Why Is Privacy The New Dilemma Of 2020?

[steven36]

Your significant other's birthday is coming up. You've been surreptitiously browsing on your phone for a certain pair of shoes that you overheard her discussing with her sister on the phone earlier today. You remembered the brand name and color she mentioned. You're hoping to pick up a pair and surprise her.

 

 

She jumps on the family laptop to check social media.

 

"Honey?" she asks quizzically. "Have you been looking at ladies' shoes online?"

 

Frozen, you run through your mind what could have happened. You're tech savvy enough to understand that she just saw a targeted ad, but you didn't use that laptop to search for the shoes. Why is she seeing that ad on that machine? Is it because she has searched for similar products in the past? Is it just a coincidence or something more alarming? Your paranoid side wonders if your family's phone conversations are being parsed by an algorithm in some giant water-cooled data center far away.

 

The truth is likely simpler but increasingly irritating to many. Many social media sites and other online services do everything they can within the law (and sometimes without) to gather as much information about you as possible anywhere and in any way they can to track your activity. They then partner with other parties to run ads that they think you'll respond to — or they simply sell your tendencies outright. That means if you're logged into a browser or device (maybe with one tab on your social profile and another on a shopping site or search engine), you're likely to see ads related to your searches — even on other devices. If you share a device with others, you'll all frequently see ads intended for each other.

 

It's fairly common knowledge at this point that this tracking of online browsing habits is accomplished through the use of cookies that are saved on local machines and feed information about users to host servers. Cookies work with other mechanisms like tracking scripts and pixels. Tracking scripts are built into the code of websites themselves and help gather analytics about user activity. Pixels attempt to correlate the data collected about each visitor to any known social media accounts.

 

A recent law passed in the European Union, the 2016 General Data Protection Regulation (GDPR), has forced websites to add warnings that disclose the use of cookies to users, which is one of the reasons so many commonly accessed sites now have a "consent" dialogue that appears upon visit.

 

Very little regulation similar to the GDPR exists in the U.S., though. The California Consumer Privacy Act (CCPA) was passed in 2018, largely in response to the widespread practice of data brokerage in which consumer data is collected, aggregated and sold, all without the consent of the consumer. The CCPA gives consumers more say in how their data is used — and more recourse against shady data brokers — but only applies to California residents.

 

Website warnings often state that the purpose of their use of cookies is to provide users with the "best experience," which is their way of saying that their intrusive tactics are ultimately for our own good. The increasingly privacy-conscious public isn't having it. Web browsers and plug-ins that automatically block third-party cookies (the most egregious offenders) are gaining in popularity. Users are making better use of privacy settings on their browsers, devices and profiles.

 

In the information security world, I'm a witness to some of the darkest sides of the internet. Even businesses just looking to boost sales by finding the right customers may be unintentionally helping hackers and unethical data brokers by doing the collection work for them.

 

Not all internet users are literate enough to tweak their browser settings or are even aware that their privacy is being compromised. The pressure is mounting from above in the form of government regulation and from below by fed-up citizens becoming more aware of what's being done beneath the surface of sites they trust. Businesses need to take more responsibility to protect user data and stop being part of the problem. If they continue to disregard user privacy, it may be time for stronger and more universal legal measures to force compliance.

 

The first rule for businesses should be complete transparency with customers about how their data is being used, even to the point of going beyond what's required by law. Have "opt in" instead of "opt out" for anything shared outside your organization. Don't try to circumvent user blocks on certain kinds of collection modules. In general, show good faith.

 

The potential ruin of a birthday surprise may seem hardly enough of a transgression to get cranky over, but what if someone is searching for information on a medical condition that they'd prefer to keep private and the next user on that device sees an ad for a relevant pharmaceutical? People want privacy for different reasons, but most of all, they just want a choice about what happens with their information.

 

By:  Jaime Manteiga  Founder & CEO at Venkon

 

Source