"Total Checking." "Value Checking." "MyAccess Checking." What do they all have in common?   The word "free" is missing from the name.

You are likely painfully aware that big banks like Chase, Wells Fargo, and Bank of America have ended no-strings-attached free checking accounts.  But if you had any questions about how restrictive -- or expensive -- those strings can be, consider Chase bank. Scarcely two years ago, we marveled at banks’ efforts to inch fees up to $3 per withdrawal. Chase bank is now test-piloting $5-per-withdrawal fees for non-customers in Illinois. That's in addition to fees the consumers' bank charges. Soon it may cost $10 to grab $20 in a pinch.

Once upon a time, consumers could expect to earn money by leaving their cash sitting in a bank.  Today, consumers must worry about their bank slowly bleeding money out of the account. The change is happening swiftly. Chase says it's converted around 8 million free accounts -- many former customers of Washington Mutual -- into "follow-our-rules-or-pay-up-to-$144-annually" accounts.

It costs banks about $300 apiece annually to offer checking accounts, according to a recent study by Bretton-Woods. They used to recoup these costs by helping themselves to some $30 billion worth of overdraft fees from consumers. But now that the cash cow has been largely eliminated by new consumer regulations, banks are trying out new techniques to recoup this lost revenue.

Just how far will banks be able to push fee-weary consumers?  That's unclear.  Earlier this month, Bankrate.com released a survey showing 75 percent of consumers earning $75,000 or more would rather switch banks than pay higher fees.  Overall, 64 percent of customers said they'd bolt.

That ire may not translate into action, however, and banks know it.  A J.D. Power study released on March 1 found that, while consumers are switching banks at a slightly higher rate than in the past (8.7 percent last year, compared to 7.7 percent a year earlier), fees and interest rates have almost nothing to do with their choices.  "Pricing" impacted only 4 percent of consumers, the study found.

This would not be a surprise to behavioral economists.  Consumers almost never consider fees -- particularly punitive fees like overdrafts or "your balance fell below $1,000" charges -- when making purchase decisions.  Nearly everyone suffers from what's sometimes called "magical thinking" -- as in, "I'll never misbehave and get hit by that fee."

It's the shallow things that matter
So what do people consider when switching banks? Big, impressive buildings and billboards seemed to matter most, the survey found.  Here’s the depressing quote from the JD Power press release:

"For customers evaluating and ultimately selecting a new bank, the most important factors driving their decision are advertising; branch convenience; products and services; promotional offers; and direct and indirect customer experience," it said.  

That means you can expect higher fees, more buildings and more kooky ads from banks. 

There was one positive note in the J.D. Power research.  There is evidence consumers do have their limits.  About 17 percent of consumers who switched banks said high fees or low interest motivated the breakup.

Banks argue that it's not fair to say free checking has disappeared.  OK.  Let’s just say NSA relationships with big banks are dead, replaced It's by accounts wrapped in red tape.  And remember, many of these rules can change at any time.  So here's five Red Tape Traps you’ll find along the way to a free checking account.

1) Soaring ATM fees
We've already mentioned Chase's $5 experiment. Plenty of folks now pay $6 or $7 per withdrawal, when the ATM machine fee is added to their own bank's fee.  These fees are perhaps the best example of magical thinking at work.  Most folks think they'll be good about walking the extra block to access cash at their bank's ATM. But when there's a screaming kid in a stroller or an impatient date on the arm, you're likely to just pay the fee.  Even one so-called "foreign" ATM transaction with a $5 hit every month costs $60 annually. Be realistic: If your bank charges for such transactions, you should just budget $100 annually for ATM service.   But a much better choice is to find a bank that doesn't charge you.  For those ATM emergencies, you'll at least cut your ATM fees in half, and some banks -- USAA Federal Savings Bank, for example -- refund the ATM bank’s fees.  There's no law preventing you from getting a secondary checking account with a new institution that you use primarily for accessing cash on the fly.  I recommend this kind of "allowance" account structure in Stop Getting Ripped Off.

A few other creative efforts can cut your ATM fees. Get cash back when you shop at grocery stores with your debit card, although that's not my favorite way to use debit.  Better yet: Find fee-free ATMs. They're out there.  The WaWa convenience store chain offers them, and it recently performed its one billionth fee-free cash withdrawal.

What it costs: Two “foreign” withdrawals per month -- $120

2) Keeping your minimum balance
Most account holders are familiar with the idea that they might have to do something -- maintain a minimum balance or direct deposit their paychecks -- in order to keep some level of service.

But now, a single slip-up, such as a flurry of cashed checks that sink your balance to $998.43 for one afternoon, can be costly. With fees of $12 or more, the experience is not unlike getting hit with an overdraft.  The same advice you followed to prevent overdrafts applies here. Some banks let you link your savings and checking accounts to make sure you don't dip below that minimum.  Sign up for text message alerts so you can get early notification of a dangerously low balance, and log on to online banking to check your balance often. Stagger your regular payments so they hit after your paychecks. 

The biggest Red Tape Trap of all, however, is the dreaded movable minimum balance. Consumers who once enjoyed fee waivers for keeping $500 in an account can see that minimum raised to $750 or $1,000. It's easy to miss a warning letter from the bank, and end up with one or two months of $12 fees.  The clearest hint a balance change is coming is an account name change (see below).

What it costs: Two slip-ups -- $24

3) Overdraft fee marketing
The voracious overdraft fee animal isn't gone, it's just been put back in its cage. Until recently, consumers could incur $35 overdraft fees by making small purchases with their debit cards.  Today, those transactions are simply declined by the bank, or approved without the fee -- unless the bank has received explicit opt-in permission from the account holder. Banks have driven hard to trick consumers into giving up this permission, which is inappropriate for the vast amount of consumers. They've given it pleasing sounding names like "courtesy pay," "Buffer Zone," or "debit card advance,"  and plastered bank windows with pictures of smiling, attractive men and women who say they are relieved to have this peace of mind.  If you've been tricked into signing up for overdraft protection, un-sign up immediately.

What it costs: Two overdrafts -- $70

4) The name has changed

WaMu visitors to Chase.com are face with irony in the site's title bar.

The surest sign a new fee or restriction is coming is a name change -- either the name of your bank has changed because of an acquisition (like Washington Mutual becoming Chase) or the name of your account has been changed. Former Washington Mutual customers have seen their account names changed from “WaMu Free Checking” to “Chase Free Extra Checking” to “Chase Total Checking,” which is totally more expensive than free. Ironically, a Google search for Washington Mutual still sends consumers to a Web page at Chase.com with the title "WaMu.com, home of WaMu Free Checking, is now Chase."

Chase customers can avoid checking fees through a variety of methods -- maintaining a minimum daily balance, a high average balance, making at least one large direct deposit, or by paying a bunch of other fees. 

The amounts required -- at least one $500 deposit -- aren't Draconian, but the rules mean consumers have a lot of new things to keep track of. They will slip up, and pay. And of course, the rules can and will change.  Beware the notice that you've just been upgraded to "Complete Awesome Checking" or “Value Asset Acquisition Checking." You almost certainly are about to be hit with a new fee or rule.

