Key words: Digital privacy, platform governance, data rights, Australian privacy, data breaches, algorithm, governance
In the digital age, our data has gained value. The platform profits from gathering, analyzing and trading data, and the government leverages it on governing and security. But, do we really know what we’ve lost? In digital platforms we appear to “ voluntarily” share value, but this choice is actually made within the structure of the platform.
Users are aware of the importance of digital privacy but cannot truly refuse the platform’s data collection
Digital privacy is important because it determines who are the ones controlling the information society – the users or the platforms..
Privacy has become a complicated and ambiguous issue (Nissenbaum, 2010, p.67), particularly with the increase in the amount of data being created, and the emergence of the surveillance era; privacy’s meaning, context and practice are evolving along with this.
1. The platform’s consent right has become a thorny issue
Take The Red book social media as an example. When you open the software for the first time, the platform will pop up the page of your privacy agreement, you click “Agree”, do you really have a choice? Not often, you can’t use the service without agreeing. In this case, users are not able to refuse to not provide the platforms with data agreed? This is my detailed and complete report I’ve investigated regarding the Xiaohongshu platform privacy . You can click to download and open https://agree.xiaohongshu.com/h5/terms/-1/419.
2. The emergence of new technologies has exacerbated the degree of privacy risks
https://www.jpost.com/omg/article-891805
Emerging technologies such as artificial intelligence and facial recognition have “jacked up the consciousness” of privacy risks, but understanding of those risks and means to deal with them are really limited. As one 2024 survey noted, “nearly three-quarters of Australians say they know little about facial recognition technology” (Vold et al., 2024). The researchers warn that “face recognition technology is a powerful surveillance weapon capable of breaching personal privacy on a massive scale,” and goes well beyond what the public realizes (“murky” is how it sometimes is described). An innocent grandmother who was jailed for five months when AI facial recognition wrongly pointed a finger at her as a suspect, police admitted being over-reliant on the technology and lacking human “confirmation” of the match. (STAFF, 2026). https://www.jpost.com/omg/article-891805
3. There are potential risks in the tracking, collection and trading of platform data (The drawback of privacy becoming a bargaining chip)
The main reason for the occurrence of risks is the imbalance of user privacy.
- The inequality of information means that, compared with users, platforms have unlimited bargaining power
- The platform lacks accountability and transparency regarding the way user data is used and access rights
- The monopoly of platforms is intensifying day by day, and users are losing control over their personal data
The platform’s failure to protect user information properly has made the privacy crisis a real problem. Using my real experience, I’m an OPTUS user. I had my number leak in 2022. Chalmers and Whitson (2025) explain that: “In the three years since the data breaches caused by a cyber attack in September 2022, Optus has failed to take reasonable steps under the Privacy Act to protect the personal information of approximately 9.5 million Australians from abuse, interference and loss and from unauthorized access, modification and disclosure…[and] seriously violated the privacy of approximately 9.5 million Australians”.
This data breach incident is serious: passports, addresses and identity documents leaked, prompting a nationwide security crisis. Regulators said Optus failed to take “reasonable steps” to protect data (OAIC, 2025). Optus data breach incident is indicative of some risks of external-facing websites and domains, especially when such websites and domains interact with internal databases containing personal information as well as the risks of using third-party providers (OAIC, 2025).
How does the platform shape users’ choices
The platform controls not only what you may see, but also the possibility of behavior, it controls what you can see, what you may say and how you may act. Platforms are not neutral intermediaries, Suzor (2019) argues, they “govern” user behavior.
1. Users trade privacy for convenience
Digital privacy has experienced a more profound transformation: from “information protection” to that of “creeping surveillance”, so to say. Like Nissenbaum (2010) explores privacy, as anticipated, has lately significantly shifted, and instead of being something users “provide”, it has become something users are “continually observed”.
The platform observes and collects users’ private data – their browsing pasts, when they click, how long they dwell at something, where they are – and cribs from this a “behavioural profile”.
From a user point of view, the clearest example is Google Maps. Users are able to get services that are quite convenient for them (navigating, planning a path, etc.) in exchange for users making their real time positioning available to the platform.
Another case is that users chose to download a personality quiz app, exchanging personal data for a free service. The platform harvested their friends’ data too, building political behavioural profiles who were then served targeted ads (Cadwalladr & Graham-Harrison, 2018).
2. The content recommended to the user might be what the platform wants you to see
Pariser (2011) argues that algorithms filter what we see online. We are not seeing objective reality, only what is chosen deliberately to keep us engaged. That’s typically the ads, not what would objectively be useful for us. The platform chooses, because it chooses to show us what maximises ad revenue, not what serves us.
