Big Brother is Watching You! Issues of Digital Privacy and Security 

Introduction:

Have you ever wondered why random apps ask for access to your phone gallery or contact details when they do not provide such services? Given the massive use of digital platforms, how much control do you have over the information provided online? These are the questions that require an answer to secure your digital life. The boom of Information technology has changed the socio-cultural milieu in which people interact with each other, and carry out their business and leisure activities. Life is managed online via Big Tech; Google, Microsoft, Amazon, Meta, Apple, and other digital platforms like LinkedIn. This omnipresent inclusion of the digital world in our personal lives has raised concerns about the potential loss of privacy and safety online. Social, cultural, political, and legal dimensions of this loss are points of concern for the individual and the governments all around the world. On the one hand, digital platforms enable individuals to use new information and communication technologies regardless of any boundary, gender, class, or age differences, and yet, on the other hand, also become a tool in the hands of governments, companies, and individuals to undertake surveillance, data profiling and collection, which can incur serious violations of privacy.

What is meant by the term “Digital Privacy”?

To define Digital Privacy, we first have to see the term “privacy”. Privacy is a fundamental human right acknowledged by the Universal Declaration of Human Rights (‘UDHR’) in its Article 12- “No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks”. In common words, it means ‘the right to be let alone’ as defined by Samuel Warren and Louis Brandeis in their seminal piece published in 1890 in the Harvard Law Review. Moving forward, digital privacy can be explained as the protection of the human right to privacy in digital communication in his capacity as an online user. Digital privacy includes but is not limited to data privacy and data protection. The ever-evolving digital age has created unprecedented opportunities to share and access information online. Herein, lies the paradox of privacy. While enjoying benefits from the easy exchange of personal information through digital communications, we are also giving up some degree of control over what happens to that information. This trade-off is huge but do you think this trade-off is worth it?

Digital Privacy Laws-Efforts toward Protection:

The incidents of digital privacy breaches have raised the significance of this topic all the more. ‘Data privacy has been singled out as one of the biggest challenges faced by the digital economy. Governments  have responded with new data privacy laws and regulations, which as argued by many, are only partially effective at best’(Pew Research Center,2019 ). Following the Snowden revelations, the General Assembly adopted Resolution 68/167 entitled ‘The Right to Privacy in the Digital Age’, on 18 December 2013. It affirmed a demarcation between online and offline spaces: ‘The same rights that people have offline must also be protected online, including the right to privacy’ ( Daniel Joyce, 2015). The European Union has also recognized digital privacy as a right in the General Data Protection Regulation (GDPR) which took effect in May 2018 (European Union, 2016).  The GDPR recognizes the protection of data and requires the processing of the data based on the consent of the concerned or on legal grounds. The Privacy Act 1988 (Privacy Act) is the principal piece of Australian legislation protecting the collection and use of personal information. How far these laws have been effective, is yet to be examined.

How does the Online World work?

Digital platforms gather and use a wide range of information about their users. They collect extremely detailed data provided by users that directly reveal their interests, political orientation, family details, location, and financial transactions. Social Media platforms like Facebook, and Instagram collect information through pictures, location log-ins, tagged photos, and also link data with other members of an individual’s network, such as contact details held by a friend or photos uploaded. In this regard, it can be safely stated that a suggestion pop-up on Facebook “People You May Know” is not just known to you. Moreover, online terms of service agreements provide absolute power to the platforms to collect data and apply it to data analytics to use it as they deem fit. The World Economic Forum has described this Big data as the new oil- a valuable resource of the twenty-first century- a new type of raw material that is on a par with capital and labour”(Terry Flew,2021). Information of information is the new business that is transforming and impacting our socio-cultural, political, and economic sphere of life.