What it costs: Two mistakes -- $24

5) The hidden cost of no interest
Of course, requiring a minimum balance of $1,500 or so is itself a fee. That's money you could park in a high-yielding money market account earning interest.  Even a 1 percent interest rate would get you a smidge more than $15 on your $1,500, so that kind of minimum requirement amounts to a $15 annual fee.

What it costs: Missed interest -- $15

TOTAL TRAP COST: $253 annually.

This entire column has been a not-so-subtle suggestion that you consider banking alternatives.  Online banks like ING Direct offer higher interest and fewer fees.   Credit unions and small banks still offer really free checking. In fact, BankRate.com just released a survey showing 38 of the 50 largest credit unions have free checking with no strings attached, and about half of them don't even require a minimum balance. Their ATM fees are, on average, half of traditional bank fees and one-quarter of the large credit unions charge no ATM fees at all.  

That means there's no reason not to open a credit union account, even if it merely serves as a secondary checking account.

Click here to follow Bob Sullivan on Facebook.

"Total Checking." "Value Checking." "MyAccess Checking." What do they all have in common? The word "free" is missing from the name.

You are likely painfully aware that big banks like Chase, Wells Fargo, and Bank of America have ended no-strings-attached free checking accounts.  But if you had any questions about how restrictive -- or expensive -- those strings can be, consider Chase bank. Scarcely two years ago, we marveled at banks' efforts to inch fees up to $3 per withdrawal. Chase bank is now test-piloting $5-per-withdrawal fees for non-customers in Illinois. That's in addition to fees the consumers' bank charges. Soon it may cost $10 to grab $20 in a pinch.

Once upon a time, consumers could expect to earn money by leaving their cash sitting in a bank.  Today, consumers must worry about their bank slowly bleeding money out of the account. The change is happening swiftly. Chase says it's converted around 8 million free accounts -- many former customers of Washington Mutual -- into "follow-our-rules-or-pay-up-to-$144-annually" accounts.

It costs banks about $300 apiece annually to offer checking accounts, according to a recent study by Bretton-Woods. They used to recoup these costs by helping themselves to some $30 billion worth of overdraft fees from consumers. But now that the cash cow has been largely eliminated by new consumer regulations, banks are trying out new techniques to recoup this lost revenue.

Just how far will banks be able to push fee-weary consumers?  That's unclear.  Earlier this month, Bankrate.com released a survey showing 75 percent of consumers earning $75,000 or more would rather switch banks than pay higher fees.  Overall, 64 percent of customers said they'd bolt.

That ire may not translate into action, however, and banks know it.  A J.D. Power study released on March 1 found that, while consumers are switching banks at a slightly higher rate than in the past (8.7 percent last year, compared to 7.7 percent a year earlier), fees and interest rates have almost nothing to do with their choices.  "Pricing" impacted only 4 percent of consumers, the study found.

This would not be a surprise to behavioral economists.  Consumers almost never consider fees -- particularly punitive fees like overdrafts or "your balance fell below $1,000" charges -- when making purchase decisions.  Nearly everyone suffers from what's sometimes called "magical thinking" -- as in, "I'll never misbehave and get hit by that fee."

It's the shallow things that matter
So what do people consider when switching banks? Big, impressive buildings and billboards seemed to matter most, the survey found.  Here's the depressing quote from the JD Power press release:

"For customers evaluating and ultimately selecting a new bank, the most important factors driving their decision are advertising; branch convenience; products and services; promotional offers; and direct and indirect customer experience," it said.  

That means you can expect higher fees, more buildings and more kooky ads from banks. 

There was one positive note in the J.D. Power research.  There is evidence consumers do have their limits.  About 17 percent of consumers who switched banks said high fees or low interest motivated the breakup.

Banks argue that it's not fair to say free checking has disappeared.  OK.  Let's just say NSA relationships with big banks are dead, replaced It's by accounts wrapped in red tape.  And remember, many of these rules can change at any time.  So here's five Red Tape Traps you'll find along the way to a free checking account.

1) Soaring ATM fees
We've already mentioned Chase's $5 experiment. Plenty of folks now pay $6 or $7 per withdrawal, when the ATM machine fee is added to their own bank's fee.  These fees are perhaps the best example of magical thinking at work.  Most folks think they'll be good about walking the extra block to access cash at their bank's ATM. But when there's a screaming kid in a stroller or an impatient date on the arm, you're likely to just pay the fee.  Even one so-called "foreign" ATM transaction with a $5 hit every month costs $60 annually. Be realistic: If your bank charges for such transactions, you should just budget $100 annually for ATM service.   But a much better choice is to find a bank that doesn't charge you.  For those ATM emergencies, you'll at least cut your ATM fees in half, and some banks -- USAA Federal Savings Bank, for example -- refund the ATM bank's fees.  There's no law preventing you from getting a secondary checking account with a new institution that you use primarily for accessing cash on the fly.  I recommend this kind of "allowance" account structure in Stop Getting Ripped Off.

A few other creative efforts can cut your ATM fees. Get cash back when you shop at grocery stores with your debit card, although that's not my favorite way to use debit.  Better yet: Find fee-free ATMs. They're out there.  The WaWa convenience store chain offers them, and it recently performed its one billionth fee-free cash withdrawal.

What it costs: Two "foreign" withdrawals per month -- $120

2) Keeping your minimum balance
Most account holders are familiar with the idea that they might have to do something -- maintain a minimum balance or direct deposit their paychecks -- in order to keep some level of service.

But now, a single slip-up, such as a flurry of cashed checks that sink your balance to $998.43 for one afternoon, can be costly. With fees of $12 or more, the experience is not unlike getting hit with an overdraft.  The same advice you followed to prevent overdrafts applies here. Some banks let you link your savings and checking accounts to make sure you don't dip below that minimum.  Sign up for text message alerts so you can get early notification of a dangerously low balance, and log on to online banking to check your balance often. Stagger your regular payments so they hit after your paychecks. 

The biggest Red Tape Trap of all, however, is the dreaded movable minimum balance. Consumers who once enjoyed fee waivers for keeping $500 in an account can see that minimum raised to $750 or $1,000. It's easy to miss a warning letter from the bank, and end up with one or two months of $12 fees.  The clearest hint a balance change is coming is an account name change (see below).

What it costs: Two slip-ups -- $24

3) Overdraft fee marketing
The voracious overdraft fee animal isn't gone, it's just been put back in its cage. Until recently, consumers could incur $35 overdraft fees by making small purchases with their debit cards.  Today, those transactions are simply declined by the bank, or approved without the fee -- unless the bank has received explicit opt-in permission from the account holder. Banks have driven hard to trick consumers into giving up this permission, which is inappropriate for the vast amount of consumers. They've given it pleasing sounding names like "courtesy pay," "Buffer Zone," or "debit card advance,"  and plastered bank windows with pictures of smiling, attractive men and women who say they are relieved to have this peace of mind.  If you've been tricked into signing up for overdraft protection, un-sign up immediately.

 What it costs: Two overdrafts -- $70

4) The name has changed
The surest sign a new fee or restriction is coming is a name change -- either the name of your bank has changed because of an acquisition (like Washington Mutual becoming Chase) or the name of your account has been changed. Former Washington Mutual customers have seen their account names changed from "WaMu Free Checking" to "Chase Free Extra Checking" to "Chase Total Checking," which is totally more expensive than free. Ironically, a Google search for Washington Mutual still sends consumers to a Web page at Chase.com with the title "WaMu.com, home of WaMu Free Checking, is now Chase."