The platform algorithm recommends the content that users are interested in in a targeted way, based on analysis of the basic user profile. For instance, directly pushing commercial advertisements can boost business earnings from order transactions.
Take TikTok as an example, an algorithm tailor-made unique content for every user based on their viewing interests, how long they stay and their sharing and liking instincts on the “Recommend for You” page. Based on this, the platform accurately pushed the ad of a commercial advertisement, and significantly improved the brand conversion rate and purchase effect. What users see is the “interest” calculated by the algorithm (Kenvue Thailand X Intrepid Ecommerce Services | Tiktok for Business Case Study, 2024).
Also, Zuboff (2019) mentions that after the dot‑com bubble Google found that users‘ search data contained rich predictive signals. This behavioural surplus was used for targeted advertising allowing advertisers to efficiently target potential buyers as never before, birthing the trillion dollar surveillance capitalism.
The right to privacy is not a true personal choice, but rather a passive acceptance mechanism shaped by the platform structure and the inequality of power
1. Privacy paradox
Chen and Cheung (2018) find the “privacy paradox” of Chinese social media platforms quite meaningful. Users are highly concerned about privacy, but they take almost no protective measures. As for the reason why such contradiction occurs, the platform has been integrated into daily life, such as people’s social interaction, work, and living payments. Furthermore, the exit cost is too high. Users are not “choosing to give up privacy”, but “unable to leave the application”. Thus, if users “know the risks but still stay”, the problem is not personal but structural. The platform design makes it impossible to exit. Not only in China social media platform, a Facebook user admitted: “I can’t quit it because everyone is on it.” Users voluntarily expose privacy in exchange for social convenience. They know their data is being collected, yet network effects force them to accept it — a true portrait of the privacy paradox (Julia Helena Zhang et al., 2024).
2. Data commercialization
According to Monetisation of Personal Data: How Much Is Our Data Worth? (2025) found that 65% of respondents in France are willing to sell their personal data, with most valuing it at between 10 and 30 euros a month. What once was an inviolate right has become a priced tradable commodity; users unconsciously monetising privacy into a price tag.
3.The advent of the surveillance era has made surveillance a daily routine
In this surveillance era, while we lose our privacy we are undoubtedly benefiting it. In 2025 Amazon Ring rolled out their “Familiar Faces” feature, enrolling anyone simply walking by the doorbell into a biometric database – without asking for anyone’s consent. Surveillance devices bundled up as “home security” tools, and installed on millions of front porches (Ring Familiar Faces, 2025).
As well as that, home surveillance is a very important existence for pet-owning families. AI, Global positioning and others are used to track, monitor and supplement of people‘s lifestyle data with the aim of aiding medical professionals to make better decisions (COGNITEQ , 2022).
The philosopher Zuboff (2019) argues that surveillance capitalism extracts our human living and sells it back to us as free raw material. Today’s surveillance is our doorbell and our wristwatch, packaged as “convenience”.
How does the regulation respond when privacy becomes a bargaining chip
Countries have tried to solve privacy problems; the results are mixed.
According to ACCC (2024), The ACCC (2025) showed that digital platforms abuse their market power, often coercing users into accepting unbalanced privacy terms and using user data as ‘usage collateral’ to access services. It advised that users should have direct right of action against the platform & a requirement for opt‑in consent prior to any data collection—turning the platforms’ default ‘consent or leave’ on its head.
In Australian, Australia’s 2025 Privacy Act reforms saw a three‑tier penalty regime in which serious interferences draw maximum fines of $50 million or 30% of adjusted turnover. From 10 June 2025 individuals may also seek direct redress via a new statutory tort for serious invasions of privacy—and no longer need rely purely upon the OAIC to pursue litigation on their behalf. Elsewhere, Loh (2019) mentioned Australian regulation still not catching up platform power. The ACCC sees three problems: the platform wielding excessive market power; insufficient data transparency; and users lacks genuine control.
Critical thinking: Can privacy really be “protected”?
Even with regulations there will still be privacy issues. The problem is that technology is growing much faster than regulation. But I think data protection and supervision can be achieved in the following aspects:
- The processing of platform data is used legally, fairly and transparently
- Platform use of data is limited, purpose is legal, data subject is informed
- Data storage time limit, especially monitoring data
- Guarantee of confidentiality and integrity of the platform in data processing
- Platform, user, government accountability
To conclude, privacy is a human right, not a commodity! “When platforms treat privacy as something to be traded… [they change] how we live our lives; how we see, what we want to do, as influenced by commercial algorithms”.
