Shadow profile describes the situation when users' or non-users' information is collected without their consent. One of the most discussed cases of shadow profiling is on Facebook, which is reported to collect information on people which they did not provide.

Shadow profile's history

Early in 2012, a data breach of over six million Facebook users' personal information indicated the existence of shadow profiles, since the leaked information was not provided by users themselves. After this, Facebook started to combine user's shadow profiles with their public profiles. The combined profiles were then further shared with the users' friends if they used Facebook's Download Your Information (DYI) tool.

Shadow profile's influence

Positive influences

Benefits brought by shadow profile related behaviors include a more efficient way of data collection and anomaly behaviors detection. Some other researches show that integrated conceptualizations of Internet Privacy Concerns (IPC) have several implications: the third-order factor of IPC can differentiate the relation between IPC and other constructions and allows both website users and managers to analyze the importance of various privacy contexts.

Negative influences

Possible harms to users from privacy and information leakage include collection of sensitive data like financial account numbers, health information and precise geolocation. For instance, in the 21st century, the workplace is one of the many social establishments where employees perform in a given and defined condition. As a result, a blurred line emerged between workspace and personal space. Even when people knowingly share their thoughts online through comments or likes, their traces can affect real live events such as recruiting decisions due to the surveillance conducted by employers.

Possible privacy issue factors

Users upload a large amount of personal information onto online spaces, a phenomenon described by many researchers as users' lax attitude. Possible explanations for these behaviors are a combination of high gratification, usage patterns, and a psychological mechanism similar to third-person effect. Users themselves are sometimes found as the reason of information leakage. To generate more customized results, sometimes users are willing to share their information with Internet of Things (IoTs) for their own convenience. Other circumstances that users would share their information is when they feel anxious, concerned, or able to protect themselves from privacy invasion, the more likely they will conduct privacy protection behavior. In other words, when users feel no control over privacy invasion, they are less likely to protect their information. There are also researchers who argue that there is a correlation between information leakage and companies' cooperation with third-parties. Online platforms would need to find a balance between the monetization with third-parties and managing users' private information, and a study shows that higher privacy concerns from users would drive up publisher websites’ decision making and third party market structures, such that higher privacy concerns lead to higher industry concentration. Even more, different situations and environmental factors while conducting online behaviors are highly likely to influence people's behaviors, and may lead to rational/irrational decision makings. In terms of protection from the officials, by drawing reference to case law on Article 8 of the European Convention on Human Rights, some researchers conclude that the current law cannot adequately address the issue of privacy nor provide protection for open source.

Possible privacy issue solutions

To address the issue of leaking personal information there exist multiple facets. One category of the solution suggests focus on users. One of the argued solutions points out the inefficiency of privacy terms that companies use to ask for users' consent, such that they are sometimes too lengthy (Facebook's privacy terms has 9,500 words), involved with professional vocabularies that only few would fully understand or the users do not understand who are the other parties they are granting their information to. As a result, one of the solutions is to advance the privacy terms by making them easy to read and understand. In addition, the conversation among users is another factor that leads to information leakage, such that people share their information with each other but they become incapable of controlling over the spread of that information afterwards. Thus some argue that instead of focusing on what companies can do to provide a clearer picture of the possible information access, users themselves should be the primary target of controlling over their personal information online and this would work as an efficient way to ease both companies' and consumers' concerns with data collection. Another proposed argument also emphasizes the focus on users, which claims that by making users fully aware of what they are doing online and the logistics behind online behaviors, they will put more trust into the virtual world and would take care of their personal information even more. Instead of focusing on users, some others suggest the interdependent relationship between users and online platforms or companies, and the social contract between them: while companies collect personal data and feedback from users, users would benefit from the modified functional improvements. As a result, as companies are not merely the side notifying users about the privacy norms but being a contractor responsible for maintaining a mutually beneficial relationship with users, the privacy tension is eased.

References

{{reflist Facebook Google Information privacy Internet privacy