Chase customers can avoid checking fees through a variety of methods -- maintaining a minimum daily balance, a high average balance, making at least one large direct deposit, or by paying a bunch of other fees.

The amounts required -- at least one $500 deposit -- aren't Draconian, but the rules mean consumers have a lot of new things to keep track of. They will slip up, and pay. And of course, the rules can and will change.  Beware the notice that you've just been upgraded to "Complete Awesome Checking" or "Value Asset Acquisition Checking." You almost certainly are about to be hit with a new fee or rule.

What it costs: Two mistakes -- $24

5) The hidden cost of no interest
Of course, requiring a minimum balance of $1,500 or so is itself a fee. That's money you could park in a high-yielding money market account earning interest.  Even a 1 percent interest rate would get you a smidge more than $15 on your $1,500, so that kind of minimum requirement amounts to a $15 annual fee.

What it costs: Missed interest -- $15

TOTAL TRAP COST: $253 annually.

This entire column has been a not-so-subtle suggestion that you consider banking alternatives.  Online banks like ING Direct offer higher interest and fewer fees.   Credit unions and small banks still offer really free checking. In fact, BankRate.com just released a survey showing 38 of the 50 largest credit unions have free checking with no strings attached, and about half of them don't even require a minimum balance. Their ATM fees are, on average, half of traditional bank fees and one-quarter of the large credit unions charge no ATM fees at all.  

That means there's no reason not to open a credit union account, even if it merely serves as a secondary checking account.

Click here to follow Bob Sullivan on Facebook.

Esther Shapiro

While price tags are showing their age, Esther Shapiro sure isn't. The 93-year-old consumer advocate still visits grocery stores in Detroit to make sure they are pricing items accurately.  But an important arrow in her quiver is about to disappear. The Michigan Legislature voted to kill the state's grocery store price tag law last week, after Michigan's Gov. Rick Snyder attacked it in annual his State of the State address.  That means in all likelihood the little stickers will soon disappear, replaced by shelf tags. 

While a few other states still have mandatory price tag laws, Michigan's was by far the most consumer-friendly.  The Michigan Retailers Association is rejoicing, but Shapiro sees the reversal as a sad event for consumer rights. 

"For many people, (the price tag law) is the only interaction they ever have with consumer protection law," said Shapiro, who once headed Detroit's Consumer Affairs office. She still lives in downtown Detroit, and still complains loudly when she's overcharged at her local grocery store.  "A very basic thing I always come back to is consumers' right to know. Times are getting tighter, the value of peoples' income is shrinking, and now they will be even more confused about what things cost."

Price stickers provide obvious and immediate benefits – consumers can be sure about the price of an item, and not be forced to hunt around for it. They can carry items around a store and directly price comparison shop. And they also have an audit trail; once they arrive home, they can compare goods with a price receipt to make sure they're not overcharged.  Price tags are common in almost all forms of retail – clothing stores, for example – but are quickly disappearing from the most common shopping stop, the grocery store.

Red Tape readers first met Shapiro four years ago, when the then-89-year-old described her regular shopping trips designed to make sure grocery stores were playing by the rules.  In Michigan, consumers enjoyed a powerful price tag law enforcement tool – "bonus" payments up to $5 for each mistake discovered.  At the time, she joked about receiving a tidy sum from stores she visited.   While the new price tag law doesn't eliminate the bounty payments, it'll be difficult to collect on them now without an audit trail.

Michigan's original price tag law was passed in 1976, during the heyday of consumer advocacy.  It was also a time of vastly expanding options for shoppers.

"The consumer market was growing, there were a lot more goods becoming available for consumers to purchase, so there was a general push for more information for consumers," she said.  

Shapiro, as head of the state's largest consumer protection agency, spent years educating consumers about the law and helping enforce it. That's why she's so sad to see it go.

Why price matters
Regular readers of this column know there's a lot more for consumers to lament than the simple loss of price tag stickers. I believe that general price confusion is a systematic attack on market economics that favors large corporations over consumers. When it comes to cell phones, pay television, hotel stays and so many other things people buy, consumers are often confused about the ultimate price they'll pay.  Travelers, for example, often see one price when search a website for the cheapest flight from New York to London. But after baggage fees are added in, the flight could ultimately cost $150 more. This is annoying on a micro level, but on a macro level it's terrible for the economy.  In a world where prices are opaque, comparison shopping is dead.  That means companies no longer compete to sell the best products and services for the best price; instead, they compete with each other over who can best confuse consumers and get more money from them.

There is no more crystalline example of this problem than efforts to remove price tags from everyday items like bread and cereal.

Price tags have been terminally ill since the widespread use of scanable bar codes began in the 1970s.  Stores like automating consumer checkout, and they hate paying clerks to place sticker after sticker on cans of soup and tomato paste.  They also like being able to change prices frequently, at the press of a button – frequent price changes are a hassle when price tags are involved. From their point of view, price tag stickers are as old fashioned as 20 cent bottles of Coke. Shelf tags listing prices are dramatically easier to manage, and provide all the information consumers need, they argue.

Death of the market
But Shapiro and other consumer advocates see things differently.  Shoppers can't remember the price of an item they've placed in their cart as they walk the aisles, she said. They can't compare a jar of tomato sauce selected on aisle 7 with the price of a jar sitting at a special display at the front of the store.  That means they also can't verify the price of items as they are scanned at checkout. 

"Consumers cannot shop with economics in mind unless the price is on the item," she said.  "I believe price tags are of equal importance with the FDA rules on (nutrition) labeling."

The end of price tags will also make it much harder for consumers to complain about being overcharged, she said. 

"I was recently at a store and took a box of crackers that was on sale to the register and it rang up at the original price. So the clerk had to yell for someone to check the price.  That person never showed up, so she had to close the register and walk to the shelf herself, hating me all the way. And so did the people on line behind me," Shapiro said. "Well, I really liked the crackers and went back to buy them several times...and you know what? They never corrected the price at the register.

"I have the time, and the gumption, to complain. But what about the mom with two screaming kids?" she added.

The local advocacy group Michigan Citizen Action didn't fight to stop the price-tag-killing law, called the "Shopping Reform and Modernization Act," but it did argue to keep stickers on food and over-the-counter medicine after conducting a survey that found 72 percent of state residents feared they'd be vulnerable to overcharging as a result of the change.

"Price tags are important. Why should a consumer have to be the unpaid store clerk running around figuring out how much things cost?" said Erin Knott, deputy director of the agency.

Adds 10 percent to cost?
There's been a lot of misinformation thrown around during Michigan's rather hastily-arranged price tag debate.  The governor cited research offered up by a group called the Coalition for Retail Pricing Modernization saying price tag application cost Michigan stores $2.2 billion annually.  The governor cited the cost as a cause of Michigan's downtrodden economy.

The questionable research extrapolates from a 2007 economics paper, which found that prices in an area of New York that then required price tags were about 10 percent higher than stores in nearby New Jersey, which didn't. It ignored other factors which make New York stores pricier. Then, the group calculated 10 percent of Michigan store sales to arrive at the $2.2 billion. The back-of-the-envelope calculation was cited by the governor in his arguments, but derided by consumer advocates.

