HOME

TheInfoList



OR:

Digital privacy is often used in contexts that promote advocacy on behalf of individual and consumer privacy rights in
e-services E-services (electronic services) are services which make use of information and communication technologies (ICTs). The three main components of e-services are: # service provider; # service receiver; and # the channels of service delivery (i.e., t ...
and is typically used in opposition to the business practices of many e-marketers, businesses, and companies to collect and use such information and data. Digital privacy can be defined under three sub-related categories: information privacy, communication privacy, and individual privacy. Digital privacy has increasingly become a topic of interest as information and data shared over the social web have continued to become more and more commodified; social-media users are now considered unpaid ' digital labors', as one pays for 'free' e-services through the loss of their privacy. For example, between 2005 and 2011, the change in levels of disclosure for different profile items on
Facebook Facebook is an online social media and social networking service owned by American company Meta Platforms. Founded in 2004 by Mark Zuckerberg with fellow Harvard College students and roommates Eduardo Saverin, Andrew McCollum, Dust ...
show that, over the years, people want to keep more information private. However, observing the seven-year span, Facebook gained a profit of $100 billion through the collection and sharing of their users' data to third-party advertisers. The more a user shares over social networks, the more privacy is lost. All of the information and data one shares is connected to clusters of similar information. As the user continues to share their productive expression, it gets matched with the respective cluster and their speech and expression are no longer only in the possession of them or of their social circle. This can be seen as a consequence of bridging
social capital Social capital is "the networks of relationships among people who live and work in a particular society, enabling that society to function effectively". It involves the effective functioning of social groups through interpersonal relationships ...
. As people create new and diverse ties on social networks, data becomes linked. This decrease of privacy continues until bundling appears (when the ties become strong and the network more homogeneous). Some laws allow filing a case against breach of digital privacy. In 2007, for instance, a
class-action lawsuit A class action, also known as a class-action lawsuit, class suit, or representative action, is a type of lawsuit where one of the parties is a group of people who are represented collectively by a member or members of that group. The class actio ...
was lodged on behalf of all Facebook users that led Facebook to close its advertising system " Beacon." In a similar case in 2010, the users sued Facebook once again for sharing personal user information to advertisers through their gaming application. Laws are based on consumers' consent and assume that the consumers are already empowered to know their own best interest. Therefore, for the past few years, people have been focusing on self-management of digital privacy through rational and educated decision-making.


Types of privacy


Information privacy

In the context of digital privacy, ''information privacy'' is the idea that individuals should have the freedom to determine how their digital information is collected and used. This is particularly relevant for
personally identifiable information Personal data, also known as personal information or personally identifiable information (PII), is any information related to an identifiable person. The abbreviation PII is widely accepted in the United States, but the phrase it abbreviates ha ...
. The concept of information privacy has evolved in parallel to the evolution of the field of
Information Technology Information technology (IT) is the use of computers to create, process, store, retrieve, and exchange all kinds of data . and information. IT forms part of information and communications technology (ICT). An information technology syste ...
(IT). The rise of networking and computing led to the dramatic change in the ways of information exchange. The baseline for this concept was put forward in the late 1940s, and the third era of privacy development began in the 1990s. The
European Union The European Union (EU) is a supranational union, supranational political union, political and economic union of Member state of the European Union, member states that are located primarily in Europe, Europe. The union has a total area of ...
has various
privacy law Privacy law is the body of law that deals with the regulating, storing, and using of personally identifiable information, personal healthcare information, and financial information of individuals, which can be collected by governments, public o ...
s that dictate how information may be collected and used by companies. Some of those laws are written to give agency to the preferences of individuals/consumers in how their data is used. The
General Data Protection Regulation The General Data Protection Regulation (GDPR) is a European Union regulation on data protection and privacy in the EU and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and of human rights law, in par ...
(GDPR) is an example of this. In other places, like in the United States,
privacy law Privacy law is the body of law that deals with the regulating, storing, and using of personally identifiable information, personal healthcare information, and financial information of individuals, which can be collected by governments, public o ...
is argued by some to be less developed in this regard. By example, some legislation, or lack thereof, allow companies to self-regulate their collection and dissemination practices of consumer information.