The World of Users:

 While using digital platforms and sharing information, the users have certain “Privacy Expectations” like expectations of fairness and control over information, expectation of confidentiality, and anonymity (Berman and Mulligan, 1999). However, these expectations are not fulfilled. Digital privacy is violated when personal information is requested to be provided as a condition of access to various online services. In recent years, this breach of confidentiality has been highlighted by incidents such as:’ the inadvertent release or hacking of personal and credit card information held by businesses; the use of information gained via social media profiles and activity for purposes not intended by the person; and concerns about safety, security, and potential harassment, due to gathering of geo-location data from apps, smartphones, or WiFi’ (Goggin et al., 2017). However, despite all these harms and data leaks, the frequency of use of digital platforms has not been affected. It can be argued that extensive use of social networking sites has changed users’ threshold of what information is considered private and what is public. It has also resulted in a greater tolerance toward the use of consensual disclosure of information for purposes other than for which it was originally intended. This aspect highlights the Users’ attitude toward digital policy. In a research conducted by Goggin et all reported as “ Digital Rights in Australia” published in 2017, findings revealed that professionals, frequent social media posters, non-English speaking users, and users who have previously had privacy violations were more concerned about privacy. Whereas, gender-based data revealed that men were less concerned( 63% compared to 71% of women). Furthermore, those who believe privacy no longer exists tended to be older users. Another recent research conducted in 2023, “The Emerging Online Safety Issues: Co-creating Social Media Education with Young people led by the University of Sydney with partners, Youth Action and Student Edge (Youth Insight) by Dr. Humphrey, et al, reported that Australian young people (aged 12-17) and their parents/carers do not have a good understanding of the meaning of ‘data privacy’. Only one-third (32%) of young people and a quarter of parents (24%) provided a general response such as ”privacy of my data” when asked to explain what it means. Around 55% of young people responded as being concerned about online privacy but found the concept itself confusing.

Cybercrimes: A Case Study of Pakistan Digital Banking Scam:

Rapid advancement in technology and its widespread use has opened up many possibilities for consumers and criminals equally. Cybercrime is the fastest-growing criminal activity because of easy access to technology. Illegal activities ranging from financial scams, hacking, pornography, virus attacks, dark web, and cyberstalking are easily conducted because of the Internet. Taking the example of Pakistan, incidents of cyber scams are becoming rampant largely because of a lack of effective data protection laws and ignorance of the public using digital services without proper knowledge. These online hoaxes are a reminder that data privacy is under question of all using internet and that violation of security can be done by anyone having access to data. In recent years, digital banking consumers became victim of financial data theft and unauthorized financial transactions. Other forms of fraud like online investment applications, loan apps, identity theft, card skimming and phishing sites have made banking consumers lose million of rupees, causing financial distress. As per news report published April 25, 2022, it was reported that compromised data of a number of debit cards of a leading bank in Pakistan was used by the overseas thieves to conduct fraudulent financial transactions in foreign currencies. Another method of fraud is calling the consumers via fake helpline number of the banks with scammers misrepresenting as bank personnel and extracting information and other account details. This call culminates into debit of consumer’s account money.

In another news report published in Nov 2023, the alarming situation depicted that most reported cases of cybercrime in the province of Punjab of Pakistan, during the past 5 years, are of financial and electronic fraud, with a rate of 15 to 19 cases per day. A breakdown of the number of such incidents from 2018 to August of 2023 shows that a total of 31,930 incidents were reported in five years (Tribune, 2023). Pakistan does not have any data protection law, the Personal data Protection Bill (‘the Bill’) for the Personal Data Protection Act, 2023 (‘the Act’), is yet to be promulgated into law. This gap is misused by the perpetrators. The central bank; the State Bank of Pakistan(SBP) has rolled out a new and detailed set of guidelines on enhancing security of digital banking products and services. The directions are related to formulation of Digital Fraud Prevention Policy, digital fraud risk management and customer complaint management. Moreover, the SBP placed whole responsibility on banks for reimbursement of any such money lost to any online data breach. The overall impact of these guidelines is yet to be rolled out.