The economics paper was edited by Sam Peltzman, author of many studies that are critical of consumer protection laws. 

The true cost of placing price stickers on Michigan groceries is a small fraction of $2 billion, said Edgar Dworsky, former assistant attorney general in Massachusetts.  Today, he runs a consumer advocate site named Mouseprint.org. He's also author of the only other remaining significant state price tag law in Massachusetts.

"We'll see if Michigan consumers get back that $2 billion they say they'll save now," he said. 

It's possible that stores will someday develop a better way to communicate price to consumers than little paper stickers placed on items, he said, but "no one's built a better mouse trap yet."

High-tech replacements, like shopping carts with built-in scanners and computers, are promising, but have been installed in only a fraction of stores.  Clever apps for smartphones can read bar codes and ever offer up competing prices from nearby stores, but they have their limitations.

"We assume everyone has a smart phone with an app, but they don't," Knott said. 

She'll still raise a stink
For now, paper shelf tags are the standard replacement, but those fail on many levels. Items get moved, it's hard to tell which tag applies to which item, and sometimes the tags are simply wrong.  Or, as Shapiro points out, children often have a bit too much fun sliding the labels back and forth on the shelf while parents shop, adding to the confusion.

The pile of goods abandoned beneath aisle bar code scanners at stores like Macy's and Target prove that consumers don't know how much things cost unless they go hunting, Dworsky said.  

"In a certain sense, it's one more nail in the consumer's coffin," Dworsky said.  "Price disclosure is one of the most important consumer rights, and it's disappearing."

While the law hasn't been signed by the governor, he is widely expected to do so soon. It would take effect Sept. 1.

No matter -- Shapiro said she won't stop her trips to the store, those small but enduring efforts to keep grocery stores honest. She already has plans to bring a magic marker with her and write the price on any item she plans to buy as soon as she picks it up off the shelf.

"If they try to overcharge me, I'll just raise a stink now," she said.  "That's what people need to do.  Say, 'you overcharged me, and say it loudly so people around you hear it.  … If the state won't (protect us), we'll have to do it for ourselves."

What's the best way for a hacker to attack Facebook users?  A new survey shows an old-fashioned method works pretty well.  One out of every five male social network users admits they'll accept any friend request that comes from a woman -- even if that woman is a complete stranger.

Not surprisingly, women are considerably less promiscuous in their "friending" -- only one in 13 said they accept such digital advances from random male strangers, according to the survey conducted by Harris Interactive. But taken together, the survey suggests that some 13 million U.S. adults are willing to accept any random friend request, which usually means giving strangers access to all the intimate details of their lives.

"Americans' lack of caution in friending members of the opposite sex online is striking," said Thomas Oscherwitz, chief privacy officer for ID Analytics, Inc., which sponsored the research. "Friending someone online is not risk-free. … Most social networking profiles contain personal information that can be used by fraudsters, and when you friend someone, you are giving them access to this information."

Criminals who send out friend requests en masse are bound to find many takers, the survey shows.  Once they've achieved "friend status," they instantly acquire numerous vectors for attack.  They can cull pages for password hints, such as high school mascots, birthplaces or names of relatives and pets. In fact, a prior ID Analytics study found that 70 million Americans reveal their place of birth on a social networking site, often a key piece of information used in Web site "lost your password" retrieval tools. About 20 million Americans reveal their pets' names. 

Criminals don't have to do the direct route, however. They can often start collecting data from friends of friends. And they can usually post spam messages on consumers' walls once they achieve trusted status. 

Other disturbing findings suggest criminals might not even have to work that hard to use Facebook as a crime platform. ID Analytics estimates that 24 million U.S. adults still keep their profiles open to anyone, making them an easy target for data mining. Once again, men are more lax than women, with 28 percent of male adults skipping any steps to lock down their profiles, vs. 17 percent of women. 

Staying private with a little help from friends? Not really.
Not that people trust their friends anyway. The survey found that half of all social network users don't trust their friends to keep their own personal information safe. There's a gender split here, too. Women may be skeptical of strangers, but they are quite a bit more trusting of their friends: Only four in 10 women said they didn't trust friends, compared to six in 10 men. 

"In a way, that makes sense, because they are more picky about who their friends are," Oscherwitz said of the women respondents.

Not just being polite
One thing on which there seems near universal agreement: It's OK to ignore people online. Regardless of age or gender, nearly nine of 10 adults don't think it's rude to refuse or ignore an electronic friend request. That means social mores aren't contributing to inflated friend acceptance, just typical unsafe behavior online.

Help with work 
The survey does offer a hint about why consumers might be overly digital friendly at the moment -- 39 percent of U.S. adults think it's important to make "as many business connections as possible" when using the Internet, perhaps out of a reasonable desire to network to bolster employment security or prospects. Users take a decidedly more conservative approach to friendly connections online, with only 19 percent saying they wanted to create "as many social connections as possible."

But there's a dangerous disconnect in that disparity, Oscherwitz said. It's often hard, if not impossible, to separate social and business functions when using networking websites. Even those who use different websites, or different identities, to separate work and play find the two end up overlapping.

"Consumers are still trying to understand the rules of the road for how to operate in this world," Oscherwitz said.

One element many consumers might not consider: Often, Facebook friends are for life. That adds to the level of risk. For example: Your Facebook usage might have been minimal a year ago, when you accepted your first 200 random friend requests. But perhaps later, you become a more active user, divulging many more details about your personal life, and becoming more selective in accepting friend requests. But those original random friends still have access to all those details.

It's relatively easy to weed out (delete) unwanted friends, but few social network users take the time to carefully prune their connections on a regular basis.  That makes it all the more important whom you do and don't allow into your trusted spaces. 

"There are people who may not be in your life any more, but are still your friends on Facebook," Oscherwitz said.  "And don't forget friends of their friends and your friends, who may be able to access all that information."

RED TAPE WRESTLING TIPS
Oscherwitz offers three basic reminders for consumers who want to protect themselves: Be careful what you share, protect what you have and monitor what's happening to you.

1. Share carefully

Naturally, it's important to consider which friend requests you approve and which you ignore. If you've been careless in the past, now's a great time to prune your friends list.  That's the kind of thing you should probably do at least twice per year -- like changing your smoke detector batteries every time the clock changes for daylight saving time.

2. Protect what you have

It's always a good time to tweak your social network privacy settings.  Here's one instruction kit for doing that.

3. Monitor

At least once a month, conduct a "vanity Google search" and see what the world knows about you.  You can also view your "public" profile on Facebook, or even pick some random friends and see how your profile appears to them.

There are other tools that make monitoring your identity easy.  AnnualCreditReport.com offers the only free way to make sure your credit history is accurate. And ID Analytics offers a free tool at MyIDScore.com, which culls the firm's extensive list of transaction data for signs that your identity might be compromised.

Click here to follow Bob Sullivan on Facebook.

(Cooleywhiskey.com)

The news out of Ireland these days is nearly all bad.  A decade ago, its so-called Celtic Tiger expansion was considered one of the economic miracles of our time, and for a while Ireland was the fastest-growing nation in Europe. But that growth turned out to be a mirage, fueled in part by voracious and irresponsible borrowing -- and now the Irish economy has been brought to its knees, forced to borrow $90 billion from the European Union just to pay its bills last fall. The Irish openly worry about losing national sovereignty again.

