustworthy may the next day be dangerous. That would severely hamper security systems that are based on "trusted" sites.

"When you have compromised sites acting as the host itself, the notion of good vs. bad is completely gone," Landesman said.  "Users will find that fewer and fewer sites that they can trust whatever trust they do have could be very fleeting."

Already, Gumblar-infected sites have transmitted code to visiting PCs that redirected all Google searches to pay-per-click Web sites, netting a tidy sum for creators.

Gumblar was declared a bigger problem than Conficker in May by Scansafe, and even though its network of compromised Web sites was eventually tamed during the year, Landesman is convinced that the technique will see many copycats.

"It's one of the attacks we are assured of seeing in large quantities in 2010," she said.

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

A lawsuit filed this week by Washington state against DirecTV could have a secondary purpose: It could serve as a textbook for consumers on tricks companies play to take their money.

The suit filed by Washington Attorney General Rob McKenna alleges so many forms of misbehavior that he thinks DirecTV, the nation's largest satellite TV provider, has "built deception into their business model." In an interview with msnbc.com, he also said that the firm has "left few deceptive tactics unused."

"It's amazing, the wide variety of ways they've taken advantage of their customers," he said.

---

Much of the case centers on alleged misleading advertisements, and on a series of pricey early termination fees the firm levies on customers.  For example: Aggressive marketing campaigns tout service for $29.99 per month, but leave less clear the two-year obligation attached to the deal,  or that the price almost doubles after the first year, the lawsuit says. After the first year, consumers face a Hobson's choice – either pay the higher price or cough up an early-termination fee of up to $480.

"It is what amounts to a bait-and-switch strategy," McKenna said. "They use a variety of lures to bring people in at prices the customer doesn't actually pay."

But that's just the tip of the iceberg in the complaint, which accuses DirecTV of 16 different causes of action.

Before filing the lawsuit on Monday, McKenna's office had received 375 consumer complaints about DirecTV this year -- more than any other company. Another 59 complaints arrived in the 24 hours after the lawsuit was filed, he said.

In a statement, DirecTV denied the accusations.

"We always strive to provide 100 percent customer satisfaction but, to put it in perspective, we are talking about less than one percent of our customer base in the entire state," it said. "The vast majority of our customers in Washington, and the U.S. for that matter, understand our lease agreement and are happy with our overall service.  We are disappointed that the state elected to file a lawsuit. We believe their allegations lack merit, and we are confident the court will agree with us."

McKenna said he'd been working with DirecTV for months in an attempt to avoid a court battle, and he was surprised DirecTV refused to change its business practices voluntarily.

Other state attorneys general are also considering suing DirecTV, he said, declining to identify them. Earlier this year, a group of 46 states settled a lawsuit with DirecTV competitor DISH Network. The firm was accused of automatically debiting consumers' accounts without their consent. The firm admitted no wrongdoing but agreed to change its business practices and refund $6 million to consumers.

"When we go after a company, it's because we have them dead to rights," McKenna said.  "Most companies just want to settle. ... If DirecTV wants to take on the states, that's their choice."

Here are a few of the other allegations from the complaint:

• DirecTV requires a 24-month commitment but offers only 12-months worth of discounts. Terms for the offer are spelled out in newspaper ads in 5.5 point-sized fonts, barely readable to the naked eye.
• The sales scripts used by telemarketers include nothing about the terms and conditions on the discount plan.
• To receive the $29 monthly price, consumers must use an automatic payment method.  Failure to do so adds $5 to the monthly bill.
• Customers who refuse a credit check or have bad credit face "hundreds of dollars" in extra fees.
• In order to get the promotional rate, some customers are required to file rebate forms. The rebate, which is applied as a deduction to monthly bills and spread out over many months, can be voided if a customer is late with a payment, bumping them up to a higher price. Also, some consumers complain that their rebates have been unfairly denied. And because rebates can take time to process, some customers say they were forced to pay a higher price during their first months of service.
• When consumers complain about defective equipment and the equipment is repaired, their service contract requirement is often renewed without their knowledge for another two years.
• Consumers report being signed up for a $5.99 monthly service maintenance plan they didn't want. When they cancel, they can be charged a $10 early termination fee.
• Consumers who are given "Free HBO" stations for a trial period are often rolled into a paid subscription without their express consent. 
• Consumers who buy a DirecTV unit at an electronics store like Best Buy have been unknowingly enrolled in a lease agreement.  Even thought the units are purchased like any other electronic equipment -- often for around $100 -- the consumers don't own them. If they fail to activate DirecTV service, they can face a $150 "activation failure" fee.  If they turn off the service early, they can face a $480 early-termination fee and must return the unit to DirecTV.

