Digital privacy

Source: Wikipedia, the free encyclopedia.
Internet
Visualization of Internet routing paths
An Opte Project visualization of routing paths through a portion of the Internet
General
Governance
Information infrastructure
Services
History
Guides
icon Internet portal

Digital privacy is often used in contexts that promote advocacy on behalf of individual and consumer privacy rights in e-services and is typically used in opposition to the business practices of many e-marketers, businesses, and companies to collect and use such information and data.[1][2] Digital privacy can be defined under three sub-related categories: information privacy, communication privacy, and individual privacy.[3]

Digital privacy has increasingly become a topic of interest as information and data shared over the social web have continued to become more and more commodified; social media users are now considered unpaid "digital labors", as one pays for "free" e-services through the loss of their privacy.[4] For example, between 2005 and 2011, the change in levels of disclosure for different profile items on Facebook shows that, over the years, people have wanted to keep more information private.[5] Observing the seven-year span, Facebook gained a profit of $100 billion through the collection and sharing of their users' data with third-party advertisers.[4]

The more a user shares on social networks, the more privacy is lost. All of the information and data one shares is connected to clusters of similar information. As the user continues to share their productive expression, it gets matched with the respective cluster, and their speech and expression are no longer only in the possession of them or of their social circle. This can be seen as a consequence of building social capital. As people create new and diverse ties on social networks, data becomes linked. This decrease in privacy continues until bundling appears (when the ties become strong and the network more homogeneous).[6]

Some laws allow filing a case against a breach of digital privacy. In 2007, for instance, a

their gaming application.[7] Laws are based on consumers' consent and assume that the consumers are already empowered to know their own best interests. Therefore, for the past few years, people have been focusing on self-management of digital privacy through rational and educated decision-making.[8]

Types of privacy

Information privacy

Main article: Information privacy

In the context of digital privacy, information privacy is the idea that individuals should have the freedom to determine how their

personally identifiable information
.

The concept of information privacy has evolved in parallel to the evolution of the field of Information Technology (IT). The rise of networking and computing led to the dramatic change in the ways of information exchange. The baseline for this concept was put forward in the late 1940s, and the third era of privacy development began in the 1990s.[9]

The European Union has various privacy laws that dictate how information may be collected and used by companies. Some of those laws are written to give agency to the preferences of individuals/consumers in how their data is used. The General Data Protection Regulation (GDPR) is an example of this. In other places, like in the United States, privacy law is argued by some to be less developed in this regard.[10] By example, some legislation, or lack thereof, allow companies to self-regulate their collection and dissemination practices of consumer information.

It is a common practice in some countries to oblige companies and websites to provide users with notice and ask for the consent to collect their data and/or track activity.[11] However, the specifics of this procedure usually are not properly regulated, which allows websites to manipulate users into obtaining consent by reducing the visibility of the notice, the frequency of requests for consent, etc. This affects the power dynamics between companies and consumers, perceived risks, and jeopardizes the right to privacy in the collection of personal data.

One such example of privacy policies being called into question would be on the social media app TikTok. While collecting user data normally requires permission from the user, the app is known to be quite insistent on the user sharing the data, at least in comparison to other apps such as Facebook. Since TikTok is capable of running without the user's personal data being gathered, this has raised suspicions about the app being used for data harvesting by the government.[12]

Communication privacy

In the context of digital privacy, communication privacy is the notion that individuals should have the freedom, or right, to communicate information digitally with the expectation that their communications are secure—meaning that messages and communications will only be accessible to the sender's original intended recipient.[3]

However, communications can be intercepted or delivered to other recipients without the sender's knowledge, in a multitude of ways. Communications can be intercepted directly through various hacking methods, such as the man-in-the-middle attack (MITM).[13] Communications can also be delivered to recipients unbeknown to the sender due to false assumptions made regarding the platform or medium that was used to send information. For example, the failure to read a company's privacy policy regarding communications on their platform could lead one to assume that their communication is protected when it is in fact not.[14] Additionally, companies frequently have been known to lack transparency in how they use information, which can be both intentional and unintentional.[15] Discussion of communication privacy necessarily requires consideration of technological methods of protecting information/communication in digital mediums, the effectiveness and ineffectiveness of such methods/systems, and the development/advancement of new and current technologies.

Many scholars have used communication privacy management (CPM) theory as a way to define control over private information. By sharing information with others through social media, the ownership of that information becomes collective.[16]

Individual privacy

In the context of digital privacy, individual privacy is the notion that individuals have a right to exist freely on the internet, in that they can choose what type of information they are exposed to, and more importantly, that unwanted information should not interrupt them.[3] An example of a digital breach of individual privacy would be an internet user receiving unwanted ads and emails/spam, or a computer virus that forces the user to take actions, which otherwise they would not. In such cases, the individual does not exist digitally without interruption from unwanted information; thus their individual privacy has been infringed upon.