But the remnants of the Celtic Tiger may serve as fuel an Irish recovery after all, and a spirited one at that.

Irish whiskey, which almost disappeared during the 1960s, is suddenly among the fastest growing alcohol exports around the globe. U.S. sales grew an astonishing 22 percent last year, according to the Beverage Information Group, while the rest of the spirits industry was essentially flat. And that growth has fueled a renaissance in varieties and a resurrection of old brands now reaching American shores. Revelers who head out to their favorite Irish pub Thursday for St. Patrick's Day – and the National Retail Federation says a record 38 million Americans will -- will notice the difference behind the bar immediately. The whiskey shelf once reserved for Jameson alone will now be crowded with new entrants like Paddy's, Michael Collins, Redbreast and a host of other unfamiliar but inviting bottles. Even $17-a-glass Midleton might be stocked there.

The tragedy, and recent resurrection, of the Irish whiskey business is a tale that's tailor-made for the Irish sense of for melodrama.

The Irish claim whiskey is their invention, and give it a long and storied past.  The first element on the official Jameson "history of whiskey" timeline is the arrival of St. Patrick in 432 AD.  "Uisce beatha," The Irish word for whiskey, distillers will quickly tell you, means water of life.

(Bob Sullivan/MSNBC)

Bartender Emmet Rodgers, a native Irishman working in Grimaldi's in Hoboken, N.J., said he's happy Paddy and Powers whiskies are now on his bar shelf alongside Jameson.

In the late 1800s, perhaps 2,000 distilleries dotted the Irish landscape, and their product dominated global whiskey sales. Then, the industry suffered a one-two-three punch that nearly killed it.  U.S. Prohibition in 1919 cut off the American market; the Irish independence movement cut off the U.K. market, which then covered half the globe; and when Ireland maintained neutrality in World War II, American GIs developed a taste for Ireland's bitter rival, Scotch whisky.

At the time, even pop culture worked against the Irish.  With the advent of motion pictures, "Scotch on the Rocks" became the drink of movie stars, according to Simon Ford, the U.S. spokesman for Jameson.

"At one point, Scotch became the generic term for whiskey," he said. 

Monopoly couldn't save it
Brands disappeared, and distilleries closed en masse. By 1966, the Irish whiskey industry entered hypothermia to survive.   Only three makers remained in the Republic: John Jameson and Sons, John Power and Sons and Cork Distillers. They joined forces to form the Irish Distillers, and moved all production to Cork, Ireland's second largest city, to a plant called Midleton.  The group focused most efforts on propping up the Jameson brand.  Now, there was basically one Irish whiskey brand left in the world, made in one place. Even Bushmills, made in Northern Ireland, joined the group within a few years.

The monopoly was created as a last act of desperation, but even that didn't work.  Ultimately, the Irish government went looking for a financial savior, and in the 1970s, the entire industry was sold off to a Canadian company -- Seagram's, which soon turned the business over to a French firm, Pernod Ricard.

"The industry was on the verge of going out of business," said Rich Nagle, president of the Irish Whiskey Society of America.  "(During prohibition), there was a lot of bootlegging, and Irish whiskey began to be associated with crap. … Meanwhile, Scotch had cultivated this sophisticated culture."

Even as the 1980s economy showed signs of life, Irish whiskey was in no condition to compete with Scotch.  Whiskey makers are the polar opposite of a just-in-time manufacturing firm. There is no way to react to a sudden surge of demand.  Irish whiskey must be aged a minimum of three years, but makers must plan much deeper into the future.  High-margin, better quality whiskeys are aged 12 and 15 years – so it takes at least that long for the business cycle to play out. Nearly every bottle of whiskey produced in the 1960s had to remain in Ireland to satisfy domestic demand.

"We didn't have maturing stocks. Anything we had to put into the market , we had to keep in Ireland," Ford said.

Signs of life
But as the Celtic Tiger gained steam in the early 1990s, the Irish whiskey industry began to awake from its long slumber.  In 1994, the monopoly was broken, as Irish firm C&C purchased the Tullamore Dew brand from the merged Irish Distillers owner Pernod Ricard.  During the 1990s, a home-grown Irish firm, Cooley, opened for business and began resurrecting old Irish brands like Tyrconnel.  It also resurrected the old Irish way of distilling, called "pot still," where batches of the pre-whiskey stew called "mash" are boiled and distilled one pot at a time -- a far less efficient process than modern continuous distilleries.  Stimulating even more competition, Bushmills was sold to British giant Diageo in 2005.

Meanwhile, sales of Jameson roared around the globe, created a beachhead in other markets for lesser-known brands.  By the end of last decade, Jameson annual export growth regularly topped 20 percent. Meanwhile, whiskey aficionados -- often of Irish descent -- began forming Internet groups to demand export of brands they'd tasted on a trip to the Old Country.  That convinced Pernot Ricard to dust off brands it had long kept tucked away from the 1960s merger days. For last year's St. Patrick's Day, to great rejoicing of some, old-fashioned Paddy's made its "legal" debut in Irish bars and liquor stores.  Intended as a two-month trial, Paddy's is now a fixture in most Irish pubs on the East Coast, often joining Powers – sometimes called "your grandfather's whiskey" --  and Jameson as a sort of Irish whiskey trinity produced by Pernod.

Colum Egan, master distiller for Bushmills, said the whiskey trend has now reached far beyond Irish bars. 

"Drinking Irish whiskey has become the cool thing to do now. It's gone way outside Irish pubs now, to American bars, Chinese restaurants, you name it," he said. "There's been a need to create different whiskeys to satisfy different tastes. It's no longer enough to have one or two whiskeys stocked.  People are looking for seven, eight, nine, even 10 brands. There is room for it. Every time I come over (to the U.S.) I see more whiskeys in the pubs."

'Simple enjoyment of a good drink with kindred spirits'
Just as whiskey was too slow to react to the raging Irish economy, it's been buffered from current doldrums, too – most of the Paddy's and Jameson's being sold today was made before the economic meltdown hit.  But plenty of other factors make Irish whiskey attractive as the recession drags on -- for starters, at around $24 a bottle, Jameson is an economic merry-maker, Ford said. 

That economy means more than just a low price, he argues.  The era of conspicuous consumption is over, he points out, and basic Irish whiskey is more in line with the times.

"We're not a brand with pretense.  We are comfortable in our own skin," Ford said.  "Irish whiskey doesn't take itself too seriously; it's got that Irish easygoing way about it."

Nagle, who plans to launch his American Irish Whiskey Society in Boston this year's on St. Patrick's Day, agrees.

"We're not in smoking jackets, talking about ponies, with our pinkies in the air," he said.  "Irish whiskey is about the simple enjoyment of a good drink with kindred spirits."

Despite the raging success, Irish whiskey is still a tiny player in the huge U.S. spirit market. In 2010, 1.4 million cases of Irish whiskey were sold here, according to the Beverage Information Group -- accounting for just 0.7 percent of the spirits market. The U.S. Scotch market is more than six times the size, having sold 8.7 million cases last year.

Casked whiskey doing its time in the Cooley Distillery warehouse (Courtesy Rich Nagle and Irishwhiskeyblog.com).