DirecTV's contract with consumers is "so one-sided as to grossly favor the defendants," McKenna said. That's assuming someone can find the contract terms.

But McKenna's office says all these conditions on DirecTV agreements never appear in a single place. Instead, using an approach called "layering," the terms and conditions can appear in various places: on store receipts, on order forms and on the company Web site.

"There's no single form with all the rules," he said.  "That's unfair to consumers."

DirecTV is already facing legal action from consumers on similar issues. A class action lawsuit filed in California earlier this year alleges that the company raids customer bank accounts to collect early termination fees without consumers' consent.  One of the plaintiffs, Mary Cox of Fontana, said a DirecTV customer service agent would only identify himself as "Ding-A-Ling" when she phoned to dispute an unauthorized $430 withdrawal from her account.

DirecTV faces challenges in the marketplace because its customer start-up costs are considerably higher than cable firms.  New satellite users must obtain a set-top box, a dish and expert installation. Without offering free installation, the firm would have trouble matching similar sign-up deals from competitors.  So the firm heavily subsidizes start-up equipment costs, and has adopted tactics similar to those used by cell phone carriers to ensure that its setup subsidies aren't wasted.

Despite such tactics, the firm is facing stiff competition for its 17 million subscribers. In its most recently reported quarter, DirecTV told investors that its losing customers at a "monthly churn rate of 1.72 percent."  The firm blamed aggressive competitor promotions and "stricter" retention policies that "tighten up our offers to existing customers."

Red Tape Wrestling Tips

If you feel you've been treated unfairly by DirecTV, contact your state attorney general immediately. If a case is filed in your state, those with complaints on file will be the first in line to receive restitution should the states prevail.

If you are considering DirecTV -- or any pay TV service -- read this complaint carefully. (PDF) All the pay TV services have conjured up complicated trial offers, tricky rebates and so on.  The DirecTV lawsuit is an excellent summation of the kinds of things to watch for.

Discount trial offers -- say, $29.99 service for 12 months -- are excellent, but know when you sign up that you are playing a game. It critical to remember when you signed up, so you can switch services or ask for another discount before the higher rate kicks in. One idea: Put a small sticky note on your cable or satellite box with your discount end date, so you don't forget. And of course, always ask about early termination fees.

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

When you open a bag of potato chips, a box of pasta or many other supermarket products, you probably notice that many companies are selling you a lot of air.  Bags of chips, for example, can be half empty.  Earlier this month, Consumer Reports caused a stir by calling out firms for selling products with "air to spare." Most responded by claiming that what's called "slack-fill" in the industry is necessary to ship, store and preserve products.

Are you buying that? Edgar Dworsky, a longtime consumer advocate and former Massachusetts state assistant attorney general, sure isn't.

While it's clear some extra space is needed to cushion potato chips or to allow proper seals, Dworsky said it's impossible to separate the slack-fill issue from another topic that's near and dear to his heart -- hidden product downsizing.

---

On his Web site, Mouseprint.org, Dworsky has chronicled dozens of products that have mysteriously lost volume. In recent months, he showed containers of Haagen Dazs ice cream that shrank from the 16 ounces of a pint to 14 ounces; Bounty paper towels that dropped from 138 sheets per roll to 128 sheets; Purina dog food that slipped from 20 pounds to 18 pounds; and Kleenex tissues that shrank from 8.4 inches to 8.2 inches.

In each case, the product container appeared, to the naked eye, to be the same size.

It's no wonder consumers are skeptical of claims that air-filled chip bags are really for their own good, he said.

"The problems are cousins," Dworsky said. "It's really the same problem, isn't it? Making something look like more than it is?"

While he says slack-fill has been an issue for at least two decades, he recently renewed efforts to study it – including one recent column that he illustrated with a picture of a fat-free grated cheese bottle under intense backlighting to reveal empty space.

"It's like you need X-ray vision to see these things," he said.