Individual privacy

Some internet users proactively work to ensure information can not be collected, this is the practice of attempting to remain anonymous. There are many ways for a user to stay anonymous on the internet, including onion routing, anonymous VPN services, probabilistic anonymity, and deterministic anonymity.[17] Some companies are trying to create an all-in-one solution, In an interview with Tom Okman, co-founder of NordVPN he mentioned they're currently exploring a technology that will block trackers, cookies, detect malware before it lands on the user's device and more.[18]

Information anonymity

For a user to keep their information anonymous when accessing the web, onion routing can be used to ensure the protection of their

personally identifiable information
.

Onion routing was originally developed by the

Tor, a completely open-sourced and free software. Unlike its predecessor, Tor is able to protect both the anonymity of individuals as well as web providers. This allows people to set up anonymous web servers that in effect provide a censorship-resistant publishing service.[19]

Communication anonymity

While the previously mentioned information anonymity system can also potentially protect the contents of communications between two people, there are other systems that directly function to guarantee that communication remains between its intended recipients.[21]

One of these systems,

email providers now offer built-in PGP support. Users can also install PGP-compatible software and manually configure it to encrypt emails on nearly any platform.[22]

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are measures to secure payments online. While these systems are not immune from breaches or failure, many users benefit greatly from their use as every major browser program has built-in support for it.[19]

Additional services

There are additional methods that work to provide anonymity and, by extension, protect the user's data.

As IP addresses can frequently be traced back to a specific physical location,[23] and likewise can identify someone as well, changing one's IP address can help users remain anonymous by providing access to a multitude of servers in various geographic locations around the world, allowing them to appear as if they are physically located in a selected area, even when they are not. This is an example of a method/service that works to allow for information and communication anonymity.[24] IP-address changers are one such service, which an internet user typically pays a fee to use.

The

SSL VPN and IPSec VPN, which are methods of data communication from a user device to a VPN gateway using a secure tunnel.[26] There is also the case of the VHSP mechanism, which protects the exposure of an IP address by assigning a temporal IP for the VPN gateway and its services.[26]

The use of network address translation (NAT) allows users to hide connections passing through a gateway behind the gateway through the use of a sensible hiding IP address that is routable to the issuing gateway.[27]

The (no) harm principle

Following the (no) harm principle of John Stuart Mill, private references must be respected: one can do whatever they want as long as others do not suffer from the consequences of it. In one's private space, alone, a person is free to do whatever they desire.

With the advent of photojournalism, the invasion of celebrities' private lives arose along with the notion of right-to-privacy—or what Samuel D. Warren II and Louis Brandeis branded in 1890 as "the right to be left alone."[28] Today's "privacy incidents" do not exclusively concern celebrities and politicians, as most people are connected and share data: people are not online to be left alone.

The economic value of data

According to Alessandro Acquisti, Curtis Taylor and Liad Wagman in The Economics of Privacy (2015),[29] individual data can be seen as having two types of value: a commercial value and a private value. The fact that data is collected can have both positive and negative effects, and can cause a violation of privacy and a monetary cost. As per Acquisti, Taylor, and Wagman, there are further concerns about the progress of collecting data as data analysis becomes increasingly more efficient.

Regulations such as the EU Data Protection Directive, the U.S. Children's Online Privacy Protection Act, and many more are being put in place; however, the IT industry is always evolving and requires the users to be empowered and focus on self-management of the online privacy. As such, it is very important for the lawmakers to continue focusing on the right balance between the use of the internet and the economics of privacy.

Privacy and information breaches

Methods can be purposely crafted to obtain one's personal information illegally. These directed attacks are commonly referred to as hacking, though that term refers to the general practice and does not address specific hacking methods and implementation. Various hacking methods as it pertains to the invasion of one's digital privacy are outlined below. As it pertains to intent, within hacking, there are two categories of invasion:

  1. Directed attacks against someone individually, and
  2. Directed attacks against groups.[30]

With the latter category, however, a hacker could effectively obtain a specified/particular individual's information through first targeting a larger group.[31] An example of this possibility could be as follows: if a hacker, named individual-A, wishes to obtain a particular person's information, individual-B, they could first target a platform or group that has individual-B's information already, such as a credit agency, or they could likewise target a group that individual-B has previously relinquished/provided their data to, like a social media network or a cloud based data service. Through targeting one of those groups, individual-A could effectively obtain individual-B's information by first hacking all data the group has, including the data of other individuals. Once obtained, the hacker could simply identify individual-B's information within the data and disregard the rest. Digital tools are available online to help thwart personal data theft.[32]

Phishing

Main article: Phishing

Phishing is a common method of obtaining someone's private information.[33] This generally consists of an individual (often referred in this context as a hacker), developing a website that looks similar to other major websites that a target person commonly uses. The phishing website may look identical to the legitimate site, but its URL could have a variation in spelling or a different domain such as .org instead of .com.[34] The target person can be directed to the site through a link in a "fake" email that is designed to look like it came from the website they commonly use. The user then clicks on the URL, proceeds to sign in, or provide other personal information, and as opposed to the information being submitted to the website that the user thought they were on, it is actually sent directly to the hacker.[35] Phishing attacks commonly obtain bank and financial data as well as social networking website information.[34]

Online tools can help users protect their information from phishing attacks, including Web browser extensions, which are capable of flagging suspicious websites and links.[36]

Development and controversy

Digital privacy is a trending social concern. For example, over the past decade, the usage of the phrase digital privacy has increased by more than fivefold in published books.