Still, the inspiring climb of Irish whiskey exports – Jameson passed 3 million in worldwide case sales last year for the first time, up from 500,000 when Pernod purchased the brand in 1988 – is a welcome shot of good news. Irish liquor exports amounted to nearly $1.6 billion last year, according to International Wine & Spirit Record, nothing to sneeze at.  And distillers say the small market share represents an enormous opportunity.

"I always say if i can get people to taste it, they'll drink it," Egan said.  "And now I think people have discovered the taste."

As a sign of how far the Irish whiskey market has come, Cooley Distillery recently reopened the Kilbeggan Distillery, which some call the oldest distillery in the world. (Kilbeggan is Irish for "little church.") It had been closed since 1957. Last year, the first batch of Kilbeggan Distillery Reserve Malt hit stores at a cool $65 per bottle.

"The newest whiskey out of Ireland is made at the oldest distillery in the world. You really get a strong sense of the legacy of whiskey and how important it is," said Nagle. 

Whiskey exports will, no doubt, be equally important to the future of the Irish economy and to the restoration of Irish pride, which took a severe hit when the nation was forced to borrow from the EU.

Pernod recently announced a major expansion of its Cork facility, adding a much needed burst of new jobs to the region.

"The Irish economy exportwise is doing very well, experiencing double-digit growth in some areas. Whiskey will be a big part of that," said Egan.  "Everything Irish sells well. People like products from Ireland, and there's nothing better than whiskey. On Thursday, tens of millions of people will celebrate their Irish heritage and we need to show we are more than capable of continuing on. There's tough times ahead, but it's not all doom and gloom."

Especially not if you have a glass of Irish whiskey in your hands.

RED TAPE TASTING TIPS
Nagle says people continually ask him what whiskey is best; he answers the question in the great tradition of Irish blarney. Not only won't he pick a favorite – he's sure to say he has many different favorites. But he does count Paddy's as simpler and smoother than most whiskeys, so it's a good entrant for neophytes who'd never tried the potent brown liquor before.

"Whiskey will taste differently to you from day to day because of your mood, because of what you've eaten, and so on," he said.  "To appreciate whiskey all you need to have is an open mind."

People who really know – distillers – quietly tell him that the most critical ingredient in whiskey taste has nothing to do with aging or distillation technique. It has to do with the company you're keeping.

"Some people turn it into a chemistry project. But makers talk about 'who you're with,' and how that matters. Who you're with certainly effects how much you enjoy what you're drinking," he said. "It's about the conversation.  It's about, as the Irish say, good craic."

For some great pictures of the distillation process, and more information on Irish Whiskey, visit the Irish Whiskey blog.

And for a very good reason to choose good whiskey over cheap green beer, read The Body Odd today, which explains (sadly) why hangovers get worse as we get older.

"The Digital Divide" has vexed and worried researchers for at least a decade, raising concerns that entire groups of Americans might be left behind, unable to afford the gadgets of the 21st Century.

Perhaps it's the social network divide they should worry about instead.

There is plenty of empirical evidence that those who choose to avoid Facebook, MySpace, and Twitter suffer social consequences: Ask anyone who missed a party -- or for that matter, a wedding -- that was organized on Facebook.

New evidence from a survey conducted exclusively for msnbc.com suggests that divide is becoming a pitched battle, with simmering frustrations between pro- and anti-social network crowds over an issue that is central to the digital age and the future of social networks: Privacy.

The survey suggests that Americans' opinions on privacy are polarizing towards two extremes -- it's become either much more important or much less important -- and the fault line is social media participation.  It was conducted by The Ponemon Institute as part of msnbc.com's recent four-part privacy series.

The series comes as Congress and the Federal Trade Commission weigh a series of legislative initiatives designed to deal with online privacy issues, including the so-called Do Not Track list, modeled after the wildly popular Do Not Call list.  The Senate Commerce Committee is scheduled to hold a hearing on the issue on Wednesday.

Avid Facebook users said they care much less about privacy than they did five years ago, falling deeper into the "I have nothing to hide, so why worry" category; social media avoiders said they care much more now, and are more concerned than ever about their ability "to be left alone."

(For a deeper exploration of these points of view, read Wilson Rothman's piece aimed at the nothing to hide crowd, Helen Popkin's piece for the privacy elite, and my piece for the middle-of-the-road audience.)

Ordinarily, when asked a more/about the same/less question, most survey takers opt for the middle choice, said Larry Ponemon of The Ponemon Institute. In this case, 36 percent said they cared less about privacy than five years ago, and the same percentage said they care more. Only one in four picked "about the same."

"It is a surprising result," he said.  "The fact that the numbers are pulling to each side is an interesting finding.  The fact is there's not a lot of complacency about privacy now.  People are thinking about this."

A look inside the numbers offers an easy explanation for the polarization: Among active social network users, 58 percent said privacy was less important and only 14 percent said its importance was growing. Non-social media users were almost a mirror image in reverse, with 53 percent saying privacy is more important to them, but only 20 percent saying it was less so.

Privacy has been a vexing topic for researchers because consumers for years have said it's important to them, but rarely act out of that concern. They won't often shun supermarket discount loyalty cards, for example. Any survey result in which consumers admit caring less about privacy is intriguing, Ponemon said.

"It's the old convenience argument. I want a reason to do the things I like to do," he said. People who have chosen to use Facebook and its rivals want to believe they are safe; and very few people have experienced any real trouble from their privacy choices.  "People's experience seems to be, 'I went in the water and the shark didn't eat me, so they continue doing what they like to do."

On the other hand, the mere existence of social media tools has pushed non-users to think more seriously about privacy, Ponemon said.

Who doesn't use social networks? You'd be surprised. According to the Pew Internet and American Life Project, 39 percent of U.S. adult  Internet users still aren't on Facebook, Twitter or a similar service.  Non-users tend to be male (44 percent to 33 percent for women), older (56 percent of 50- to 64-year-olds aren't users), have less education (45 percent of non-high school graduates aren't) and less income (40 percent of those earning less than $30,000 aren't), according to Pew.

Privacy concerns are one of myriad reasons why someone might not join a social network.

Of course, you don't have to be a member of a social network to have your privacy violated by the service.  Non-Facebook users, for example, can have their photograph taken, published and shared a million times over on the site.

Alessandro Acquisti, an economist who studies privacy at Carnegie-Mellon University, says the privacy issue may be polarizing because the penalty for avoiding social networks is becoming more severe over time.

"Not having a mobile phone now would dramatically cut you off from professional and personal life opportunities.  It's the same story with social networks," Acquisti said. "The more people use them for socializing and for their professional life, the more costly it becomes for others (who aren't members) to be loyal to their views."

The cost in some ways is basic. Many Facebook users now assume all their posts are common knowledge, and skip old-fashioned ways of communicating even important events now. That leads to awkward, "What do you mean you didn't know I was engaged" conversations. 

For some, the consequences are far more serious. It's hard to imagine a more powerful tool for job-search networking that Facebook; it's easy to imagine an unemployed worker suffering for taking a stand against joining the service. This social media usage gap effect could ultimately be as dramatic, or even more so, than the digital divide.

"I don't presume to have a good answer," Acquisti said. "But one can make an argument that protecting privacy in a world where people don't see the value of it is going to become costlier and costlier. That means some people's right to privacy is being rendered more difficult to protect precisely by the right of other people not to care about privacy."