The Big Triangle of Regulation: Users, Platforms, and State

How much is privacy worth to you? How far are you willing to give it up for ease of access to information, or online safety and security? The maintenance of digital privacy and security requires self-regulation of users and a transparent regulation of the digital platforms. The users need to be more aware of their digital privacy and security rights. Besides government and platforms, they are also responsible for their online safety by staying vigilant regarding personal and financial information being shared online. Moreover, transparent and accountable platforms can ensure the security of information and effectively address the negative online experiences of the users. With the ever-changing contours of the digital world and new inventions, time to time review and amendment in data protection strategies can ensure that data is secured. The data collection strategy employed by the platforms specifies the proportion of user information they are gathering like the WhatsApp has introduced encryption feature which has limitised its access to online communication of the user, henceforth, reducing its load of information collection. As the findings of a research project conducted by Dr. Justine Humphrey et al suggest the need for a multi-layered approach that is sensitive to the complex interplay of responsibility for online safety in a shifting regulatory landscape and also recognizes people’s right to secure digital engagement.

Conclusion:

To sum up the discussion above, the right to digital privacy and security requires that there must be mechanism for the users to find out what information about them is in the record and how it is used. It also means that the platforms have to specify the purpose for which personal data is collected and that its misuse should be avoided by preventing information that was obtained for one purpose from being used or made available for other purposes without his consent. Every user has an undeniable right to live and control his life without any fear of being monitored or under constant surveillance in the digital ecosystem.

Furthermore, the universal fact all users need to keep in mind while using digital technology is that they are being watched, their data is being collected, their actions online are under surveillance, and their online life is being algorithmically tracked and personalized. In this interconnected world driven by information technology, digital privacy has become an essentially basic right to safeguard an individual’s autonomy and personal freedom.

References:

1. Berman, J., & Mulligan, D. (1999). The Internet and the Law: Privacy in the Digital Age: A Work in Progress. Nova Law Review, 23, 549-554.
2. Flew, T. (2021). Regulating Platforms. Polity Press.
3. Humphry et al., (2023) Emerging Online Safety Issues: co-designing social media education with young people. University of Sydney
4. Joyce, D. (2015). Privacy in the digital era: Human rights online? Melbourne Journal of International Law, 16(1), 270-285.
5.   Pew Research Center. (2019, November 15). Americans and Privacy: Concerned, Confused and Feeling Lack of Control over Their Personal Information. https://www.pewresearch.org/internet/2019/11/15/americans-and-privacy-concerned-confusedand-feeling-lack-of-control-over-their-personal-information/
6. State Bank of Pakistan. (2023). C4 Annex [PDF]. https://www.sbp.org.pk/bprd/2023/C4-Annex.pdf
7. Tribune (2022, April 25), Another bank faces data theft. https://tribune.com.pk/story/2354187/another-bank-faces-data-theft
8. Tribune. (2023, November 15). Digital frauds cause long probes. The Express Tribune. https://tribune.com.pk/story/2446414/digital-frauds-cause-long-probes
9. Universal Declaration of Human Rights, GA Res 217A (III), UN GAOR, 3rd sess, 183rd plen mtg, UN Doc A/810 (10 December 1948).
10. Warren, S. D., & Brandeis, L. D. (1890). The Right to Privacy. Harvard Law Review, 4, 193, 193, 195, 205.
11. WhatsApp Introduces End-to-End Encryption. (2016, April 5). The New York Times. https://www.nytimes.com/2016/04/06/technology/whatsapp-messaging-service-introduces-full-encryption.html

Image references:

1. Best practices for accessing and handling user permissions: Part I for iOS apps.” AppMySite. Retrieved from https://www.appmysite.com/blog/best-practices-for-accessing-and-handling-user-permissions-part-i-for-ios-apps/

2. Raza, Ahmad, UBL Bank Cards Hacking Incident April 2022:July 4, 2023 https://www.linkedin.com/pulse/ubl-bank-hacking-incident-april-2022-an-in-depth-review-ahmed-raza