Dworsky, who's best known for his continuing fight to keep price tags on supermarket products in Massachusetts, carefully tracks supermarket product sizes. He's seen companies use the same technique over and over - slowly shrinking their products,  then reintroducing the larger size with a fancy new name like "family size."

Dworsky said he has in his collection a Lays potato chip "family size" bag dated December 2008 that weighed 16 ounces, and another from earlier this year, still emblazoned with the "family size" tag, that tipped the scale at 14 ounces.

In each case, the products were properly labeled by weight, which is the most important criteria consumers should notice.  But his problem with product downsizing is that it's nearly impossible for consumers to grasp how much they are being shortchanged.

"You have to have a memory of what the product weighed before, the last time you bought it. And that's almost impossible," he said. "People tend to have very poor visual memories ... and the problem with downsized items is they kind of look the same."

The incredible shrinking package
Todd Marks, who ran the "air to spare" research for Consumer Reports, has his own name for this phenomenon. He calls it "the incredible shrinking package."

"Chocolate bars that were 8 ounces became 6, then 5. And as the bar shrinks, the firms use hyperbole like 'giant size' on the product to distract consumers," he said.

Time after time, companies explain that shrinking the size of products helps them contain costs, and they often claim consumers would rather get 29 ounces of mayonnaise in a "quart-sized" jar than suffer a price increase.  Marks, however, said shoppers told Consumer Reports in a recent survey that just the opposite -- they'd rather products stay the same size.

And that brings us back to slack-fill and air to spare.

There are plenty of legitimate reasons why cereal boxes and vitamin bottles aren't jammed-packed with product. Here are a few:

*Companies use the same size containers to sell different-sized products and thereby save money on packaging costs

*Some companies always leave room for free offers, like "25 percent more."

*Some package sizes fit better on store shelves than others

*Added space helps air circulate, preserving freshness. Or, with coffee beans, it helps oxygen escape and allows C02 to act as preservative.

However, it only takes a week in a marketing class to learn that perceptions and emotions play a large part in consumer choices.  If two products on a shelf next to each other are the same price, shoppers will almost always buy the one in the larger box, assuming it's the better value.

Meanwhile, despite all of these shrinking packages and hot air, federal regulators appear to be asleep at the wheel. The law designed to protect consumers from misleading packaging, the Fair Packaging and Labeling Act, is essentially unenforced. There hasn't been a case brought in five years.

So it is no surprise that consumers feel they are being cheated by air-filled products. Where once product sizes were simple and obvious -- a quart, a pint, a half-pound -- now, 5.2 ounce boxes have become the norm.  Given this track record, the burden should fall on companies to prove that they aren't being deceptive.

"We live in a society where everybody is very cynical and for good reason," Marks said. "We see package sizes shrinking before our eyes in very misleading fashion. ... It's trickery, a shell game.  They are obfuscating, resorting to techniques that are less than candid."

What's the solution?  Dworsky has one, though he's pretty sure no company wants to hear it.

"Put, 'Look, new smaller size,' right there on the front of the package in one of those starbursts. How about not hiding what you're doing?" he said. "But it will never happen."

RED TAPE WRESTLING TIPS
Only one: Ignore the package and zoom right in on the product net weight or volume.  Compare unit prices (price per pound, per quart, etc.) provided on store shelves. That's the only way to compare apples to apples, cereal to cereal and one bag of potato chips with another.

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

Not every eBay.com auction listing offers something concrete for sale.  A new kind of listing that's appeared on the Web site seems be selling only Christmas hope.

Nestled in among the Holiday-themed eBay listings for items like Razor Scooters, Transformers and Webkinz, you'll find listings that ask users to buy Christmas presents for a stranger's children.

Perhaps it's a sign of the times, the predictable consequence of a nasty recession and the proliferation of technology. But eBay.com is now teeming with such auctions.

"Donate for holidays to family of 4 in need," said one listing viewed by msnbc.com on Wednesday, one of several dozen similar auctions easily found.

---

Parents who use eBay.com at Christmas are generally engaged in a frantic search for this year's Beanie Baby or Tickle Me Elmo doll, but these families say they are scrambling to give their kids anything at all this holiday season.