A user believes they have traded privacy for convenience, but in fact have paved the way for platform kingships. Once your privacy is a chip you’ve traded, your life is no longer your own.
We are not talking about a one-off trade, but systemised power asymmetry where platforms hold your Chip in every negotiation – you have no option but to negotiate.
Serious problems arise on platforms which have similar powers to those of the government, but without any corresponding responsibilities. They “make rules, enforce them, but do not accept public supervision (Suzor, 2019)”. In the future we should focus on accountability system that users have the right not to exchange their privacy.
Reference List
ACCC. (2024). Australian competition and consumer commission. Australian Competition and Consumer Commission. https://www.accc.gov.au
Cadwalladr, C., & Graham-Harrison, E. (2018, March 18). Revealed: 50 million facebook profiles harvested for cambridge analytica in major data breach. The Guardian. https://www.theguardian.com/news/2018/mar/17/cambridge-analytica-facebook-influence-us-election
Chalmers, S., & Whitson, R. (2025, August 8). Optus sued by privacy regulator in warning to australian corporates to protect data or face fines. Abc.net.au; ABC News. https://www.abc.net.au/news/2025-08-08/optus-sued-by-privacy-regulator-alleged-failures-22-cyber-attack/105628586?utm_source=chatgpt.com
Chen, Z. T., & Cheung, M. (2018). Privacy perception and protection on chinese social media: A case study of wechat. Ethics and Information Technology, 20(4), 279–289. https://doi.org/10.1007/s10676-018-9480-6
COGNITEQ. (2022, August 12). Advanced technologies for pets health monitoring system | cogniteq. Www.cogniteq.com. https://www.cogniteq.com/blog/advanced-technologies-pets-health-monitoring-system
Julia Helena Zhang, Timo Koivumäki, & Chalmers, D. (2024). Privacy vs convenience: Understanding intention-behavior divergence post-GDPR. Computers in Human Behavior, 160, 108382–108382. https://doi.org/10.1016/j.chb.2024.108382
Kenvue thailand x intrepid ecommerce services | tiktok for business case study. (2024). TikTok for Business. https://ads.tiktok.com/business/en/inspiration/kenvue-thailand-intrepid-ecommerce
Loh, J. (2019, July 29). Three key takeaways from the ACCC digital platforms inquiry – a marketer’s view | marketing mag. Marketing Mag. https://www.marketingmag.com.au/tech-data/news-accc-digital-platforms-inquiry/?utm_source=chatgpt.com
Monetisation of personal data: How much is our data worth? (2025). Cnil.fr. https://www.cnil.fr/en/monetisation-personal-data-how-much-our-data-worth
Nissenbaum, H. F. (2010). Privacy in context : Technology, policy, and the integrity of social life (p. 67). Stanford University Press.
OAIC. (2025, August 8). Australian information commissioner takes civil penalty action against optus. OAIC. https://www.oaic.gov.au/news/media-centre/australian-information-commissioner-takes-civil-penalty-action-against-optus?utm_source=chatgpt.com
Pariser, E. (2011). The filter bubble: What the internet is hiding from you. Penguin Press.
Saxby, K., Aitken, Z., Zhang, Y., & Burchill, L. (2024). We found opposition to the Voice is linked to poorer Indigenous health. And in some regions, the link is striking. https://doi.org/10.64628/aa.hsdmvj5nr
Share.google. (2026). Share.google. https://share.google/uXRC6GNnvO9tcz8e
STAFF, J. P. (2026, March 31). False AI match sends US grandmother to jail for five months. The Jerusalem Post | JPost.com; The Jerusalem Post. https://www.jpost.com/omg/article-891805
Suzor, N. P. (2019). Lawless. Cambridge University Press. https://doi.org/10.1017/9781108666428
The red book. (2024). Xiaohongshu.com. https://agree.xiaohongshu.com/h5/terms/-1/419
Wright, W. (2025, December 10). Ring’s “familiar faces” is here: Why privacy experts worry it’s mass surveillance in disguise. ZDNET. https://www.zdnet.com/article/amazon-ring-familiar-faces-feature-privacy-concerns/
Zuboff, S. (2019, February 19). The age of surveillance capitalism. PublicAffairs. https://www.publicaffairsbooks.com/titles/shoshana-zuboff/the-age-of-surveillance-capitalism/9781610395694/
Be the first to comment