If you're being naughty on the Web, internet privacy is a Big Deal. You know there are kooks out there. And if you're taking advantage of all the free stuff the Web has to offer, maybe even beating greedy "free" Web providers at their own game, it might be them that pose the greatest security threat. Therefore, it is important to keep your buns covered.

Staying out of trouble

It's always been said that "The nail that sticks up gets hammered down." If you're using your friendly free services to their fullest (that's one way to put it), the last thing you want to do is attract undue attention to yourself. So, if you follow a few simple rules, you can make your free Web accounts last much longer.

• Don't post warez or illegal MP3s, or any other stuff that is definitely against the law. If you feel you really really have to anyway, camouflage it well.
• Don't post controversial or possibly-illegal materials, such as bomb-making recipies, Anarchists Cookbook, marijuana stuff, porn (unless your server explicitly permits/encourages it), or information on taking advantage of the host. Dont' even link to it. If your host has a history of political censorship, just don't post whatever it is they don't agree with there, e.g. if your host has pop-up ads, don't put up a pop-up ad protest page; if they don't like Communists/Christians/Jews/$cientologists/gays/lesbians/liberals, and you happen to be one, there's no reason they have to know.
• Don't use the host's own space to attack/criticise that host, you will get deleted.
• Respect others' security as well. Don't post peoples' real names, email addresses, pictures, phone #s, etc. without their consent. Not only might they complain and call attention to you, but it's just not a nice thing to do. Golden Rule, and all that.
• Don't rat out or piss off your neighbours. You don't have to go out of your way to befriend each and all of your server-mates, but you don't want to stir up animosity against yourself if you've got naughties in your account. The toes you step on today may be connected to the mouth that gets you deleted tomorrow. Additionally, adept webmasters can smell a rat a mile a way; it may come as a surprise how accurately someone can find out (or guess) who squealed on them. If you turn in a fellow user for having porn/warez/MP3s/contraband in their account, they might be all too happy to return the favor. If they're going out of their way to create unfair competition, hey, you gotta do what you gotta do... but always remember to be careful.

Leaving no trace

When you sign up an account at any free webpage provider, it is a bond of trust. They trust you to abide by their rules. You trust them to respect what you do for them, and to respect the confidentiality of any personal information you give them. And this is how the free webspace deal works--in theory. In reality, though, they don't trust you to follow the rules. As discussed in more detail below, many FWPs (Free Webspace Providers) have fairly mercenary systems in-place to actively monitor user accounts and alert the administrators to potential violators. Similarly, you can't trust them anymore than they trust you. One particulary large/popular FWP has recently settled with the FTC over charges of illegally disseminating members' personal information, after promising said members that this would not be done. Furthermore, if you're using your account for illegal purposes (a word of advice--don't), some FWPs may pass on your address and other information directly to the Fuzz. Soooo....

Don't give them your home address!

Some FWPs will ask you, in the registration form, for your home/mailing address. Don't give it to them. Give them a plausible-sounding but made-up address. Most of them never bother to check this stuff personally, but if their sign-up script checks your city or ZIP code with a database, use this list of valid cities/ZIPs.
This applies to everyone, not just the idiots who are using their accounts to break the law. The old X-Files motto "Trust No One" is especially meaningful on the Web, as you really have no idea what kinds of people you may end up dealing with. As stated earlier, there is a well-deserved mistrust between the host (FWP) and the parasite (you). Should you have some sort of a fallings-out with your host at some point in the future, you want the ability to slip from their fingers like a wet bar of soap, leaving behind no possibility for them to retaliate against you. You should understand (especially if you've read the section on corporate pagewaxing) that a large and powerful business with corporate interests to maintain can be a holy terror against any adversary, be it real of perceived, that it may encounter.

Your best ticket to success is to enter a plausible-sounding address, with a city that really exists and its correct ZIP code. If worst comes to worst, you can (if you live in an apartment, dorm, etc.) give them the address of the building but not the room number. Not the greatest protection, but with 30 tenants it would be hard for anyone to know which one the Webspace account belongs to.

Don't ever, ever give them your home phone number!

The home phone number is quite a convenient identifier, as is a street address or social security number or credit-card number. A frothing enemy can look it up to find the rest of your personal info. They can assault you with threats (litigation or otherwise) and harassing phone calls, or (for the younger Webmasters out there) get you in Real Deep Shit with your parents. As the youth crowd can probably attest, A) Adults are stupid  B) They are ignorant and  C) They generally don't trust their children (or any youth) or take them seriously. So, a raving corporate Web lunatic gets Mom on the phone and rattles off a series of charges ranging from defamation to trademark infringement to NDA violation (insert any other bogus but official-sounding legalese here) and alludes to a lawsuit or two, and suffice it to say Junior isn't going to be writing any more pages for a while.

Careful about giving them your real name!

Maybe not as good a tracer as a mailing address, but your true name can be a help. Assume you can safely get away with using your real name if it is a fairly common one (see how many hundred Bill Webbs are in the 411 directory...none of them is me, BTW). On the other hand, if you have a rare of relatively unusual name, you might consider a pseudonym. Hey, Mark Twain did it :)

Don't even give them your real e-mail address!

It's another item they can use against you, in this case to try and get you in dutch with your dialup ISP. Even if they don't or can't, it is still on the foolish side to use your primary email address to sign up for a FWP account, as you have no way of knowing that your email addy, or anything else you give them, won't be sold to direct-marketing organizations, telemarketers and spammers of every description. Setting up, say, a free Hotmail account takes about three minutes (don't forget to give them bogus info too) and insulates your ISP account from potential hazards.

I realise that these suggestions are erring on the side of caution and yes, maybe even paranoia...but you're always better safe than sorry.
 

Covering your tracks

If ever you feel you're doing something that might put your account in jeopardy, anonymize! This old chap learned it the hard way a couple years back as a free webspace greenhorn...my first serious Webspace account (not counting my original Angelfire monstrosity, written with the online page-wizard and everything) was on GeoCities in early '97. Everything was peachy for a little while until they started going greedy and all Hell broke loose with member accounts. I'm talking around the time they started selling member e-mail addresses to online marketers for profit. Anyway, some idiot spammer gets hold of my email address through this deal and I start getting spammed every day or so for refurbished computer widgets. Being the naive webmaster that I was, and having little experience with corporate interests, I fired off an email through my GeoCities email address flaming the advertiser and warning them, using some very direct language, that I did not appreciate their spam and I had better not get another one. It took the incensed advertiser all of about 2 seconds to forward my rant to GeoCities, who took about another 2 seconds in suspending my account.

Long ramble, but the moral is, spread your traces as thin as possible. Any site you surf onto records your IP address, what page on what server you came in from, who your Internet provider is, possibly your username, et cetera. E-mail can tell them even more. Don't forget to disable all cookies, and anonymize your dialup whenever you smell a rat. Regular old common-sense will help keep you in the clear.
 

Know thine enemy

Keeping tabs on your host's TOS enforcement department is crucial to the security of your "naughties" account. A number of FWP's have some sort of policing mechanism in-place to weed out riff-raff like you. For example, GeoCities has its volunteer stoolies who keep watch over their directories and turn in delinquents via a content-violations reporting form, and Tripod has "SkinFinder", a server-side process that analyzes the amount of fleshtone in incoming image files to determine the likelihood of them being pornographic. Images with a high fleshtone content are flagged for manual investigation by Tripod staff.
Familiarize yourself with their enforcement mechanisms, both automated and manual. A domain-banning script or other obfuscation is a good idea to deter your host's prying eyes in your account.