Behind the numbers

The Ponemon Institute survey estimates that 42 percent of U.S. adults call themselves "active users" of social networks.

One interesting finding of the research: While Congress and companies involved extol the virtues of giving "control" of personal data to consumers as a solution to troubling privacy issues, users themselves are under no illusions that they maintain control. By equal amounts, both social network users and non-users overwhelmingly say they have less control over their data today than five years ago -- about 70 percent say they have less control; 18 percent say they about the same control; and only 1 in 7 users say they have more control.

Meanwhile, virtually no one believed the statement: "I am confident that I can protect my personal information when I'm online." Only 4 percent “strongly agreed”; another 14 percent agreed, while 33 percent disagreed and 18 percent strongly disagreed. The results, again, were essentially the same for social media users and non-users.

One in two users said they'd suffered a privacy-violating experience in the past two years, with most of them saying they'd been hit several times. Two-thirds said they'd suffered between four and 10 privacy violations during that time. The results were the same for social media users and non-users.

One in four survey takers said they'd been a victim of identity theft during their lifetime.

Consumers said they trusted the government more than private corporations by a factor of 2.5-1 when it came to protecting privacy, but two-thirds of respondents said they trusted neither.

The Ponemon survey was conducted using an online panel that included a representative sample of U.S. adults and comes with a margin of error of +/- 4.5 percent. 

Click here to follow Bob Sullivan on Facebook.

First, we said goodbye to the floppy disk drive. Then, the Sony Walkman was unceremoniously buried.

Now, it's time to prepare a eulogy to a gadget that's been an even bigger part of the American landscape for a much longer time -- the magnetic stripe credit card.

An ingenious technology in its time, the magnetic stripe was invented in the 1960s by marrying tape-recorder-like magnetic tape to a credit card. Magnetic tape itself was a remarkable invention, with its roots in the 1920s, when it was first used by musicians to record audio.  In the 1950s, computer scientists began using it to record data, setting the stage for the "mag stripe card."

In the 1960s, credit card fraud was skyrocketing, and clerks were stuck manually comparing account numbers embossed on cards with printed lists of accounts linked to fraud. The addition of the magnetic stripe allowed cashiers to automate this process -- one swipe and the number could be recognized by a computer. More importantly, the account number could be transmitted over a phone line to a centralized list of fraudulent accounts.  The magnetic stripe had fraudsters on the run for quite a while.

But as the gadget is approaching its 50th anniversary, it's looking a little old -- as outdated, perhaps, as the IBM Selectric typewriter, which was introduced about the same time. Criminals long ago figured out how to circumvent the mag stripe's fraud-fighting features --  really, by the mid-1980s, when IBM killed the Selectric in favor of the Wheel Writer. And now, European banks seem to have positively murderous intentions for the old faithful mag stripe.

In 2005, Eurozone banks converted their cards to the "chip and PIN" system, in which a more secure microchip embedded in the card performs most of the security functions.  Because U.S. banks are still using the old system, most European banks and merchants still have to accept the old-fashioned cards and the fraud that comes with them -- and they are sick of it.

The European Payments Council recently passed a resolution (PDF) mandating that use of "use of magnetic stripe fallback (be restricted) to exceptional cases" and allowing banks to "to refuse magnetic stripe transactions if they so wish."

As a recent banking blog put it, the European council wants to "kill the old magnetic stripe."

They're 'fed up'
"European card issuers have been fed up since the Heartland Payment Systems breach," said Gartner banking analyst Avivah Litan, referring to the 2009 theft of millions of credit card numbers from the payment processor.  Stolen account numbers are useless for in-store fraud where chip and PIN cards are required; but because magnetic stripe cards are easily copied and forged by criminals, stolen account numbers still have great value.  "The mega-million-dollar investments they made in chip cards were defeated by their cardholders  shopping, traveling and eating out in the U.S. using their mag-stripe enabled credit and debit cards ... European issuers have been talking about stopping their cardholders from using the mag stripe on their plastic cards since that time, and they are still fed up."

The divergence of fraud-fighting systems on either side of the Atlantic -- and the  five-decade-long U.S. loyalty to magnetic stripes -- is less crazy than it sounds, says Benjamin Jun, vice president of technology at Cryptography Research, a firm that helps banks protect their data.

In the 1980s, as fraud-fighting efforts developed, international long-distance phone calls across Europe were very expensive.  That gave European banks added incentive to make their credit cards secure on their own  by developing a decentralized fraud-fighting system.  That led to placing tiny computer chips on each card that were smart enough to be used for validation without the need to call a central bank. Instead, users enter PIN codes that can be checked against data on the chip for authenticity.

In the U.S., on the other hand, telecommunications costs were relatively inexpensive, so it made sense for American banks to maintain their centralized fraud systems and continue to have merchants "phone home" with each transaction.

"In the U.S. it cost a quarter to clear a transaction. In Europe, the costs were much higher.  So they solved the problem by throwing more money at it," Jun said. "Their system has been upgraded more quickly because their fraud rates required it."

While the European payments industry hopes its declarations will prod U.S. banks into upgrading systems here, there is little chance that U.S. card issuers can be bullied to quickly adopt the Chip and PIN system. Already, several celebrated attempts to issue so-called smart cards -- such as the American Express Blue card in the late 1990s -- have fallen flat.  In fact, Jun thinks it's likely the U.S. system will skip over the European system and adopt even smarter card technology, such as the Near Field Communication chip, which allows consumers to make payments wirelessly without removing their cards -- or for that matter, their cell phones -- from their pockets.

Either way, however, the old mag stripe seems to be clearly on its last legs. 

"Everyone agrees it's a matter of time," Jun said. "Our fraud rates are catching up to what Europe has."

RED TAPE WRESTLING TIPS
What does this mean for today's credit card users? The saber rattling from the European payments council won't really mean much to the day-to-day life of U.S. shoppers.  But travelers heading across The Pond -- in either direction -- may encounter curious difficulties going forward, and so might U.S. merchants who count on sales to European travelers. European banks may very well choose to stop approving transactions by their consumers when a U.S. merchant tries to use a magnetic stripe for authentication -- few U.S. merchants have the capability of using smart card chips for approvals. Hand-entered account numbers will be disallowed completely, under the European resolution. That might chase tourists out of U.S. shops.

Meanwhile, U.S. travelers could soon find additional trouble when making mag stripe purchases during travel in Europe. Already, some European vending machines, such as train ticket kiosks, require smart cards for purchases.

Jun, however, doesn't expect massive troubles for American tourists.  After all, few European nations are in any position to turn down American dollars right now.

"I work with a lot of banks, and it is certainly in their interests that Americans overseas can make payments.  They are well aware of what they need to do to put the right cards in hands of their customers," Jun said. 

Imagine having every e-mail you've written published by hackers for the entire world to see. You don't have to stretch your imagination very far -- it's already happening to some folks.

Meet the new face of computer hacking. Inspired by the success of WikiLeaks, stealing and disclosing data is the new form of Internet revenge -- and chaos. There's concern that a new generation of WikiLeaks imitators will come along and use widespread dissemination of embarrassing information as its weapon of choice.

