The Internet’s rapid growth has altered how people communicate, work, and live in the digital era. While the public is taking advantage of the conveniences of the digital age, digital platforms and online operators are breaching our privacy and gathering and monitoring information about us. Our every action, including our preferences and location, is being controlled by the opaque algorithmic systems of big data. Concerns about the potential loss of personal privacy online are among the most frequently brought up issues by the Internet and digital media, according to Flewh and Terry in their book Regulating Platforms.
What is privacy?
First and foremost, the right to privacy is an essential component of human rights, which are inherent in every individual. More than 130 nations have constitutional provisions protecting privacy, according to Explainer’s “What is privacy” article. Although different people and nations have different views on privacy, it is generally agreed that privacy safeguards the freedom of the press, the right to interact with anyone, and the right to share information with anyone (Australian Government, Office of the Australian Information Commissioner).
Privacy helps us to establish a sense of boundaries. For instance, when someone who is not particularly familiar with us requests to visit our home, our subjective concept prevents this from happening, therefore we decline to tell others about this location. At this time, this location is private. Privacy is an effective way to restrict who may access our information, location and anything we don’t want to share, including our bodies. (Explainer, 2017)
It is a way of sharing our private with a stranger when they approach us and ask for our contact information. If we choose not to share our privacy with them, we can decline by saying, “Sorry, it’s my privacy.” Article 17 of the International Covenant on Civil and Political Rights (ICCPR) states that “1. No one shall be subjected to arbitrary or unlawful interference with his privacy, home or correspondence, nor to unlawful attacks on his honor and reputation. 2. Everyone has the right to the protection of the law against such interference or attacks.”
What is Internet privacy?
54% of respondents in the first Pew Research Centre survey conducted in 1999 expressed concern about “computers and technology being used to invade their privacy.” The center discovered that, twenty years later, a whopping 91% of the users who had authorized personal information had lost control over it. This indicates that practically all digital platform firms are struggling with privacy issues. A data breach of Heartland’s payment system in 2008 exposed 134 million credit cards in one event that was highly obvious and immediately destructive to the interest of customers. Before the breach, the company was processing over 100 million credit card transactions each month for over 175,000 merchants.
We must have an adequate understanding of what internet privacy is and why people want to protect it while appreciating the significance of internet privacy. Firstly, there is no such thing as absolute privacy; rather, it depends on a specific social and legal framework within which organizations have the legal right to gather personal data about users, including their whereabouts if needed. As a well-known illustration, during the COVID-19 pandemic, health agencies in several nations had the right to access the private information of the general public and to precisely monitor user whereabouts. Secondly, when it’s necessary to protect public safety, such as to track down criminal suspects, solve crimes, or locate missing persons, public security agencies have the right to access the public’s personal information. This further demonstrates that people’s right to privacy is invalid in certain circumstances/contexts.
Does this suggest that our right to privacy is not important since so numerous organizations have access to it? No, on the contrary, we must safeguard our private information both offline and online.
What constitutes a data breach?
First of all, it’s crucial to make clear that digital platform owners and internet service providers have the right to access users’ personal information only after users have authorized them; they are not permitted to sell it to third parties. This is due to the fact that a breach of personal information may put the user at risk, endangering both his or her physical safety and freedom. It would be comparable to someone telling your elderly relatives that you are short on money, have been kidnapped, etc. after accidentally getting your phone number, name, and address. The elderly usually give money to the person out of worry without thoroughly checking the information, which leads to property loss. A data breach occurs when sensitive personal information is accessed or used without the owner’s permission. Examples of such information include a user’s home address, phone number, and ID number, which are not easily accessible to strangers. Many customers have unwittingly had their credit cards stolen or have unexpectedly incurred debt as a result of data breaches.
How did the data breach happen?
The following two factors can be used to summarize the reasons of a data breach:
- Technical issues: As the big data age progresses, computers get more and more functional, and the amount of data they keep grows. As a result, operators or digital network platforms often make technical mistakes that allow third parties to access the personal information of users.
- User behavior: Some users do not pay much attention to the protection of their personal information, such as randomly showing the CVV of a bank card to others, leaving electronic devices unlocked when lost, not hiding personal information after receiving a package from a courier and throwing it away and a series of behaviors can lead to information leakage.
That is to say, data leakage happens all the time, it may be a small technical error of the network platform or operator or the firewall level is too low resulting in hacking and thus leading to data theft, or it may be because the user inadvertently opened an unknown website, saved personal information/payment information in an unsecured website, or not paying attention to privacy outside leading to home address cell phone number and other information being obtained by someone with the intention.
What does a data breach entail?
