Technology / Privacy
What Compromise is Possible?

Is there such a thing as online privacy? 7 essential reads

Burgess COMMENTARY

Peter Burgess

Is there such a thing as online privacy? 7 essential reads


Who’s sharing your secrets? Antonio Guillem/Shutterstock

Over the course of 2017, people in the U.S. and around the world became increasingly concerned about how their digital data are transmitted, stored and analyzed. As news broke that every Yahoo email account had been compromised, as well as the financial information of nearly every adult in the U.S., the true scale of how much data private companies have about people became clearer than ever.

This, of course, brings them enormous profits, but comes with significant social and individual risks. Many scholars are researching aspects of this issue, both describing the problem in greater detail and identifying ways people can reclaim power over the data their lives and online activity generate. Here we spotlight seven examples from our 2017 archives.

1. The government doesn’t think much of user privacy

One major concern people have about digital privacy is how much access the police might have to their online information, like what websites people visit and what their emails and text messages say. Mobile phones can be particularly revealing, not only containing large amounts of private information, but also tracking users’ locations. As H.V. Jagadish at University of Michigan writes, the government doesn’t think smartphones’ locations are private information. The legal logic defies common sense:

“By carrying a cellphone – which communicates on its own with the phone company – you have effectively told the phone company where you are. Therefore, your location isn’t private, and the police can get that information from the cellphone company without a warrant, and without even telling you they’re tracking you.

2. Neither do software designers

But mobile phone companies and the government aren’t the only people with access to data on people’s smartphones. Mobile apps of all kinds can monitor location, user activity and data stored on their users’ phones. As an international group of telecommunications security scholars found, ”More than 70 percent of smartphone apps are reporting personal data to third-party tracking companies like Google Analytics, the Facebook Graph API or Crashlytics.“

Those companies can even merge information from different apps – one that tracks a user’s location and another that tracks, say, time spent playing a game or money spent through a digital wallet – to develop extremely detailed profiles of individual users.

3. People care, but struggle to find information

Despite how concerned people are, they can’t actually easily find out what’s being shared about them, when or to whom. Florian Schaub at the University of Michigan explains the conflicting purposes of apps’ and websites’ privacy policies:

'Companies use a privacy policy to demonstrate compliance with legal and regulatory notice requirements, and to limit liability. Regulators in turn use privacy policies to investigate and enforce compliance with regulations.'

That can leave consumers without the information they need to make informed choices.

4. Boosting comprehension

Another problem with privacy policies is that they’re incomprehensible. Anyone who does try to read and understand them will be quickly frustrated by the legalese and awkward language. Karuna Pande Joshi and Tim Finin from the University of Maryland, Baltimore County suggest that artificial intelligence could help:

“What if a computerized assistant could digest all that legal jargon in a few seconds and highlight key points? Perhaps a user could even tell the automated assistant to pay particular attention to certain issues, like when an email address is shared, or whether search engines can index personal posts.”

That would certainly make life simpler for users, but it would preserve a world in which privacy is not a given.

5. Programmers could help, too

Jean Yang at Carnegie Mellon University is working to change that assumption. At the moment, she explains, computer programmers have to keep track of users’ choices about privacy protections throughout all the various programs a site uses to operate. That makes errors both likely and hard to track down.

Yang’s approach, called “policy-agnostic programming,” builds sharing restrictions right into the software design process. That both forces developers to address privacy, and makes it easier for them to do so.

6. So could a new way of thinking about it

But it may not be enough for some software developers to choose programming tools that would protect their users’ data. Scott Shackelford from Indiana University discussed the movement to declare cybersecurity – including data privacy – a human right recognized under international law.

He predicts real progress will result from consumer demand:

“As people use online services more in their daily lives, their expectations of digital privacy and freedom of expression will lead them to demand better protections. Governments will respond by building on the foundations of existing international law, formally extending into cyberspace the human rights to privacy, freedom of expression and improved economic well-being.”

But governments can be slow to act, leaving people to protect themselves in the meantime.

7. The real basis of all privacy is strong encryption

The fundamental way to protect privacy is to make sure data is stored so securely that only the people authorized to access it are able to read it. Susan Landau at Tufts University explains the importance of individuals having access to strong encryption. And she observes police and the intelligence community are coming around to understanding this view:

“Increasingly, a number of former senior law enforcement and national security officials have come out strongly in support of end-to-end encryption and strong device protection …, which can protect against hacking and other data theft incidents.”

One day, perhaps, governments and businesses will have the same concerns about individuals’ privacy as people themselves do. Until then, strong encryption without special access for law enforcement or other authorities will remain the only reliable guardian of privacy.
=============================================================================
Migration mayhem in 2017: 9 essential reads An armed robber’s Supreme Court case could affect all Americans’ digital privacy for decades to come Nobody reads privacy policies – here’s how to fix that Real security requires strong encryption – even if investigators get blocked Sign in to comment1 Comment Oldest Newest Stephen Reiss logged in via LinkedIn

This article makes an equivalence between all cell phones. Google’s product is your data, Apple’s product is not. How does this make a difference for online privacy? Is a casual mention of this, at least, not worth writing about? If your intent is to educate people, would not this difference, if indeed notable, be something you would want to ensure your readers know before making decisions based on this article?

5 days ago Report Most popular on The Conversation During the holidays, giving gifts to the dead can help you cope with grief Why Trump’s plan to forbid spouses of H-1B visa holders to work is a bad idea What thin people don’t understand about dieting Dreading conflict during the holidays? Let it go, let it go, let it go When cringeworthy gifts are worse than inconsiderate The dangerous belief that white people are under attack Why does using a period in a text message make you sound insincere or angry? When should you unfriend someone on Facebook? The travel industry has sparked a backlash against tourists by stressing quantity over quality Skip fights about digital devices over the holidays – instead, let them bring your family together

Privacy policy Terms and conditions Corrections Copyright © 2010–2017, The Conversation US, Inc.

Author Jeff Inglis Science + Technology Editor, The Conversation US

Partners View all partners

Republish this article Republish Republish our articles for free, online or in print, under Creative Commons license.