"Our family is in need of some help this holiday. With both parents out of work and back in school, our kids may not have a Christmas this year," writes Bridget Newberry, a 28-year-old mother of two from Lawrenceburg, Ky.  The photo on the listing shows Bridget and her husband, Alan Rice, with their two children. "I will send you a hand-written thank you note for any donation, as long as you include your address & name. Thank you and God bless you."

Another "item" for sale came from a poster who said she is a single mother of two.

"I am a single mom with a 9-year-old girl and a 4-year-old boy. I work part time at a gas station and I don't get much for help. I usually plan everything ahead but this year has not left me with many options. My car broke down 4 weeks ago and the repairs are quite high," she writes. The ad includes a picture of a humbly decorated Christmas tree."Please contact me if you are willing to donate a present for my kids. If you do not have time, I made a 'buy it now' in another auction for presents. I would love to see them have a nice Christmas."

And still another from a man who's asking for help in Chico, Calif., under the listing: "Help make Christmas Possible for two Children."

"Single dad raising two children. Just spent all our money to get an apartment. We are asking for a little help to make Christmas possible this year for my two children. I don't work right now. My son was born premature with chronic lung disease and requires 24/7 care. We are asking for donations. Anything is appreciated.  Thank you."

Because eBay's system requires that something is listed for sale on every auction, many listings offer worthless electronic books or other digital items for sale at 1 cent or 99 cents, but encourage higher bids.

Others include more obvious listings for items the children want as gifts.

The ads have spurred a debate among eBay users that echoes the discussions you'll hear about real-world panhandling.

"eBay is a marketplace … not a place for someone to put up pictures of their family ... and BEG for money," said one experienced eBay power seller who thinks "eBay panhandling" is bad for the site.  She complained that eBay had not removed the auctions when she notified the firm about them.  "It just cheapens the marketplace when such things are allowed to occur and takes away from some really good charity auctions that are sanctioned and within eBay guidelines."

Most of the "Christmas donation" auctions contain a smattering of critical comments from other eBay users, telling posters that they should look to local charities for help. And there's no way to verify the authenticity of a person who lists such an auction -- scammers could easily post fake pictures and manufactured tales of woe.

Terms of service violation

The ads, meanwhile, appear to run afoul of more mundane concerns: eBay's terms of service, according to the firm.

"eBay does not allow listings that have no item or service for sale," the company said in a statement to msnbc.com.  "Additionally, while we do allow listings that will benefit a charity, sellers must be soliciting on behalf of recognized, tax-deductible charitable organization."

The firm also recommends that eBay users donate to recognized charities rather than individual eBay listers.

The eBay phenomenon appears to parallel another more direct form of cyberbegging. Numerous sites like CyberBeg.com and DonateMoney2Me.com allow users to post their stories and ask for help via PayPal. But those sites don't attract nearly the audience that eBay does.

Newberry, a long-time eBay user, said she got the idea for her ad when she sorted all eBay auctions by lowest price, looking for inexpensive holiday presents.  When she did, she found many other families listing items for $0.01 so they could be found easily by people looking for bargains.

"So I figured it was worth a try," she said.

Both Newberry and her husband are currently in school, she said -- he's studying fire science to become a firefighter while she is studying clerical and computer skills so she can get an office job. Newberry said she had worked at a nearby factory, while her husband washed dishes in a restaurant, but both lost their jobs in the past 15 months.  They moved last year from their apartment into a relative's basement apartment, she said.

"It's a really hard time, but that's life," she said.

Neither child "had much of a birthday," but Newberry is holding out hope for a better Christmas. Her daughter wants an iPod, but Newberry said she wouldn't oblige even if she had the money.  A giant stuffed horse they saw recently at a store is a more likely gift.

"But it's $50. Fifty dollars for a stuffed horse?  Incredible," she said.

Like many young boys, her son wants Bakugan Battle Brawlers accessories -- so he can play the card/action figure game based on a Japanese cartoon show with friends.

But right now both gifts appear out of reach, she said. And her online pleas seem to be a dead end.  So far, she hasn't gotten a penny from her eBay donation request.

"All that's happened is I'm out the 65 cent listing fee," she said.

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

Times are tough -- even for cybercriminals.  Online merchants in the U.S. and Canada report a dramatic 18 percent drop in fraud, down from $4 billion in 2008 to $3.3 billion this year, according to a survey by the security firm CyberSource. Meanwhile, the fraud rate of 1.2 percent of all sales is the lowest in the 11-year history of the survey. Even among international orders, traditionally the bane of Web sites, fraud rates plummeted by 50 percent.

