In his January 2013 post to the
Digital Analytics - University of Utah course blog, McCall Lewis wrote about
the ongoing debate surrounding online consumer privacy and efforts towards a
standard for "Do Not Track" [i].
McCall correctly stated that 2013 would be the year that these issues
came to the consciousness of the consumer at-large. In this post, I intend to
explore the ongoing saga of Digital Privacy and how consumers and online
entities are reacting.
Digital Privacy in
2013, In a Nutshell (Help! I'm in in a
nutshell!)
It is safe to say that by the close
of 2013, no American was completely isolated from developments in the world of
digital privacy. This was the year of
Edward Snowden and Wikileaks, which exposed such government spying programs as
PRISM, Tempora, and MUSCULAR [ii]. If
people were not previously concerned with the monitoring of their internet
behavior, it is hard to believe that they were not starting to think about
it. Most relevant to Digital Analytics
is the allegation that the NSA was using cookies to piggyback on the tools that
digital advertising firms were using to "pinpoint targets for government
hacking and to bolster surveillance".
Google, Yahoo!, and Microsoft announced plans to encrypt traffic between
their data centers, with Microsoft indirectly comparing the threat to that of
Chinese government-sponsored hacking [iii].
Beyond allegations of government
spying, other news events triggered a growing concern for digital privacy
amongst citizens. It was revealed that
Google, despite their unofficial corporate motto being "Don't be
evil", was collecting and storing data on WiFi networks while driving the
avenues and boulevards in their mapping vehicles [iv]. Inadvertent or not, this revelation made big
headlines in the year of Digital Privacy concerns. Beyond government and corporate spying, there
were a number of black-hat news stories as well. Major retailers such as Target and Neiman
Marcus were victims large-scale data breaches in which personal and credit card
information were stolen from their servers.
While nothing connected to a network is ever totally secure, some of the
details surrounding these breaches made it clear that retailers were not doing
everything that they could to protect this sensitive data. In this particular
case, the suspected security snafu source was an HVAC contractor that was given
the keys to the castle, which were thusly compromised [v].
Current Sentiment
Not surprisingly, there have been
numerous studies trying to suss out what the consumer reaction is to all of
this. A University of Vienna focused on the act of "Virtual Identity
Suicide" within the online social networking site Facebook. The single biggest cause for this phenomenon,
where a user deletes as much of their content as possible before permanently
locking themselves out of their account, were concerns over privacy. Among users studied, over 48% expressed this
viewpoint [vi]. It turns out, they have a right to be concerned. Austrian law
student Max Schrems found out, in 2010, that Facebook had over 1,200 pages of
data on him alone. This included data that
he had never been supplied, but had been linked to him through his friends
contact list. As big-data analytics gets
more powerful, this could translate into an enormous amount of personal
information being available to online companies [vii].
Using information like Facebook
collects, identification of protected classes is not only possible, but on the
verge of child's play. The Center for
Digital Democracy is making efforts to address its concerns to the FTC. They state that technologies such as
hyper-local targeting, geo-fencing, and cross-platform targeting will allow for
rampant discrimination. The sorts of
questions that it is illegal for employers to ask (age, marital status, sexual
orientation) will become easily attainable information [viii].
TrustE, a digital privacy
management company, conducted a study regarding consumer opinions about Online
Behavioral Advertising recently [ix].
They found that 69% of internet users understood the value trade-off of
online ads versus free content, but only 26% are willing to actually accept the
same. It seems as though most internet
users feel powerless in the process that they need to just accept what is
offered. The study also showed that 62%
of users would be more willing to do business with a company that allowed them
to opt-out of targeting.
Ongoing Efforts
The WC3 is spearheading a Do-Not-Track
and privacy working group, but things are not going as well as could be
hoped. One of the biggest internet
watchdog and lobbying organizations, the EFF (Electronic Frontier Foundation),
has lost confidence in the group [x].
They have directly stated that if the group continues in the direction
that it is currently headed, that they may be forced to drop out. Another watchdog group has a similar
stance. Jeffrey Chester, of the Center
for Digital Democracy as called the efforts of the group "a farce". It appears as though the group cannot even
get the definition of tracking nailed down.
Are they concerned with 1st party cookies, 3rd party cookies, or other
methods of data collection? Original
efforts in the Do-Not-Track space only targeted 3rd party cookie based ads,
providing a guise of privacy to the relatively uneducated user.
It is unclear what the future may
bring in terms of digital privacy, but it is doubtful that it will continue to
be as unregulated as it currently is.
The European Union is enacting tough laws, requiring explicit consent in
some areas, rather than the arguably implicit consent given by endless EULAs
and TOCs that no one actually reads. If
the FTC gets involved in the United States, things are likely to change.
[i] Lewis, McCall ‘The “Do Not Track” Debate’ Digital
Analytics – University of Utah, January 26, 2013.
http://dauofu.blogspot.com/2013/01/the-do-not-track-debate.html
[ii] Wikipedia contributors, "Edward Snowden,"
Wikipedia, The Free Encyclopedia, http://en.wikipedia.org/w/index.php?title=Edward_Snowden&oldid=595457266
(accessed February 5, 2014).
[iii] Wikipedia contributors, "MUSCULAR (surveillance
program)," Wikipedia, The Free Encyclopedia,
http://en.wikipedia.org/w/index.php?title=MUSCULAR_(surveillance_program)&oldid=595197410
(accessed February 5, 2014).
[iv] “Street View: Google given 35 days to delete wi-fi
data”, from BBC News: Technology, June 21, 2013.
http://www.bbc.co.uk/news/technology-23002166
[v] Feinberg, Ashley “Last Month's Massive Target Hack Was
the Heating Guy's Fault” Gizmodo, February 5, 2014.
http://gizmodo.com/last-months-massive-target-hack-was-the-heating-guys-1516926877
[vi] Munson, Lee “Half of Facebook-quitters leave over
privacy concerns” NakedSecurity, September 18, 2013.
http://nakedsecurity.sophos.com/2013/09/18/half-of-facebook-quitters-leave-over-privacy-concerns/
[vii] Solon, Olivia “How much data did Facebook have on one
man? 1,200 pages of data in 57 categories” Wired.co.uk, December 28, 2012.
http://www.wired.co.uk/magazine/archive/2012/12/start/privacy-versus-facebook
[viii] Submitted by demedia, “CDD Calls on FTC to Protect
Privacy in today's Hyper-local, geo-targeting, cross-platform, Big Data
Era/Warns of Discriminatory Practices with mobile device tracking”, Center for
Digital Democracy, February 6, 2014.
http://www.democraticmedia.org/cdd-calls-ftc-protect-privacy-todays-hyper-local-geo-targeting-cross-platform-big-data-erawarns-disc
[ix] Deasy, Dave “TRUSTe Study Reveals Increased
Transparency and Privacy Controls Produce More Positive Feelings about OBA”
TrustE Blog, September 19, 2013.
https://www.truste.com/blog/2013/09/19/truste-study-reveals-increased-transparency-and-privacy-controls-produce-more-positive-feelings-about-oba/
[x] Fung, Brian “The Internet’s best hope for a Do Not Track
standard is falling apart. Here’s why.” The Washington Post Online, The Switch,
October 11, 2013.
http://www.washingtonpost.com/blogs/the-switch/wp/2013/10/11/the-internets-best-hope-for-a-do-not-track-standard-is-falling-apart-heres-why/
No comments:
Post a Comment