In today’s age, our data privacy has been challenged by the rise of Big Tech. There is a saying, “When we get something for free, then we end up being the products.” In the age of information, all the clicks we’ve left behind — and will leave behind in future — are being (will be) used to analyse us, rate us, package us, and sell them back to us. In a 2019 article, The New York Times outlined how we have “secret consumer scores”: a hidden rating that determines how long we wait on hold when calling a business and the quality of service we receive.
A Tinder algorithm of sorts — a low score sends you back to the queue, and a high score will fetch you elite treatment. The society we live in today is witnessing an enormous amount of data flow and a rampant surge in algorithm systems that make decisions without us knowing whether these decisions are fair for us.
What does big tech do with your data?
Big Techs, also known as FAAMG (Facebook, Amazon, Apple, Microsoft, and Google), are competing to harvest as much data as possible and sell it to third-party applications and businesses.
Big Tech companies have acquired extraordinary amounts of data on individuals through internet browsers, email, weather applications, maps, and satellite navigation systems. These firms document how we browse, what food we enjoy, where we buy our socks, which music soothes us, what movies we watch, where we travel and how we let the world know about it.
Google contains 4.14 GigaBytes of data on me. (Those who wish to download their Google data may use this link.) When you download a copy of your Google data, you will see a folder containing multiple subfolders, each containing one or more .json files.
In a folder labelled ‘Location History,’ Google kept a history of my monthly location data since 2016 — with detailed information about whether I was walking, running, tilting, cycling, or in a vehicle, along with timestamps of the activity, location name, latitude, and longitude.
Another folder recorded the ads I may have seen based on the websites I visited. In another, the files contained the details of the sites I had visited, images & videos I had searched for, and apps I had opened, along with the duration of each. Even my Google Voice search recordings are listed in yet another file, along with the date and time of each recording. This is not just a story of Google.
According to the New York Times report, Facebook was accused of storing personal data on its databases. Instagram, along with its parent company, Facebook, holds data on removed friends, phone books, blocked contacts, pictures, chat conversations, photos & videos sent and received, among other things. Instagram, of course, retains your search history to show targeted ads.
Even Alexa could be listening — carefully. According to a 2019 Bloomberg report, Amazon Inc. employs thousands to help power the Alexa digital assistant, which is used in Echo speakers. Amazon, however, claims that it uses users’ requests to Alexa to train its “speech recognition and natural language understanding systems.”
While we, the users of web services, may be generating enormous amounts of data, we have no control over it. In turn, the Big Techs constantly monitor how we produce data and refine our choices to create better products.
How is technology affecting data privacy?
We’re in an era of data collection and surveillance, whether we opt for it or not, in several instances. Panopticon–that is what Michel Foucault would have called it. These companies have been hungry for the hyper-personalisation of user data to gain a competitive edge. As a result, they want to know everything about a particular consumer (his/her needs, desires, and behaviours) to make valuable recommendations. This quest for hyper-personalisation leads to the misuse of user data.
A classic case of data misuse? Cambridge Analytica Scandal.
In early March of 2018, two leading newspapers, The Guardian and The New York Times, carried out a chilling report on how political consulting firm Cambridge Analytica, which worked for the Trump campaign, had harvested the personal data of millions of Facebook users without their consent to “build a powerful software program to predict and influence choices at the ballot box”.
The data was collected through an application called thisisyourdigitallife, which academic Aleksandr Kogan of Cambridge University built. In collaboration with Cambridge Analytica, Kogan had paid hundreds of thousands of users to take a personality test and agreed to collect their data for academic use. However, the app also collected data from test-takers and Facebook friends, accumulating unprecedented amounts of data.
According to some estimates, Cambridge Analytica harvested the private information of more than 50 million Facebook users without their consent, making it one of the most significant data breaches in social media history. The Cambridge Analytica Scandal exposed how third-party developers easily accessed users’ data and sold it to companies that misused this information.
Since the 2018 Cambridge Analytica Scandal, user data privacy has become a mainstream concern. These data privacy concerns have put Big Tech under the radar of privacy watchdogs. In the last few years, we have seen (in many instances) how the Big Techs have mishandled consumer data or mined data without the user’s consent. Data privacy concerns extend beyond personal privacy to encompass numerous issues related to what data protection means for democracy and who owns our data.
How should one protect their data on the internet?
Data privacy concerns how data is collected, stored, managed, and shared with third-party entities. It focuses on individuals’ rights to know the purpose of data collection, their privacy preferences, and compliance with privacy laws.
Three approaches to addressing data privacy concerns are interconnected and overlapping. Initially, the responsibility for data privacy lies with individual data users. On the personal front, we need to know what is personal to us and share the data only when necessary with entities we know we can trust.
When we open our emails, we should not click on links embedded in unsolicited emails, as they may lead to an unsecured and potentially harmful webpage. Always pay attention to the URL and ensure it begins with “https://”, as “s” indicates the URL is encrypted and secure.
Do not give unnecessary access to cookies, and periodically delete them from your browser. You (the data users) may take precautionary measures while securing your data.
Secondly, we need our governments to take the necessary steps to regulate big tech and protect individuals’ rights to data privacy. There is the GDPR (General Data Protection Regulation) 2018 in the European Union, which gives individuals more control over their data.
According to the law, data controllers must not collect personal data without the consent of the data subjects. They must disclose any data collection, declare its lawful basis and purpose, and state how long the data is being retained and whether it is being shared with any third parties or outside the EEA.
In 2020, the state of California in the United States enacted a new data privacy law, specifically the CCPA (California Consumer Privacy Act), to enhance the privacy rights and consumer protection of its residents.
The law empowers its residents to know what personal data is collected about them and/or whether it is sold to third-party entities. It requests these business entities to delete their consumers’ data. The proposed Personal Data Protection Bill in India aims to regulate the collection, storage, and handling of personal data.
However, there are concerns that these laws might turn the country into an “Orwellian state” — due to government bodies’ exemption from accessing personal data. More regulation is likely to come in 2021.
Third, we need to innovate newer ways of dealing with data products, with a priority on data privacy. For instance, in 2018, Pittsburgh-based PNC Bank piloted a card with a dynamic CVV, changing the card’s CVV every 30 to 60 minutes.
The dynamic CVV technology was developed to combat card-not-present fraud, which has been increasing for years. In another example, we can see that passwords are replaced with cryptographic keys and multiple layers of biometrics.
Signal, a California-based messaging application run by a not-for-profit organisation, offers users end-to-end encryption. Signal’s “Sealed Sender” feature makes conversations more secure, as the platform cannot access private messages or media and does not store them on its servers.
While WhatsApp provides end-to-end encryption for messages, it can still access other private information — another good reason to consider shifting sides.
Another innovation, Presearch, is a decentralised, open-source search engine with enhanced privacy features. Built on the blockchain, Presearch rewards its users with PRE crypto tokens. They do not track or store any information or searches.
As a result, the users control their data. Along similar lines, Tim Berners-Lee, creator of the World Wide Web, has led an exciting project called “Solid” (derived from “socially linked data”) that aims to radically change the way web applications work today and empower users of data, their freedom to choose where their data resides, and who is allowed to access it.
Solid is all about PODS – personal online data stores. Here, an individual has a PODS in which all the personal data is stored. You may choose to host the data wherever you wish. Instead of uploading data to remote services, the services are granted permission to access the data in one of your PODS.
Cover Picture: Yang Jing on Unsplash
An interesting dialogue is value comment. I feel that you must write more on this matter, it may not be a taboo subject however generally persons are not sufficient to talk on such topics. To the next. Cheers
Thanks for reading 🙂