2013 mass surveillance disclosures cast a shadow over the privacy of cloud storage and social media.[38] While digital privacy is concerned with the privacy of digital information in general, in many contexts it specifically refers to information concerning personal identity shared over public networks.[39]

As the secrecy of the American

PRISM program were revealed in 2013, the public debate on digital privacy mainly centered on privacy concerns with social-networking services, as viewed from within these services. Even after 2013, scandals related to social-media privacy issues have continued to attract public attention. The most notable of these is the coverage of the Facebook–Cambridge Analytica data scandal in 2018, which led to a 66% decrease in public trust of Facebook.[41]

The use of

crypto-anarchism
, a movement intending to protect individuals from mass surveillance by the government.

Future Research

Current research suggests that information privacy is rarely studied as a multi-level concept, which limits our knowledge and understanding of the topic. In addition, most research has focused on student or samples based in the US, which restricts the generalizability of the findings.[42]

See also

Further reading

References

  1. ^ TEDx Talks (2016-01-21), Privacy in the Digital Age | Nicholas Martino | TEDxFSCJ, retrieved 2018-11-28
  2. ^ Rice, James C.; Sussan, Fiona (2016-10-01). "Digital privacy: A conceptual framework for business". Journal of Payments Strategy & Systems. 10 (3): 260–266.
  3. ^
    ISSN 0887-6045
    .
  4. ^
    ISBN 978-1-136-50669-7
    .
  5. ISSN 2575-8527
    .
  6. ISSN 2193-5890
    .
  7. ^ D. Grubbs, Amelia (May 2011). "Privacy Law and the Internet using Facebook.com as a Case Study".
  8. ISSN 0093-6502
    .
  9. ^ "Information Privacy Research: An Interdisciplinary Review". ResearchGate. Retrieved 2020-12-01.
  10. ^ "Privacy Law in the United States, the EU and Canada: The Allure of the Middle Ground 2 University of Ottawa Law & Technology Journal 2005". heinonline.org. Retrieved 2018-11-28.
  11. ^ "Lexis® - Sign In | LexisNexis". signin.lexisnexis.com. Retrieved 2023-05-02.
  12. ISSN 0261-3077
    . Retrieved 2023-07-12.
  13. ^ "What is a man-in-the-middle attack?". us.norton.com. Retrieved 2020-10-10.
  14. ^ Kemp, Katharine. "94% of Australians do not read all privacy policies that apply to them – and that's rational behaviour". The Conversation. Retrieved 2018-11-28.
  15. ISSN 0718-1876
    .
  16. ISSN 0747-5632
    .
  17. ^ Grahn, Kaj J.; Forss, Thomas; Pulkkis, Göran. "Anonymous Communication on the Internet". InSITE 2014: Informing Science + IT Education Conference. 14: 103–120.
  18. ^ Gewirtz, David. "Meet NordSec: The company behind NordVPN wants to be your one-stop privacy suite". ZDNet. Retrieved 2021-08-02.
  19. ^
    ISBN 9781420052183
    .
  20. doi:10.1109/49.668972
    .
  21. doi:10.1145/1592451.1592456
  22. ^ Zimmermann, Philip R. (1999). "Why I Wrote PGP". Essays on PGP. Philip Zimmermann.
  23. doi:10.1109/65.912716. {{cite journal}}: Cite journal requires |journal= (help
    )
  24. ^ "What an IP Address Can Reveal About You" (PDF). Technology Analysis Branch of the Office Privacy Commissioner of Canada. May 2013.
  25. ISBN 9783319480206
    .
  26. ^
    ISBN 9783662465776
    .
  27. ISBN 978-1928994749
    .
  28. JSTOR 1321160
    .
  29. S2CID 7745229
    .
  30. ISBN 978-1463764944
    .
  31. ^ Dubovitskaya, Maria (12 February 2018), Take back control of your personal data, retrieved 2018-12-12
  32. ^ "How to Protect Your Digital Privacy" Throrin Klosowski, The New York Times, September 6, 2021. Retrieved October 6, 2022.
  33. S2CID 46919702
    .
  34. ^
    ISBN 9781484227985
    .
  35. ISSN 2351-9789
    .
  36. ISBN 9781420052176
    .
  37. ^ "Google Ngram Viewer". Retrieved 2022-08-19.
  38. ^ Gourley, Eric Berlow and Sean (18 September 2013), Mapping ideas worth spreading, retrieved 2018-11-27
  39. ^ "Privacy". Electronic Frontier Foundation (in Spanish). Retrieved 2018-11-27.
  40. ^ Roberts, Jeff (2013-08-22). "Google and Microsoft's plea on NSA requests moves slowly in secret court". gigaom.com. Retrieved 2018-11-27.
  41. ^ "Zuckerberg's apology tour has not done much to regain user trust". NBC News. 18 April 2018. Archived from the original on 2023-06-14.
  42. JSTOR 41409971
    .
Retrieved from "https://en.wikipedia.org/w/index.php?title=Digital_privacy&oldid=1213778989"