Communication privacy

In the context of digital privacy, communication privacy is the notion that individuals should have the freedom, or right, to communicate information digitally with the expectation that their communications are secure—meaning that messages and communications will only be accessible to the sender's original intended recipient. However, communications can be
intercepted In ball-playing competitive team sports, an interception or pick is a move by a player involving a pass of the ball—whether by foot or hand, depending on the rules of the sport—in which the ball is intended for a player of the same team b ...
or delivered to other recipients without the sender's knowledge, in a multitude of ways. Communications can be intercepted directly through various hacking methods, such as the man-in-the-middle attack (MITM). Communications can also be delivered to recipients unbeknown to the sender due to false assumptions made regarding the platform or medium that was used to send information. For example, the failure to read a company's privacy policy regarding communications on their platform could lead one to assume that their communication is protected when it is in fact not. Additionally, companies frequently have been known to lack transparency in how they use information, which can be both intentional and unintentional. Discussion of communication privacy necessarily requires consideration of technological methods of protecting information/communication in digital mediums, the effectiveness and ineffectiveness of such methods/systems, and the development/advancement of new and current technologies.


Individual privacy

In the context of digital privacy, individual privacy is the notion that individuals have a right to exist freely on the internet, in that they can choose what type of information they are exposed to, and more importantly, that unwanted information should not interrupt them. An example of a digital breach of individual privacy would be an internet user receiving unwanted ads and emails/spam, or a computer virus that forces the user to take actions, which otherwise they would not. In such cases, the individual does not exist digitally without interruption from unwanted information; thus their individual privacy has been infringed upon.


Individual privacy

Some internet users proactively work to ensure information can not be collected, this is the practice of attempting to remain anonymous. There are many ways for a user to stay anonymous on the internet, including
onion routing Onion routing is a technique for anonymous communication over a computer network. In an onion network, messages are encapsulated in layers of encryption, analogous to layers of an onion. The encrypted data is transmitted through a series of net ...
, anonymous VPN services, probabilistic anonymity, and deterministic anonymity. Some companies are trying to create an all-in-one solution, In an interview with Tom Okman, co-founder of NordVPN he mentioned they're currently exploring a technology that will block trackers, cookies, detect
malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depr ...
before it lands on the user's device and more.


Information anonymity

For a user to keep their information anonymous when accessing the web, onion routing can be used to ensure the protection of their
personally identifiable information Personal data, also known as personal information or personally identifiable information (PII), is any information related to an identifiable person. The abbreviation PII is widely accepted in the United States, but the phrase it abbreviates ha ...
. Onion routing was originally developed by the U.S. Naval Research Lab and was intended to anonymize web traffic. The system created a path to any
TCP/IP The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the su ...
server by creating a pathway of onion routers. Once a pathway has been established, all information that is sent through it is anonymously delivered. When the user has finished utilizing the pathway it was essentially deleted which freed the resources to be used for a new pathway within onion routing. The Onion Routing Project developed into what is today known as Tor, a completely open-sourced and free software. Unlike its predecessor, Tor is able to protect both the anonymity of individuals as well as web providers. This allows people to set up anonymous web servers that in effect provide a censorship-resistant publishing service.


Communication anonymity

While the previously mentioned information anonymity system can also potentially protect the contents of communications between two people, there are other systems that directly function to guarantee that communication remains between its intended recipients. One of these systems, Pretty Good Privacy (PGP), has existed in various forms for many years. It functions to protect email messages by encrypting and decrypting them. It originally existed as a command-line-only program, but it has evolved in recent years to have its own full interface, and a multitude of email providers now offer built-in PGP support. Users can also install PGP-compatible software and manually configure it to encrypt emails on nearly any platform. Secure Sockets Layer (SSL) and
Transport Layer Security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securi ...
(TLS) are measures to secure payments online. While these systems are not immune from breaches or failure, many users benefit greatly from their use as every major browser program has built-in support for it.


Additional services

There are additional methods that work to provide anonymity and, by extension, protect the user's data. As
IP address An Internet Protocol address (IP address) is a numerical label such as that is connected to a computer network that uses the Internet Protocol for communication.. Updated by . An IP address serves two main functions: network interface ident ...
es can frequently be traced back to a specific physical location, and likewise can identify someone as well, changing one's IP address can help users remain anonymous by providing access to a multitude of servers in various geographic locations around the world, allowing them to appear as if they are physically located in a selected area, even when they are not. This is an example of a method/service that works to allow for information and communication anonymity. IP-address changers are one such service, which an internet user typically pays a fee to use. The Virtual Private Network (VPN) is a technology that provides users secured connection over a non-secure public network such as the Internet through several tunneling protocols, handling, and encapsulating traffic at different levels to ensure communication security. VPN is also effective in securing data and privacy over the cloud and data-center environments because it is capable of protecting IPs from exposure to different kinds of attacks. This technology can be categorized into
SSL SSL may refer to: Entertainment * RoboCup Small Size League, robotics football competition * ''Sesame Street Live'', a touring version of the children's television show * StarCraft II StarLeague, a Korean league in the video game Natural language ...
VPN and
IPSec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
VPN, which are methods of data communication from a user device to a VPN gateway using a secure tunnel. There is also the case of the VHSP mechanism, which protects the exposure of an IP address by assigning a temporal IP for the VPN gateway and its services. The use of network address translation (NAT) allows users to hide connections passing through a gateway behind the gateway through the use of a sensible hiding IP address that is routable to the issuing gateway.


