Are you worried about your personal information being stolen from the net? Many people are, especially in light of the news that 145,000 profiles had been stolen from data profiling company ChoicePoint and that Paris Hilton's address book had been hacked. But a new study tells us that identity theft is more common in the paper world, suggesting that our concerns about the Web are out of line.

According to the study by Javelin Strategy and Research, the most frequent source of information used to commit fraud is a stolen checkbook or wallet, not online data. Online data provides the source in only 11.6 percent of the infractions -- a far cry from what the public thinks is happening; and it agrees with what I've seen in the past.

Don't get me wrong. You should be concerned with the safety of your personal information, no matter where it is stored or how it is transmitted. But you shouldn't be suckered into thinking that the Net poses a particular threat that is much higher than other threats; and in some ways, it could be your salvation.

In fact, your own system is probably much more susceptible to data theft than if you keep your personal data in a well-secured Web service.

Over the years, I've made hundreds of presentations to business and technical groups about a variety of subjects including security and safety. Years ago, I got the idea to ask an audience of information technology executives about the security breaches that they had encountered. Overwhelmingly, my audience told me that their biggest security problems were internal breaches -- with paper breaches as common as computerized breaches. I was so surprised by the results of my informal poll that I pursued the same questions with subsequent audiences -- and found amazing consistency.

It's not the online threat that poses the greatest probability risk of stolen data. Most good Internet services have dedicated secure servers on protected networks, often in guarded rooms. Contrast that with your own home, where you don't password-protect your system, you place your network within reach of neighbors and passers-by over wireless access points, and leave your bank and credit card statements open on your coffee table where the appliance repairman or any other visitor can read it at a glance. Yet you're worried about putting it online?

The concept of putting your data online seems spooky to many people, but in reality your information is already there. You just have no control over it. You're better off with it online if it is within your control.

Sam Gerace, the founder of BeFree, uses an easy-to-understand demonstration to show how information gets into these databases. He pulls out his key chain and holds it up so his audiences can see his grocery discount card from Stop & Shop, the New England supermarket chain. Then he tells them that anybody who uses it is selling his or her privacy for a few dollars in monthly savings.

But it doesn't stop there. Any time you fill out a contest form or application for credit, or register for an event, you're adding data to a database -- and it doesn't matter whether you've filled out the form on the Net or on paper. At least on the Net, you can read the privacy policy (in many cases), so you can decide whether you want to give your data to that Web site operator. In many cases, humans never see your info.

That privacy policy is the real indicator of whether you should be willing to put your data online -- because it indicates your expected safety level.