The news comes just in time for Web shoppers who are pulling out their credit cards and wondering about the safety and security of online holiday gift shopping.

"We were surprised," said Doug Schwegman, CyberSource's director of market and customer intelligence. "Internally people were thinking that with the recession, fraud would go up, that there would be more people out there with technical skills who needed to put food on the table. But it looks like the merchants stepped up to the plate and got their act together."

---

Schwegman said the recession may actually have helped Web site fraud departments in two ways:  prompting online firms to implement tighter fraud controls to chase down every dollar during the tough economy and giving computer security professionals at these Web sites a chance to catch their breath.

"They've been dealing with double-digit growth for years and when the market slowed down they were able to catch up a little bit," he said.

But new technologies undoubtedly contributed to the fight against fraud.  This year, a relatively new technique called device fingerprinting, which can make life very difficult for would-be credit card thieves, took hold in the marketplace.

Device fingerprinting goes far beyond cookies and IP addresses to identify users, employing software to examine a variety of unique identifiers on computers used to order products. These range from the version of Flash software stored on a computer to the time and date stamp of the installed Web browser and the version of BIOS used inside the machine.  Combining these characteristics, the software can positively identify computers with accident rates as low as one in 1 million, Schwegman said.

The technique is chiefly used to identify criminals who are placing numerous orders with multiple credit cards using a single computer. Traditionally, criminals could use proxy servers or other evasive techniques to place multiple fraud orders when using a cache of stolen cards. Now, it's relatively easy for Web sites to spot multiple orders coming from the same machine.

Other anti-fraud techniques are common too, including geo-location, which uses IP address to determine a customer's location (used by 52 percent of large merchants); telephone number reverse look-up (33 percent); and shared "negative  lists" of attempted frauds among merchants (23 percent).

Despite the apparent success, there's little cause for celebration, Schwegman warned.  This year's cybercrime dip could be an anomaly.

"It's kind of an arms race. It could be things will bounce back next year (for criminals)," he said.

And there is another more discouraging explanation for lower e-commerce fraud rates: Serious computer criminals have moved beyond basic credit card fraud to more sophisticated account creation fraud that allows them to steal money directly from banks.  So-called "new account fraud is not counted in the CyberSource survey, Schwegman said.

Kevin Haley, director at Symantec Security Response, said this migration could explain why merchant fraud was down but overall cybercrime activity spiked, according to Symantec research. Clearly, he said, cybercriminals haven't gone away.

"In general we're seeing 2009 as a pretty bad year from a security standpoint," he said. "Record levels of spam, a nine fold increase in malware sent through e-mail.  The rises we saw in the things we track are astronomical."

The price of stolen credit cards in the underground economy was flat, however, supporting CyberSource's research that that Web site fraud is no longer the sexy part of cybercrime.

And there's more sobering news -- fraud rates remain abysmal among online electronics, Schwegman said.  Electronics sellers still turn down one order of every 18 they receive, the CyberSource survey found, a rate that's consistent with past years and double that of other merchants. Turning away fraud is good, of course.  But with high order rejection rates, there’s always some babies thrown out with the bath water – the more rejections, the more legitimate orders and the more lost sales.

Meanwhile, heavy losses also hurt consumers, in two ways: through higher prices and more hassles at the checkout counter.  When a site suffers fraud, it conducts more "manual reviews" of orders, which can slow down the purchasing process. Consumers who wish to buy Christmas gifts and have them shipped to the recipient can find they face far more questions when the shipping address and credit card billing address don't match.

Still, despite the caveats, the drop in overall fraud is meaningful, Schwegman said.

"The fraud rate was stable for so long, and we are very careful with the methodology, so we think it's significant," he said.  "This isn't a battle that can ever be won outright. But we're certainly going to make life difficult for the bad guys."

The CyberSource survey involves both customers and non-customers of CyberSource security products; it involved 352 responses from Web sites representing more than $60 billion in annual online sales, and was conducted by Mindwave Research.

RED TAPE WRESTLING TIPS
Consumers shopping online for the holidays should be heartened by survey results, as it appears online Web sites are gaining ground on criminals. If it becomes harder to use stolen credit cards, criminals will steal them less often.