The (no) harm principle

Following the ''(no) harm principle'' of
John Stuart Mill John Stuart Mill (20 May 1806 – 7 May 1873) was an English philosopher, political economist, Member of Parliament (MP) and civil servant. One of the most influential thinkers in the history of classical liberalism, he contributed widely to ...
, private references must be respected: one can do whatever they want as long as others do not suffer from the consequences of it. In one's private space, alone, a person is free to do whatever they desire. With the advent of
photojournalism Photojournalism is journalism that uses images to tell a news story. It usually only refers to still images, but can also refer to video used in broadcast journalism. Photojournalism is distinguished from other close branches of photography (such ...
, the invasion of celebrities' private lives arose along with the notion of right-to-privacy—or what Samuel D. Warren II and
Louis Brandeis Louis Dembitz Brandeis (; November 13, 1856 – October 5, 1941) was an American lawyer and associate justice on the Supreme Court of the United States from 1916 to 1939. Starting in 1890, he helped develop the " right to privacy" concep ...
branded in 1890 as "the right to be left alone." Today's "privacy incidents" do not exclusively concern celebrities and politicians, as most people are connected and share data: people are not online to be left alone.


The economic value of data

According to Alessandro Acquisti, Curtis Taylor and Liad Wagman in ''The Economics of Privacy'' (2015), individual data can be seen as having two types of value: a commercial value and a private value. The fact that data is collected can have both positive and negative effects, and can cause a violation of privacy and a monetary cost. As per Acquisti, Taylor, and Wagman, there are further and further concerns about the progress of collecting data as
data analysis Data analysis is a process of inspecting, cleansing, transforming, and modeling data with the goal of discovering useful information, informing conclusions, and supporting decision-making. Data analysis has multiple facets and approaches, enc ...
becomes increasingly more efficient. Regulations such as the EU Data Protection Directive, the U.S. '' Children's Online Privacy Protection Act'', and many more are being put in place; however, the IT industry is always evolving and requires the users to be empowered and focus on self-management of the online privacy. As such, it is very important for the lawmakers to continue focusing on the right balance between the use of the internet and the economics of privacy.


Privacy and information breaches

Methods can be purposely crafted to obtain one's personal information illegally. These directed attacks are commonly referred to as hacking, though that term refers to the general practice and does not address specific hacking methods and implementation. Various hacking methods as it pertains to the invasion of one's digital privacy are outlined below. As it pertains to intent, within hacking, there are two categories of invasion: # Directed attacks against someone individually, and # Directed attacks against groups. With the latter category, however, a hacker could effectively obtain a specified/particular individual's information through first targeting a larger group. An example of this possibility could be as follows: if a hacker, named individual-A, wishes to obtain a particular person's information, individual-B, they could first target a platform or group that has individual-B's information already, such as a credit agency, or they could likewise target a group that individual-B has previously relinquished/provided their data to, like a social media network or a cloud based data service. Through targeting one of those groups, individual-A could effectively obtain individual-B's information by first hacking all data the group has, including the data of other individuals. Once obtained, the hacker could simply identify individual-B's information within the data and disregard the rest. Digital tools are available online to help thwart personal data theft.


Phishing

Phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwa ...
is a common method of obtaining someone's private information. This generally consists of an individual (often referred in this context as a hacker), developing a website that looks similar to other major websites that a target person commonly uses. The phishing website may look identical to the legitimate site, but its URL could have a variation in spelling or a different domain such as
.org The domain name .org is a generic top-level domain (gTLD) of the Domain Name System (DNS) used on the Internet. The name is truncated from ''organization''. It was one of the original domains established in 1985, and has been operated by th ...
instead of
.com The domain name .com is a top-level domain (TLD) in the Domain Name System (DNS) of the Internet. Added at the beginning of 1985, its name is derived from the word ''commercial'', indicating its original intended purpose for domains registere ...
. The target person can be directed to the site through a link in a "fake" email that is designed to look like it came from the website they commonly use. The user then clicks on the URL, proceeds to sign in, or provide other personal information, and as opposed to the information being submitted to the website that the user thought they were on, it is actually sent directly to the hacker. Phishing attacks commonly obtain bank and financial data as well as social networking website information. Online tools can help users protect their information from phishing attacks, including Web browser extensions, which are capable of flagging suspicious websites and links.