Hackers who call themselves Anonymous -- the group that has gained notoriety for attacking Visa and MasterCard in defense of WikiLeaks -- broke into computers operated by a government contractor named HBGary Federal in early February.  Once inside, Anonymous members wreaked all kinds of electronic havoc, including the theft of thousands of employee e-mails. These were then published in searchable form on a Web site similar to WikLeaks, leading to a host of embarrassing disclosures for HBGary employees.  The incident drew so much attention that it was featured in a recent segment on "The Colbert Report."

At the world's largest computer security conference in San Francisco last month -- RSA USA -- the attack dominated conversations outside meeting rooms.

But lost in the noise and the embarrassment was this chilling truth: It could happen to you. In the old hacker world, it was enough to deface a company's Web site and put up a sarcastic, embarrassing message.  The HBGary e-mail history incident -- stealing data, publishing it online, and creating an easy-to-use search engine that encourages its spread -- takes the game to a whole new level.

"Leaking has gone mainstream," said Mikko Hypponen, chief research officer at Finland-based F-Secure.com. "It's likely this phenomenon isn't going to go away, and we will be seeing leak sites for years to come."

In the aftermath of the WikiLeaks controversy over the release of secret U.S. diplomatic cables last fall, security research firm McAfee predicted that so-called hacktivism would take an aggressive new turn this year. Traditional electronic activists were generally content to perform online versions of sit-ins, temporarily disabling Web sites of targeted entities with denial-of-service attacks. The spreading of previously non-public information through a sophisticated network of Web sites beyond the reach of law enforcement is a far more effective -- and potentially damaging -- form of online protest.

In fact, security experts openly fretted at the security conference that WikiLeaks imitators will soon become commonplace.  And unlike WikiLeaks, not all imitators will consider their work to be goal-oriented hacktivism. In other words, they may not go to any trouble to redact information prior to publication in an attempt to avoid collateral damage to innocent bystanders. Some may simply be motivated by creation of pure anarchy.

"The question is, will the advent of WikiLeaks trigger a mass distribution of information from the hidden depths of public and private entities?" said Jeff Bardin, founder of security research firm Treadstone LLC.

Most who examined the HBGary incident came away with the view that CEO Aaron Barr willingly put a target on his own back by threatening to publicly expose members of Anonymous.  And since the release of the e-mails, several important discoveries have been made, suggesting the firm was part of a conspiracy to discredit WikiLeaks in advance of upcoming data leaks that could embarrass prominent U.S. companies.

On the other hand, many of the e-mails contained innocuous information, such as personal life details, information that could lead to identity theft, or potentially humiliating online purchases.  It's important to note that both senders and recipients of the e-mails were made public, meanings hundreds -- if not thousands -- of outsiders were also dragged into the HBGary disclosure. Nearly everyone interviewed at the RSA conference in February had searched the database to see if their name and e-mail was in it.

"This goes way beyond exposing wrongdoing, though there was wrongdoing exposed by the e-mail," said Kevin Poulsen, author of the new book "Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground." Poulsen is also senior editor at Wired.com

Stealing someone's e-mail and publishing it online, regardless of the impact on innocent bystanders, is hardly new. It happened when a criminal stole Sarah Palin's e-mails during the last presidential campaign, and it's happened to plenty of so-called "white hat" security researchers in the past.  The Anonymous incident is different, however, because the group made it so easy for others to search the e-mails for embarrassing details.

"It's the sophistication with which they put it out there that's different," Poulsen said. "That was clearly WikiLeaks-inspired."

Gregg Housh calls himself an Internet activist who has been associated with Anonymous in the past. He describes himself as an avid observer of Anonymous, and he has at times served as the group's public face. He said Anonymous had no concerns about such collateral damage when it published the data, and probably won't think much about that going forward.

"That's just the way it's going to have to be now," he said. "It didn't have to go this way, but many people in your field (journalism) failed us. ... It was only natural that something would show up and replace it. I don't see anyone at all, even slightly, caring about what happened. For the most part the Anons who did it feel like messengers.  It's Aaron's (Barr) fault it happened and all blame should be put squarely on his shoulders."

Housh agreed to act as a go-between for msnbc.com to get thoughts from Anonymous members, and said a spokesman from the group offered this response: "In all honesty, we didn't care what was in these e-mails, let alone what damage they might have caused. We were focused on getting revenge on Aaron Barr, everything else was just a bonus --  we don't regret what was uncovered and we'd do it again a thousand times over."

Barr resigned from HBGary on Monday, according to Forbes.com. Anonymous, meanwhile, knocked the website for Americans for Prosperity offline. That conservative organization has been very active in the Wisconsin standoff over collective bargaining rights, spending more than $400,000 in TV ads in support of Republican Gov. Scott Walker's plan to take away union bargaining rights.

In a press release attributed to the group, Anonymous said it was taking on the billionaire Koch brothers, who fund Americans for Prosperity.

"Their actions to undermine the legitimate political process in Wisconsin are the final straw. Starting today we fight back," the press release said.

Anonymous acts much like a traditional hacktivist group, having planned several old-fashioned denial-of-service attacks in support of WikiLeaks and other causes.  But theft and distribution of data as a method for revenge will likely bleed into pure anarchy, experts worry.

"The evidence is thin at this point but I think we will see a lot of that in the future," Poulsen said. "Intruders motivated by ideology and revenge, hacking for the purpose of shaming."

Such groups will be particularly troublesome because, unlike WikiLeaks, they will have little to lose. WikiLeaks had donors to please, Poulsen said, and leader Julian Assange showed signs that he was motivated by a quest for credibility.  As a result, the Web site improved efforts over time to remove information that might cause collateral damage from its releases, at one point experimenting with eliminating all proper nouns from some document dumps.

"We will not see that from copycat groups," Poulsen said. "They don't care about respectability. They have no interest in fundraising."

One reason Poulsen thinks a rash of copycats might be coming: It's often easier to hack into mail servers than other computer targets.  Until recently, hackers seemed primarily interested in stealing financial information for personal gain. That means computer firms have spent most of their energy protecting computers which host that valuable data. But it also means that many have taken their eye off the ball when it comes to other servers, which were thought to be unattractive targets.

Until now.

Internet users have always been told that anything they write in an e-mail could end up in court, or in front of a boss's prying eyes. Now more than ever, that warning should be heeded: Don't type anything on a keyboard that you wouldn't want the entire world to see. Even if you feel like your company's servers could never be hacked, can you trust every company you ever e-mail?

And here's another piece of advice from Poulsen.

"Don't piss off Anonymous," he said. 

Bardin is not quite as pessimistic as some of his peers. He thinks the current trend of leaked and hacked information being splattered all over the Internet will not continue unabated.  A combination of improved security techniques, and the establishment of alternate channels for airing government and corporate gripes, will ultimately slow down WikiLeaks imitators, he thinks.

"We are seeing the spikes of those releases until controls are put in place and it becomes a method of ethical disclosure as opposed to a state of information disorder," he said. 

RED TAPE WRESTLING TIPS
Hypponen said that even though he believes the likelihood that the average Internet user will get caught up in an Anonymous-style disclosure is small, there are some common-sense steps users can take to protect themselves.

"It might be worth considering deleting all e-mails that would be older than, say, six months. You could archive older e-mails to an offline storage that could not be reached by an online attacker. This would at least limit the amount of damage that could be done," he said. "And of course, create a smart password and authentication policy and follow it through."