But that doesn't mean shoppers don't have to be vigilant. The security gap between well-known, large e-commerce sites and niche sites continues to widen. So those surfing and buying at smaller Web sites should consider using old-fashioned purchasing tools, Schwegman said.

"If I'm shopping for a unique gift at a smaller site, that's when I would tend to use more secure payment methods, or maybe even place the order over the phone," he said.

Symantec's Haley pointed out that, despite years of work battling the problem, phishing remains the number one threat to consumers during the holiday season. The frequency of e-mails from retailers offering consumers receipts or shipping status updates creates a fertile ground for hackers to send fake e-mails soliciting personal information.

"We'll see things around the Christmas seasons, like e-mails that claim to be from a department store they may really be doing business with," he said. "Users can be tricked to click on a link and give up their credentials. People should be more wary of that kind of attack during this season."

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

Noisy neighbors, traffic jams, and long checkout lines would find their way onto anyone's list of daily irritations.  But when it comes to really raising people's blood pressure, nothing can compete with hidden fees, according to a new survey by Consumer Reports.  In fact, companies taking money in sneaky ways was rated more than twice as annoying as another classic irritant: inaccurate weather reports.

Corporate misbehavior apparently smells so bad to consumers that hidden fees even far outpaced unscooped dog poop.

Negative interactions with companies dominated the rankings – which should be no surprise to regular Red Tape readers.  "Not getting a human on the phone" ranked second (Visit GetHuman.com for help with that), and "incomprehensible bills," cracked the top five.

"We were surprised by that. I guess that the Al Rokers of the world are safe," said Mark Kotkin, director of survey research at Consumer Reports. "But a lot of the electronics industries and financial industries were hit pretty hard, at least the billing part of those companies."

---

Rounding out the top five were two driving-related gripes: tailgating and cell phone use by drivers.

The survey was conducted in September and results are published in the January issue of Consumer Reports. The magazine asked a random sample of 1,125 Americans to score 21 gripes on a 1-to-10 scale, 1 meaning an experience “does not annoy you at all” and 10 meaning it “annoys you tremendously.”

Of course, the survey was slightly tongue-in-cheek and not comprehensive. Just a few of the choices that were missing from the list:

 

• The White House party crashers
• Britney Spears
• Ex-girlfriend Facebook friend recommendations
• Christmas music in November

 

(You can add yours below)

But it's still telling that hidden fees and customer service frustrations prevailed by such a wide margin, considering the competition that was on the list.  It included: Waiting for repair people (9th), Very slow drivers (12th), and poor airline service (16th).

Several technology-related irritants were also included: unreliable Internet service (7th), Spam (10th), and passwords and PINs (20th).

(To see the full chart, visit Consumer Reports)

Women, older adults more irritated
Perhaps a mere statistical curiosity, but the survey appears to confirm a few stereotypes about gripers: Women and adults over 50 were more prone to irritation.  In particular, women took more offense than men to items like speeding drivers and products that shrink but cost the same, while older adults expressed plenty of techno-frustration about passwords and cell phone usage.

Kotkin said the list of choices was intentionally designed to exclude family issues and employment issues (such as gossipy co-workers), in an effort to make the survey more relevant to consumer issues.

While the survey was conducted partly for pure entertainment value ("it was something lighter and fun. Fun is not normally part of Consumer Reports," Kotkin said) companies could take the results to heart.  The second-biggest gripe, inability to get human help, could be easily solved by hiring more staff, he said.  Firms looking for an edge during tough economic times could easily endear themselves to shoppers through improved service.

Consumers can learn something, too, he said.

"There are some things you can control by going to the right vendor, like bad cell phone service or spam," he said.  "People do have choices."

Do you agree with hidden fees as top irritant?  What's missing from the list? Tell us below.

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

Facebook is about to begin a major overhaul of its privacy structure, the company said in an announcement posted on the service Tuesday night.

The firm said it will be eliminating the familiar regional networks that often govern which users can and can't see content posted on the site.  Instead, the new model will be simpler, allowing users to grant permission to browse personal photos and entries based on three tiers -- friends, friends of your friends, or everyone.

---

Facebook, which initially grew out of groups defined by college boundaries, has long outgrown that model, the firm said.