Development and controversy

Digital privacy is a trending social concern. For example, over the past decade, the usage of the phrase ''digital privacy'' has increased by more than fivefold in published books. A TED talk by Eric Berlow and Sean Gourley following the
2013 mass surveillance disclosures Thirteen or 13 may refer to: * 13 (number), the natural number following 12 and preceding 14 * One of the years 13 BC, AD 13, 1913, 2013 Music * 13AD (band), an Indian classic and hard rock band Albums * ''13'' (Black Sabbath album), 2013 * ...
cast a shadow over the privacy of
cloud storage Cloud storage is a model of computer data storage in which the digital data is stored in logical pools, said to be on "the cloud". The physical storage spans multiple servers (sometimes in multiple locations), and the physical environment is ty ...
and
social media Social media are interactive media technologies that facilitate the creation and sharing of information, ideas, interests, and other forms of expression through virtual communities and networks. While challenges to the definition of ''social me ...
. While digital privacy is concerned with the privacy of digital information in general, in many contexts it specifically refers to information concerning personal identity shared over public networks. As the secrecy of the American ''
Foreign Intelligence Surveillance Act The Foreign Intelligence Surveillance Act of 1978 ("FISA" , ) is a United States federal law that establishes procedures for the physical and electronic surveillance and the collection of "foreign intelligence information" between "foreign pow ...
'' becomes widely disclosed, digital privacy is increasingly recognized as an issue in the context of
mass surveillance Mass surveillance is the intricate surveillance of an entire or a substantial fraction of a population in order to monitor that group of citizens. The surveillance is often carried out by local and federal governments or governmental organizati ...
. Prior to the
Edward Snowden Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
disclosures concerning the extent of the
NSA The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collec ...
PRISM program were revealed in 2013, the public debate on digital privacy mainly centered on privacy concerns with social-networking services, as viewed from within these services. Even after 2013, scandals related to social-media privacy issues have continued to attract public attention. The most notable of these is the coverage of the Facebook–Cambridge Analytica data scandal in 2018, which led to a 66% decrease in public trust of Facebook.Trust in Facebook has dropped by 66 percent since the Cambridge Analytica scandal
/ref> The use of
cryptographic software Encryption software is software that uses cryptography to prevent unauthorized access to digital information. Cryptography is used to protect digital information on computers as well as the digital information that is sent to other computers over t ...
to evade prosecution and
harassment Harassment covers a wide range of behaviors of offensive nature. It is commonly understood as behavior that demeans, humiliates or embarrasses a person, and it is characteristically identified by its unlikelihood in terms of social and moral ...
while sending and receiving information over computer networks is associated with crypto-anarchism, a movement intending to protect individuals from mass surveillance by the government.


See also

* Internet privacy * Tor (network)


Further reading


"Privacy and Information Technology" (Summer 2020 edition), Edward N. Zalta, Editor
by
Jeroen van den Hoven Jeroen van den Hoven (born 1957 in Rotterdam) is a Dutch ethicist and a philosophy professor at Delft University of Technology. He specializes in ethics of information technology. Work Van den Hoven has written and worked with a range of schola ...
; Martijn Blaauw; Wolter Pieters; and Martijn Warnier, ''The Stanford Encyclopedia of Philosophy'', October 30, 2019 (version). Retrieved October 6, 2022.
''Digital Data Collection and Information Privacy Law''
by Mark Burdon,
Cambridge University Press Cambridge University Press is the university press of the University of Cambridge. Granted letters patent by King Henry VIII in 1534, it is the oldest university press in the world. It is also the King's Printer. Cambridge University Pr ...
, 2020.
"Data Is Different, So Policymakers Should Pay Close Attention to Its Governance", by Susan Ariel Aaronson, Mira Burri. Editor
Part IV -'' Global Perspectives on Digital Trade Governance''. Cambridge University Press, July 9, 2021. Retrieved October 6, 2022.
"Data is disruptive: How data sovereignty is challenging data governance"
Susan Ariel Aaronson, Hinrich Foundation August 3, 2021. Retrieved October 6, 2022.


References

{{Privacy Privacy