Security News

Privacy on the Internet: There is no such thing as a free lunch

Ondřej Vlček, 20 January 2016

Privacy on the Internet: There is no such thing as a free lunch.

This is a reprint of The elusive "P" which appeared in the January 2016 issue of Indian Management.

As we increasingly traverse the virtual realm, we are putting at stake a crucial aspect—our much-treasured privacy.

There is not a lot of privacy on the Internet today. Every place you go – websites, social networks, apps – all know your IP address and where you are located, which they can correlate with your demographics, age, gender, and the websites that you visit. Social networks can even tell advertisers what your political leanings are and which religion you practice, and the Internet knows which books you read, which cosmetics you use, and whether or not you are pregnant, getting married or divorced. At the end of the day, search engine companies and Internet Service Providers know everything about you. With the up-rise of the Internet of Things, Internet-connected devices can dig even deeper into our lives. Our cars remember when we drove where, how fast we went, and what music we were listening to, while our smart watch can tell us more about our health than our doctors can. Privacy is a thing of the past.

A trade-off between convenience and privacy

In our day-to-day usage of the Internet, each of us are either making a conscious or unconscious trade-off between convenience and privacy.

One example of this can be seen in Gmail, the hugely popular email service used by nearly one billion people around the world. Most people will, but others might not recognize that they receive advertisements which are somewhat related to the subject of their emails. This is due to the fact that the subjects of a user’s emails are sent to various advertising engines to come up with relevant content to serve back to the Gmail user. For someone who sent an email with ‘vacation’ in the subject line, this may result in the user receiving ads with flight offers during the following days.

As a consumer searching for different things on the Internet, you are likely making the connection that advertisements that you see are based on the searches you have recently made. This is the result of targeted advertisements, which can simultaneously provide true value and can also cause problems or be embarrassing. For example, if a family shares one computer, certain family members may not want their parents or children knowing about their search history. This becomes difficult to avoid with targeted ads, since the ads displayed are related to search items that were originally intended to be confidential.

Taking this a step further, we also need to start thinking about the advancement of our smart devices. One big enabler of privacy violations is geographic tracking embedded in everyone’s devices -- from our smartphones to our cars. As geotracking becomes an everyday feature in cars, people can effortlessly follow their spouse or child while they are driving, keeping track of their speed, location and driving habits. While this could potentially encourage safe driving, it could also have negative effects on those who don’t want to be surveilled. What’s more, the data collected by a car could be sold to insurance companies that will refuse payment in the case that an accident was caused by speeding.

For the most part, people may understand the risks that come along with the development of smart devices. However, when feeding companies with mass amounts of data collected by these devices, users continue to make a conscious trade-off that results in the loss of their personal privacy.

Free software and the lure of fast click-through agreements

One of the reasons why people so easily and willingly give up their privacy is that most of the software they download comes with no price tag attached to it. Back in the 90s, software was sold in stores and was fairly expensive for the average consumer. Now that the majority of software is downloaded online and is distributed largely free of charge, the products come with a price tag of a different kind -- the infringement on consumers’ privacy and security. This issue is heightened by the fact that many people don’t take the time to read through their software’s click-through agreements.

The real question is this: What does a user receive in exchange for giving up their privacy? Additionally, are they willing to lose the convenience that software and apps provide if they want to keep their privacy intact?

Certain services of trusted companies can serve very useful purposes, such as free email services, search, text messaging, social networking, health monitoring, or child safety; and targeted advertising by social networks, search engines and other web services is not seen as risky. The more an app or web service knows about you, such as your location, your interests, your contacts, the better they can target you. Some people prefer seeing targeted ads, as the ads displayed become increasingly relevant for them, while others find targeted advertising to be, to a certain extent, an invasion of privacy.

The only way to completely prevent being spied on in today’s day and age would be to not use the Internet nor smart devices and free services that access sensitive data in order to target ads.

There are, however, tools in the market, like browser-add-ons that provide consumers with information on web interactions with social media sites, advertising networks that share data, and the analytics used to improve a website. Clever technology can identify these from either cookies or programming code that is embedded in the website. There are also apps for mobile users helping them understand which data apps can access and which ad networks they serve.

A joint effort needed between industry and politics

Although there are solutions available, it cannot be solely the consumer’s burden to determine how to navigate the trade-off between privacy and convenience. It’s not possible for users to stay 100% informed about what happens to their data, as most companies simply don’t communicate these things to their customer base. To combat this issue, companies should focus on increasing their transparency, making their privacy agreements easy to the average user to understand, and putting significant effort into educating their customers. Politicians will also need to determine just how far companies can legally go with the collection and distribution of user data.