"Some of these regional networks now have millions of members and we've concluded that this is no longer the best way for you to control your privacy," said Facebook's founder Mark Zuckerberg in a post published Tuesday evening. "Almost 50 percent of all Facebook users are members of regional networks, so this is an important issue for us. If we can build a better system, then more than 100 million people will have even more control of their information."

Zuckerberg said the firm will also be adding more precise tools for controlling privacy settings. Rather than depending exclusively on generic settings, users will be able to set privacy restrictions on individuals photos and posts.

The firm will remind users to check their privacy settings to make sure there are no unintended consequences from the change. The biggest concern would be the removal of restrictions on some content that might make it available to users who until this point could not see it -- such as photos of college friends suddenly becoming visible to work colleagues.

"We've worked hard to build controls that we think will be better for you, but we also understand that everyone's needs are different. We'll suggest settings for you based on your current level of privacy, but the best way for you to find the right settings is to read through all your options and customize them for yourself," Zuckerberg wrote.

 

Become a Red Tape Chronicles Facebook fan and follow RedTapeChron on Twitter.

Laptop computers examined by border guards looking for pirated software. iPods seized at airport security lines on mere suspicion of containing illegally downloaded music.  Home Web users hit with the Internet death penalty -- cut off from access -- by Internet providers acting at the direction of other U.S. corporations.  All because of secret trade negotiations being conducted now by dozens of nations, led by U.S. officials.

That's the doomsday scenario being painted by online civil liberties advocates who say they've been shut out of discussions that could radically alter the way consumers use technology. Supported by firms that want to protect their intellectual property rights to movies, music, books and software, the talks are designed to create an international agreement that would make stopping and prosecuting offenders much easier.

But among the most likely outcomes, warns Rashmi Rangnath of advocacy group "Public Knowledge," is a new legal regime that requires Internet service providers to become an extension of law enforcement, acting as judge and jury while punishing alleged digital pirates.

"You would have Internet providers substituting their own decisions for law enforcement decisions," she said.  "The result will be an agreement ... that pushes the boundaries of what (Internet users) can't do."

---

Secret negotiations on what's known as the Anti-Counterfeiting Trade Agreement, or ACTA, began during the Bush administration but continue under President Obama, with the most recent meeting taking place Nov. 4-6 in Seoul, South Korea. The European Union and Canada, Japan and many other nations are participating in the talks. The U.S. Trade Representative's office, which is leading the talks for the U.S., has argued that secrecy is standard in any international negotiation.

Legally, the Obama administration can conduct the talks without consulting Congress. While international treaties require congressional approval, trade agreements can be approved directly by the White House.

Advocacy groups are hardly alone in their concerns with the talks. Controversy around ACTA began to swell last year, when a draft proposal was leaked on the Internet. It included several controversial provisions, including the possibility of a "three strikes" rule modeled after French law, which requires ISPs to cut off Net users found to be engaging in copyright-infringing activities three times.

The steady drumbeat of opposition to the process reached the U.S. Senate last week, when Sens. Sherrod Brown, D-Ohio, and Bernard Sanders, I-Vt., issued a statement urging Obama to open up the process.

"The public has a right to monitor and express informed views on proposals of such magnitude," the two senators wrote in a letter to the president. "We firmly believe that the public has a right to know the contents of the proposals being considered under ACTA, just as they have the right to read the text of bills pending before Congress."

While efforts to enhance intellectual property law enforcement are supported by many large firms in the music, software and video industries, corporations are not unanimous in their support.  On Monday, a trade group for European Internet Service Providers issued perhaps the most vocal repudiation yet of the negotiations. EuroISPA issued a statement (PDF) indicating its concern that the dramatic enforcement measures being considered would attack civil liberties without denting piracy much.

"Such heavy-handed measures would create a serious danger of undermining and restricting the open innovative space that lies at the very heart of the Internet's success," said the statement, signed by EuroISPA's president, Malcolm Hutty. "This agreement would have a negative impact on Internet users without having an appreciable impact on fighting illicit use of copyrighted material."

Experts consulted, sworn to secrecy
Earlier this year, the U.S. Trade Representative made efforts to open up the process, releasing some meeting notes and inviting a small group of U.S. experts to see the proposed new rules and offer commentary.

But underscoring the secrecy of the discussion, the experts were forced to sign a non-disclosure agreement. Then, the U.S.T.R. refused requests to reveal the identities of the participants, saying that releasing the names would compromise national security. The list was released only after a Freedom of Information Request filed by advocacy group Knowledge Ecology International.

The vast majority of participants in the review represented large corporations such as Google and News Corp., or corporate interest groups like the International Intellectual Property Alliance. Six participants represented civil liberties interests were also invited.

Rangnath and her Public Knowledge colleague Sherwin Siy were two of the six. In an interview with msnbc.com, they were severely limited in their ability to answer questions. Rangnath said she was shown a portion of the draft agreement during a one-hour meeting with U.S. officials, but wasn't allowed to copy any of the documents and was told a subsequent version would likely differ from what she was shown.

Asked if the experience made her more or less concerned about the implications of the agreement, she said only, "I don't think I can answer that."

Web users could be cut off
While Siy said some doomsday concerns, such as manual border searches of laptop computers and MP3 players, were likely impractical, Internet death penalties were a real possibility. U.S. law currently offers broad protection for Internet providers when illegal activity occurs on their networks outside their knowledge.  But an international agreement could lead to additional "third-party" liability for companies that handle Web traffic.  The mere threat of increased liability from such a trade agreement could be enough to have a severe chilling effect on Internet users, he said.

"An ISP coming under real legal pressure, a change that makes it easier for someone to plausibly sue (an ISP) for billions of dollars ... what risk-averse company is going to risk a 2 percent chance of a $100 billion suit?" he said.  Instead, ISPs would readily side with rights holders over users, he said.

There is already disturbing precedent for blunt use of copyright enforcement tools, he said, with outcomes that should give negotiators pause.  Just last month, an entire Ohio city's free municipal WiFi was shut down after Sony Pictures complained that the network was used by someone to download a pirated movie.

It's unclear if such enforcement would be continued, or enhanced, by ACTA, because so little is known about the content of the draft agreement.  But based on the leaked document, Kimberlee G. Weatherall, a professor at the University of Queensland in Australia, issued a paper last year summing up the provisions (PDF).

Among the possibilities she inferred from the leaked document:

1. An extension of criminal liability by redefining what counts as copyright infringement on a "commercial scale." Most nations' laws treat possessors of pirated goods differently than those who pirate for profit.  A broader definition could land more consumers in criminal, rather than civil, courts.
2. The imposition of "deterrent-level" penalties, which could ratchet-up punishments.
3. Provisions in the agreement that would require ISPs in to actively police copyright infringement on their services
4. Additional burdens on ISPs, such as use of filters that would prevent sharing of copyright-protected materials.
5. Possible seizure and destruction of intellectual property rights "infringing goods" such as tools to mass-produce movie DVDs.  This section, she writes, has given rise to fear that border guards will have the authority to seize and destroy laptops and iPods.

Weatherall writes that inclusion of such measures in the agreement could effectively create new laws outside of member nations' legislative processes, she said.

"Such provisions have not been enacted internationally, they do not represent a consensus approach; they have been actively opposed in many countries," she wrote. "This would, in fact, be lawmaking by treaty-making."

Siy and Rangnath said the U.S.T.R.'s office assured them that nothing in the agreement will go beyond powers already afforded to authorities and it won't "change U.S. law."  But the vagaries that already exist in provisions like the Digital Millennium Copyright Act -- thorny issues involving emerging new technologies that are constantly being decided by U.S. courts -- could mean ACTA would end up extending U.S. law anyway. Worse, future changes to digital U.S. law might not be possible without consulting nations that sign the ACTA.

International agreements are also poor tools for enforcing copyright law, which requires a great deal of "finesse," Siy argued. For example, possessing child pornography is illegal. But possessing an electronic copy of a movie, song or book is often legal – its use determines its legal status. While a second copy of a book for personal use might be allowed, for instance, a second copy e-mailed to a friend might not.

So far, intellectual property rights holders and U.S. courts have yet to demonstrate the ability to consistently employ such finesse, he said.  International agreements governing such situations would likely exacerbate the problem.  That's why all interested parties should be able to debate potential impact of ACTA in the open, Siy said.

"Nuances with internet infringement should be taken into account as we try apply copyright laws," he said.  "That's why transparency is goal number one here, but it's not the final goal. We want to roll up our sleeves and get into the muck of dealing with this. That's the important work."