As individuals, do we have the right to privacy on the Internet? If we do, it doesn’t feel like it. Recently, the traditional concepts of Internet privacy have been lost as a result of living in a digital world. What’s worse, a great deal of the loss in personal privacy has been given up by us easily and willingly. Here are some shocking facts about your Internet privacy and the questionable handling of consumer information in the digital age.
01) Social Networks “Opt-Out” of Your Privacy to Make Money
Social media, which many evidently thought existed solely as a way to “share” fun info with friends, prompted a large part of the population to divulge mass amounts of private data. Just to be clear, social media is not a non-profit public service. It is a vehicle to deliver targeted advertising and earn money. The more information a company can collect results in better targeting and more revenue. As the data collection methods and the scope of the information has become common knowledge, users have finally begun to take steps to protect their privacy. After some massive security breaches, some companies are finally stepping up as well.
A vast majority of computer users are unaware of how much data is actually stored and used. They feel that by clicking a few checkboxes, their data is “secured.” One of the fallacies in this logic is that protecting one’s personal data has become an “opt-out” function. The default setting for most websites, programs, and applications is the one that divulges the most personal data. As potential data vulnerabilities become public, the companies quickly take steps to make their product more “secure.” This is often a mere patch or panacea to the public.
02) Major Companies Are Intentionally Installing Malware on Your Computer
Data protection and internet security are a couple of the largest software sectors. Massive and well-publicized data breaches of companies like Target, Home Depot, Living Social, and Anthem have helped boost individual awareness of the need for vigilance in protecting their personal information.
The “Lenovo Incident” is perhaps the biggest wake-up call to date. The Chinese computer technology company, Lenovo, intentionally included a program called “Superfish” on its devices shipped between September and December 2014. Superfish software gathers information to deliver advertising to users based on a visual search engine. The software basically opened the individual’s computer to a number of possible attacks, including the theft of sensitive information such as passwords and account information. The “kindest” description of Superfish is malware; the Department of Homeland Security says that it makes computers vulnerable to serious cyber attacks.
After the inclusion of the Superfish software was made public, Lenovo responded by offering tools to remove the program and stopped including the program in their devices. Their responses, however, mirrored the dichotomy in the personal data protection area. While one Lenovo statement said “We have thoroughly investigated this technology, and do not find any evidence to substantiate security concerns,” a Lenovo security advisory listed it as a “highly severe” incident.
03) Retailers Need To Learn Security & Privacy Lessons From The Gaming Industry
Major retailers including Home Depot, Chick-Fil-A, Marriott and Target among others have all recently reported massive data breaches. While retailers have been slow to prioritize data security, some industries that you might not have suspected, have taken a more proactive approach to data security and privacy protection.
As most people are aware, the security measures found in casinos around the world are some of the most thorough of any institution. They take a no-nonsense approach to protecting not only the casino’s and players’ financial assets but also the integrity of the games themselves. One example, Poker Stars, has developed one of the more sophisticated data protection plans in the world. While the company understandably keeps many of the details confidential, some of their steps, like keeping various segments of information in separate databases, housing certain data servers in separate highly secure locations, and frequent third-party security checks are just part of the company’s public-facing security initiatives. As security and privacy advocates have long endorsed, visitors to the site never have to “opt-out” to help ensure the protection of their information.
04) Your Credit Card’s Magnetic Strip Knows Your Secrets
Another sector that is finally stepping up to provide robust privacy and data security is the banking industry. Some of the largest financial companies have finally taken a very proactive approach. Previously, their typical response was just to send a new credit card and forgive any unauthorized charges.
One of the biggest threats in the US is found in the card itself; the card’s magnetic strip contains a great deal of information and is easily hackable. While the European Union (EU) long ago moved to credit card data chips, US banks have been slow to do so, citing the cost to businesses as one of the prime reasons. While this technology will soon become the norm in the US, some banks are now taking a leadership role in data security.
Citibank, Chase, Capital One, Charles Schwab, Ally and Bank of America are not using two-factor authentication to log on to your account, which is one of the best methods of keeping data secure. Two-factor authentication, which requires a physical (a token or dongle) as well as non-physical (password or security code) to log-in, has long been used by subscription-based software that has no impact on personal security. It only makes sense to use it for sensitive information.
The use of text, email, or phone alerts due to suspicious activity is now becoming commonplace instead of random occurrences. Banks and credit card companies, like Simple and Capital One, have also launched apps that allow you to halt any transactions instantly for any reason. This simple step can save the banks and customers a great deal of time, inconvenience and money.
05) Most Companies Are Ill-Prepared to Protect Their Customer’s Privacy
Protection of privacy and security in the digital age is a matter of long-distance trust. The traditional methods of verifying identity are long gone. While some companies are taking a leadership role in protecting customers and users’ information, the key to real internet security is in the hands of the users. While many of us know better now, there are still people who fall for obvious phishing scams. People are often too willing to give up personal details that can be used for marketing or even personal data breaches.
06) Your Internet History Has Already Been Saved & Archived
You are being watched and followed. Every email you send, every product you buy, everything you do and everywhere you go is all being saved and archived. By who? Your Internet Service Provider (ISP) has the ability to not only track your Internet activity and filter your email but block sites as well as slow them down (like Netflix).
Your ISP is your gateway to the Internet. They assign your home a unique Internet Protocol (IP) address. Any Internet activity associated with that IP address leaves a digital footprint. Everyone, including Google, your ISP, and even advertisers can track you.
What makes this even scarier, is knowing all of this information is archived. Google, for example, saves every search to “improve your experience.” They know what you’ve searched for as well as your web browsing history. But that’s just the beginning. Google might also have an archive of all of your emails (Gmail), phone calls (Google Talk, Google Voice), alerts (Google News Alerts), appointments (Google Calendar) contacts (Google Contacts), photos (Picasa) pictures, researched locations (Google Maps) and much, much more. BTW Google isn’t alone. Every Internet service company is doing this.
Is Hope For Internet Privacy Already Completely Lost?
Many will argue that a certain loss of privacy is a ‘necessary cost’ of the convenience and benefits offered by the digital age. So what can we all do to better protect our online privacy? Sadly, not much. Living and doing business in the digital age is indeed a learning process.
Consumers also need to proactively place pressure on websites and program developers to make the sharing of personal data an “opt-in” rather than “opt-out” experience. They must also abandon the notion that protecting their users’ privacy and security is the priority of most businesses. Consumers must realize that most companies are ill-prepared when it comes to data protection or how to deal with it once it occurs.