Online businesses know a lot about their customers—and they can easily learn a lot more. What standards should web sites follow with personally identifiable information that they gather?

As with any business, online service providers know the names, addresses, and frequently the credit card numbers of their subscribers. But records kept by the provider’s computers can also keep track of who their customers exchange email with, when they log in, and when they go on vacation.

Internet service providers can learn even more about their customers, because all information that an Internet user sees must first pass through the provider’s computers. ISPs can also determine the web sites that their users frequent—or even the individual articles that have been viewed. By tracking this information, an Internet provider can tell if its users are interested in boats or cars, whether they care about fashion, or even if they are interested in particular medical diseases.