For companies, when they suffer a data breach, they may experience a decline in resources, orders, and reputation as well as a crisis of confidence. Customers may also decide to do business with rival companies rather than risk having their personal information breached, which may result in compensation plans that negatively impact the company’s financial health and ultimately result in bankruptcy.
For individuals, data breaches can put our personal property in danger, either by being sold directly for illegal profit or by criminals using it for illegal activities such as telecommunication fraud, illegal debt collection or even kidnapping for ransom. On a regular basis, the majority of us will receive calls from abroad on our mobile phones. The callers will call in the name of the embassy to indicate that our identity or something else have problems, achieving their goals. We occasionally also get a lot of advertising calls, which is another indication that our phone has been breached. Receiving texts from family members that often inform you that they are being detained at the police station, are unable to communicate, and require payment into an account is another aspect of the situation.
For governments, a significant amount of damage and impact might result from a data breach. For instance, a hacker attacked Turkey’s information base, where the national identity information was stored, and exported information, including the detailed identity of Turkey’s president Erdogan, leaked onto the public web, posing a serious threat to Turkey’s national security. This might cause a national panic and the disclosure of confidential national data, which could easily be exploited by people with ulterior motives.
Cases of data breaches
It is mentioned in Juliana De Groot’s blog that Slate.com has visualized the world’s largest data breaches since 2005 in an infographic. The infographic illustrates in detail what causes these breaches and visually demonstrates that it is not just online platforms that can result in breaches of our privacy, but also government officials who fail to set up a strong firewall.
(Figure 1 from Slate.com)
In 2018, a Chinese courier group, Yuantong, started selling 1 billion pieces of data of Yuantong courier in June by a dark net user with the id “f666666”, who said that the data sold was from late 2014. The data information includes sender (recipient) name, phone number, address and other information, 1 billion data has been de-weighted, data duplication rate of less than 20%, the data was sold by the user for 1 bitcoin package. Results: Some users verified part of the data and found that the purchased “single number”, name, phone, address and other information are true.
Up to 9.8 million consumers may have been impacted by Optus’s data breach in September 2022, which occurred when criminals successfully accessing Optus’s internal databases through hacking and other means. User names, dates of birth, phone numbers, email addresses, residential addresses, and ID numbers are among the data in the breach, which began in 2017. A user can be identified, for instance, using their driver’s license number, health insurance number, or passport number.
An Australian government agency developed a fact sheet on the Optus data breach due to the incident’s scope and the comprehensiveness of the user information involved, and even IDCARE has a dedicated page to assist clients affected by this data breach.
As users now unilaterally entrust their privacy to online platforms or operators without a reciprocal relationship and a specific, established solution in the event of a breach, the Optus case highlights the value of privacy on the internet while rendering it clear that we are losing control over our privacy.
How to protect personal privacy?
As mentioned above, there is a need for an equal relationship between operators and digital platform companies, which won’t totally prevent data breaches but will assure the users to a greater extent. Governments must establish a comprehensive corporate compensation system or solution that is in keeping with the current national context and a uniform compensation package in the face of a data breach.
Additionally, there is a need to adequately teach the public the importance of privacy in order to guarantee that they take it seriously and do not easily provide sensitive information, such as the CVV of their bank card, to persons they do not know and who cannot identify them.
Improved internet privacy regulations should be established to restrict the invasion of users’ privacy by platform operators, preventing them from tracking users’ movements or gaining access to information without their permission, except in exceptional circumstances.
Users should exercise greater caution when posting information online and avoid revealing too much personal information, such as by hiding or blurring the posting’s location. Be ambiguous about whether you live alone and avoid including any identifiable place names or addresses in photos. When given a meal or a cup of milk tea, refuse to provide your address. Keep your information private when purchasing online and never submit your bank card information on an unsecured website.
In the age of the internet, we need to try our best to protect our privacy and everyone needs to bear this in mind. Personal privacy is a problem that needs sustainable improvement and attention since it has a significant impact on both businesses and nations. We should all take a proactive role, defend our privacy, and stand up for our rights.
1.Flew, Terry (2021) Regulating Platforms. Cambridge: Polity, pp. 72-79.
2.Olga Sushko (Jun 24, 2021) Right to Digital Privacy: Why It Matters and How to Protect It.
3.Public Citizen , Privacy and Digital Rights for All
4.Kaspersky，How Data Breaches Happen
5.Juliana De Groot (August 22,2022) The History of Data Breaches
6. Australian Competition & Consumer Commission, Optus Data Breach Scam
7.Tyas Tunggal(Apr 04,2023), The 70 Biggest Data Breaches of All Time
8.CloudMask , Data Breaches: Threats and Consequences
9.Australian Government Office of the Australian Information Commissioner. What is Privacy?
10.Explainer (23rd October 2017), What is Privacy?