Surveillance and information gathering has reached worrying magnitudes for many in the internet enabled world. This week we will consider the following questions about information technology and privacy:
1. What is privacy today?
2. What is the current internet privacy position?
3. What are the internet risks to privacy?
4. What impact does social media have on privacy? In doing this Facebook and Google will be examined.
5. What impact is the law having on internet privacy?
6. What impact is the internet having on the privacy of government and corporations? As a case study Wikileaks will be examined.
7. Is privacy dead in the internet world?
What is privacy today?
Privacy in most definitions is referred to as being concealed or hidden, secluded from view. The term can be applied to individuals or groups (such as governments or companies). The concept of privacy has changed over time – the concept of what should be private 100 years ago was different in industrialised countries than it is today. Sharing family pictures and information was much less common then. The concept of privacy also varies between cultures as we can see around the world today.
Privacy laws vary between countries and many companies have privacy policies that govern how they will deal with privacy issues. This week is focused on information technology and privacy and what it means for people in today’s world.
What is the current position?
A study was undertaken in 2009 by the University of California at Berkeley School of Information, entitled KnowPrivacy. It compared users’ expectations of privacy online and the data collection practices of website operators.
When they examined user expectations and knowledge of internet privacy they found that users were concerned about data collection online and wanted greater control over their personal information. They also lacked awareness of some data collection practices – they were not aware of them and, when they were concerned, they did not know who to complain to.
The complaints that they would like to make were categorised and examined. The most frequent complaint was about user control of the sharing of their data – they wanted the ability to determine when their data was shared and when they could keep it private. The next area was the public display of data and, again, they wanted control of when and what was publicly displayed about them. The results on this question are displayed below:
Website policies appeared unclear about several important issues, such as rtention of data and practices to enhance it.
They usually claimed that they did not share user data with third parties, but they dis share with “affiliates” that users may have no relationship with.
Web bug trackers were ubiquitous. Analytics and ad serving companies can track user behaviour across large portions of the web. The study looked at the 50 most popular websites and their data collection practices and found that all collected the IP address of visitors to their site, nearly all collected contact information and customised ads to the visitor. Few allowed user access to control sgaring of their information. The following chart shows the data gathered:
Ghostery is a free service that allows users to see the information that is being gathered on them and to control it.
Next, the study looked at privacy policies and sought to understand the impact and issues that there were with these policies that were designed to reassure users about their private information. They found that most privacy policies were difficult to read and written in legal jargon which made it difficult for most people to understand them. Their existence led people to believe that the privacy of their data was being protected where, in most cases, it was not. The time required to read privacy policies was too great.
In general, the study found that privacy policies were usually poor with the user having little choice which might allow them to see the difference between a good policy and a poor one. Further, they found that users were usually unaware of the potential dangers in the access to their data that exists on most websites today.
While visiting websites and sharing data with them exposes private information that users may not wish to, data breaches are also a serious issue in the internet enabled world. The Open Security Foundation collect data on security breaches and their website allows users to analyse data on data breaches in many countries:
We can see from this evidence that users are concerned about access to their personal data and that there are significant issues in how data is handled today that give concern about how this is being managed now and how it will be in the future. The growth of social media raises further concerns.
What impact does social media have on privacy?
The commonly used social media sites collect large amounts of data on their users. The following video from the Canadian Federal Privacy Commissioner describes what they do:
The privacy issues here are about how much you want to share of your data and who you want to share it with. Facebook now has over 400 million users and there has been significant controversy about its privacy settings. After implementing a significant change to these in the spring of 2010, they were forced to back down in the face of strong user resistance to changes that would have made data much more accessible to Facebook. Many users remain unaware of how to change their Facebook settings to control access to their data. The following video explains how to do this:
Attention has also focused on the privacy activities of Google. Many people are unaware of the data that is collected by Google today:
Google currently supply governments with information. They provide an interactive map that allows you to see this by country:
The question here is how far Google should go in profiting from information. It has been reported that there is some dispute amongst Google’s founders as where the line should be drawn.
Finally, Google were criticised for their activities in the creation of Streetview which apparently gathered more than the data needed to create the Streetview maps.
The Internet and the Law
Focus is growing in the US on the creation of a Privacy Bill of Rights, intended to ensure that the rights of the individual will be protected on the internet. There has been concern in the US that self policing of privacy issues by internet organisations has not been working. The global consensus appears to be that privacy is an important issue. The US are also concerned about the national security issues privacy. Participation of the US in internet privacy is important because most of the major internet companies are based there.
Canada has a Privacy Commissioner who takes an interest in what happens on the internet as do the provinces. Ann Cavoukian is the Privacy Commissioner for Ontario who argues that privacy should be designed into products and services:
The internet is also used by law enforcement authorities and this is a concern to some people because they feel this may affect their civil liberties. The following video provides interesting detail on how the internet is used for law enforcement in the US:
There are a number of organisations that describe themselves as looking out for the user on the internet that have campaigned on privacy and access to information. The Electronic Frontier Foundation is one of these. Founded in 1990 they are “champions of the public interest in digital rights. They lobby and campaign on legislation, advise policymakers and educate the press and public.
What impact is the internet having on government and corporate privacy? – Wikileaks
Government and corporate privacy has also been impacted by the internet. Wikileaks is a significant example of this and opinions are sharply divided on its legal and ethical foundation. Wikileaks describes itself as:
“We are of assistance to peoples of all countries who wish to reveal unethical behaviour in their governments and institutions. We aim for maximum political impact.”
Their founder is Julian Assange and he was interviewed on TED where he describes what they do and why.
Assange has been described as a terrorist and calls have been made for his arrest and imprisonment:
Clearly there are significant political implications of the Wikileaks activity.
Is Privacy Dead?
Finally, many people have argued that, as a result of the internet, privacy is dead. The concept is a popular internet topic and Mark Zuckerberg of Facebook has argued that there has been a change in peoples’ attitudes to privacy that would make them willing to share more information. While others argue that we need to manage the way that privacy is implemented on the internet and that it should be possible to do this in a way that governments, companies and individuals will find acceptable and that we do not need to change our privacy outlook: