image source from: strumentires
With the continuous development of smartphones and digital media, while we enjoy the convenience brought by them, the threats behind them should also be paid attention to and considered by people. Let me give you a simple example. I like to buy cosmetic products. When I am interested in a product, I will search Baidu or YouTube for related reviews of this product. When I finished my homework and opened the shopping software to buy, I found that what I wanted to buy would accurately appear in the push given to me by the shopping software. It saves me time searching for products. But if your privacy is not compromised, how can shopping software know what you like?
What is privacy?
Privacy is a fundamental human right. It is the foundation of freedom from discrimination. Privacy is difficult to define because different countries and people have different ideas about it. (Office of Australian Information Commissioner, 2020) The previous literature usually divides privacy into two methods according to privacy characteristics. One is access, and the other is control.
Access can be understood as a constraint on privacy, whether other people’s access to you through information, attention, and proximity makes you uncomfortable. (Ruth Gavison, 1980, as cited in Nissenbaum, 2020, p70) If you are uncomfortable, it means that privacy is not respected and vice versa. For example, when you drink coffee in a cafe, someone sits across you with a cup. She smiles and says, “Would you like to be friends?” Two things happen. First, you think he looks nice, and in a good mood, so you agree and start talking. Second, you may have just had a bad experience and want to enjoy coffee. Suddenly someone sits across from you with a cup of coffee. You feel uncomfortable with the intrusion of your time and space. You get up and leave. Various external and internal factors determine the scope and degree of personal privacy. Privacy is the condition that restricts others from approaching you and visiting you.
Control can be understood as privacy a claim. Individuals have the right to demand and control their information content, and information data can be transmitted to how many people. (Westin 1967, as cited in Nissenbaum, 2020, p71) The simplest example is the issue of age. When strangers start to talk, they like to ask each other’s age as the topic to start the conversation. Some talkers think it is okay to tell someone how old they are. In contrast, others will feel that the age issue offends them. Age is personal privacy. Individuals have the right to choose whether to tell others about their privacy.
The two approaches explain privacy from different dimensions. Their core is that the key to privacy is the individual’s control of their information and the degree to which others view it.
Privacy in the age of digital media
With the rapid development of digital media and the rise of social software such as TikTok, Instagram and Twitter, more and more users choose to share their lives, habits, and love lives on social platforms. Users who want to attract more attention also open their privacy to the public.
The survey showed 57 % of Australians were concerned about software companies invading their privacy, while 78% wanted to know how social media companies handled users’ personal information. (Goggin et al., 2017, p13)
Once personal information is posted on the Internet and social media, it will be retained for a long time and spread quickly. In the process, the individual’s mastery of the information and the viewing degree of others to the information is also uncontrollable. You might upload your daily vlog on TikTok, and the next day you might see the same thing on YouTube. But you didn’t upload it yourself. It was carried by someone else. Someone else may be interested in your vlog and turn to Linked or ins to search for your id, after which your age, email and even religious beliefs are completely exposed to the public.
Leakage of privacy
In 2018, a political consulting firm helped Trump illegally obtain and use information from tens of millions of Facebook accounts to influence the election outcome. (Carrie,2018) In February 2021, the user login information of Netflix, Gmail, LinkedIn and other famous companies was leaked to hacker websites, which amounted to 3.2 billion. (Reed, 2023) 2.1 million Optus customers had at least one type of identity number compromised in 2022. (Taylor, 2022) More and more news and facts remind us that our privacy has been leaked or that user information has become a commodity with an exact price. There is already a complete information-selling industry chain that we cannot see.
In the initial setting up of an account, the software or website will force the user to fill in the information, including but not limited to the user’s name, phone number, email address, location, personal preference, etc. In the name of improving user information, the company is trying to bring users a better service experience, but can the company ensure that users’ personal information is protected?
Try to think back to when you visited a place and turned on TikTok to kill time by watching videos. Then the video homepage will recommend the city’s food and beauty and even a video with the city’s coordinates. But you remember that you didn’t open permissions for the software. Or when you open an app, you’ve used before. The system starts suggesting people you might know before you’ve logged in. That includes your family and friends.
How did the leak happen?
Some comprehensive social software can collect indirect information from users’ interactions with other users and news browsing, which the platform can use to analyze users’ more private or less public information. (p13) On the one hand, data analysis of software makes push more targeted, and posts and related advertisements will be more in line with users’ preferences. On the other hand, it will cause trouble to some users, such as minority groups or minority culture lovers. Users don’t want to reveal this secret, but the data analytics analyze the results of their browsing and push them so that their secrets are forced to be revealed, which is fatal to users.
Other apps include hidden clauses in user agreements, allowing companies to collect and sell user information. The information may be sold to intermediaries that sell it to other app companies. Before you know it, your information may have travelled to multiple companies and countries. The reason why you often receive sales calls and overseas calls can be explained. In addition, in the process of trafficking, the information can be used by users of illegal activities, such as telecom fraud. They will pose as company personnel involved in your life to defraud you and cause financial losses. (Yi& Chen, 2022, p4) The most common is to pretend to be an employee of a Courier company and claim that there is something wrong with your package so that you can pay a fine. There are also scam calls for international students who pose as embassy staff, claiming a problem with their visa and that they will be deported if they do not follow their instructions.
How to protect personal privacy
By 2020, more than 86 per cent of victims had experienced online fraud or data breaches. (Muggah, 2021) Users will rely on the high network security insurance premium of software companies. However, Fainmesser, Galeotte & Momot’s model inference suggests that data collection and data protection are complementary for software companies (2022, p6), meaning that a company that takes advantage of user privacy will increase data protection for users to prevent user activity loss and user turnover due to user information leakage.
Solution – Setting of relevant laws.
Countries have established relevant laws and regulations to protect the privacy and security of the public.
The European Union used the General Data Protection Regulation (GDPR) in 2016 and enacted it into law in 2018. Its purpose is to let the company pay attention to user privacy security and take relevant measures to solve it. The GDPR is the most stringent privacy law, setting a new privacy protection and regulation standard. The law, which applies to all 28 EU member states, stipulates that businesses must protect users’ personal information and privacy when conducting transactions. The privacy data to be protected includes basic personal information, Internet Ip addresses and biological information. The GDPR for the export of personal information in EU member states will also be regulated accordingly. Companies that violate the rules will face heavy fines and rectification. (Nadeau, 2020)
China passed the Personal Information Protection Law (PIPL) in 2021, the country’s first law to protect personal data. (Zhu, 2022) Referring to the relevant regulations of GDPR, it also has the right and obligation to supervise personal information in China and abroad. Although PIPL still needs to be improved, its establishment has raised the awareness of personal privacy protection among Chinese companies.
Australia established the privacy act in 1988 to protect privacy, but with the advent of digital media, some provisions of the original Act are no longer applicable. So, the proposed reform was passed in 2022, and the latest privacy act was released in February 2023. The new report strengthens the oversight of the Australian Information Commissioner’s Office (OAIC) and the protection of personal privacy. (OAIC, 2023)
Solution – Increased privacy awareness
The improvement of user privacy awareness can avoid some troubles to a large extent. Here are some tips to reduce the risk of privacy leaks:
- Avoid data flow between apps by creating a separate account instead of using another app’s account when logging into a new app or website.
- Check and disable unnecessary application permissions, such as the automatic location of some software, to avoid leakage of personal location information.
- Ensure the website and payment environment are secure when shopping and paying online.
- Avoid targeted notifications using browsers that don’t collect and share user information, such as Duckduckgo and Ecosia. (Khalife, 2022)
- Be careful with social media and avoid Posting too much personal information or making accounts private only for people who follow each other.
With the advent of the digital age, personal information has become more dangerous and vulnerable. People enjoy convenience at the cost of losing privacy. Fortunately, citizens and the country have realized the serious consequences of privacy leakage and introduced relevant laws to rectify it. There are still cases of criminals stealing users’ information for illegal profits. But laws exist to stop it to some extent. Privacy protection is difficult and long because it involves the government, the industry, the relevant regulatory authorities, including individuals in many aspects of supervision and cooperation. Finally, privacy is an individual’s right. Be vigilant about protecting your personal information, and don’t let today’s inattention become a weapon to hurt you.
Carrie, J. (2018, September 29). Facebook says nearly 50m users compromised in huge security breach. The Guardian. https://www.theguardian.com/technology/2018/sep/28/facebook-50-million-user-accounts-security-berach
Fainmesser, I. P., Galeotti, A., & Momot, R. (2022). Digital Privacy. Management Science. https://doi.org/10.1287/mnsc.2022.4513
Goggin, G., Vromen, A., Weatherall, K., Martin, F., Adele, W., Sunman, L., & Bailo, F. (2017). Digital Rights in Australia.
Khalife, Y. (2022, May 05). 8 ways to protect your privacy online. eSafety Commissioner. https://beconnected.esafety.gov.au/articles-and-tips/8-ways-to-protect-your-privacy-online
Muggah, R. (2021, September 8). Digital privacy comes at a price. Here’s how to protect it. World Economic Forum. https://www.weforum.org/agenda/2021/09/how-to-protect-digital-privacy/
Nadeau, M. (2020, June 12). General Data Protection Regulation (GDPR): What you need to know to stay compliant. CSO. https://www.csoonline.com/article/3202771/general-data-protection-regulation-gdpr-requirements-deadlines-and-facts.html
Nissenbaum, H. (2020). Locating the value in privacy. Privacy in Context: Technology, Policy, and the Integrity of Social Life. Stanford, CA: Stanford University Press,. https://doi.org/10.1515/9780804772891
Office of Australian Information Commissioner. (2023, February 16). OAIC welcomes release of Privacy Act report. https://www.oaic.gov.au/newsroom/oaic-welcomes-release-of-privacy-act-report#:~:text=The%20proposed%20privacy%20reforms%20follow,the%20OAIC%20to%20resolve%20breaches
Office of Australian Information Commissioner. (2020). What is privacy? https://www.oaic.gov.au/privacy/your-privacy-rights/your-personal-information/what-is-privacy
Reed, C. (2023, April 6). Netflix Data Breaches: Full Timeline Through 2023. Firewall Times. https://firewalltimes.com/netflix-data-breach-timeline/#:~:text=In%20February%202021%2C%20the%20Compilation,LinkedIn%2C%20Gmail%2C%20and%20Yahoo.
Yi, Z., & Chen, X. (2022). Personal Privacy Protection Problems in the Digital Age. arXiv.org.
Zhu, J. (2022, February 14). The Personal Information Protection Law: China’s Version of the GDPR? Columbia Journal of Transnational Law. https://www.jtl.columbia.edu/bulletin-blog/the-personal-information-protection-law-chinas-version-of-the-gdpr