Introduction
Major social media platforms such as Facebook, Twitter, Instagram, etc. have become so central to our lives in this age of big data (Nicolas, 2019). The rapid development of the digital technology has brought conveniences to life, the automated collection of personal data algorithms that can generate unprecedented consumer insights and enable valuable personalized services. At the same time, the collection and use of digital personal data by online platforms and the negligent handling of digital personal data pose a threat to privacy (Wang, Zhang & Wang, 2021). There is a plethora of information everywhere in the digital age which contains both citizens’ spontaneous disclosure of public information and individuals’ private information. It includes but is not limited to personal information, online chat content, and Internet privacy data, putting the majority of online consumers’ privacy at risk. This paper will argue that the internet has been a major field of violations of personal privacy by malicious collecting of personal information without permission, tremendous leaking of important information for illegal use, and invasive advertising intruding people’s lives. This paper will also discuss those potential solutions in solving internet threats to personal privacy, such as drafting and introducing policies and regulations from government level, and popularising and improving the knowledge and consciousness of online privacy security from the individual level.
Figure 1: Online privacy. Retrieved from https://www.europarl.europa.eu/committees/mt/high-level-conference-on-protecting-onli/product-details/20151208CHE00191
Collecting personal information through digitization
Nowadays, when using the internet to access a social media platform like Facebook or a video website like YouTube or a shopping platform like Amazon, each of these accesses requires a cumbersome registration process before users can actually use them. Platforms that exchange access for personal data, remain critical in providing “free” services (Flew, 2019).
Privacy issues differ between government & company
Privacy issues differ in a digital environment from other ways in which companies and governments gather information. The government collects information from the public mainly to serve the public and to ensure the security of the data. For example, public security collects personal information for big data searches to find suspects or clues when people are missing. On the other hand, personal information collected by companies through the registration of personal information is used to gain commercial revenue. For example, Facebook not only collects users’ information during the registering process of users, but when interacting frequently with friends or family through likes and comments, these relationships, connections and relevant information generated by human and algorithms all together, are also being collected by Facebook inevitably. The preferences mentioned in the chat process are also recorded and uploaded automatically to social media operators, and then this information would be analyzed (also called data analysis) for commercial purpose like recommending goods and services of personalized service.
Unconscious discrimination
This situation is very common now. When people decide to accept or deny a loan, to grant or deny parole, or to accept or decline a job application (Favaretto, Clercq, & Elger, 2019), decision-makers rely exceedingly on big data to locate keywords, or the big data algorithm automatically substitutes the judgment criteria to help them make decisions, so it is likely that there will be unconscious discrimination based on race, gender or age. To well-illustrate this point, data analysis has been thought an efficient way, in terms of saving time, financial means and human labors, for decision-makers. For example, an employer does not need to necessarily talk to candidates of potential future workers, to decide job allocations. Inevitably, employers have their personal preference in choosing workers, which potentially further constitutes unconscious discrimination.
Invalid anonymous
In data analysis and mining, the user’s private information, including real personal information, IP addresses, and the device used to publish the content, will be automatically analyzed to determine the user’s identity. Privacy is precious to people. Therefore, anonymity in the era of big data is not real anonymity, but has become “transparency”, which is undoubtedly a threat to personal privacy. Police often set up anonymous hotlines to get more information, assess reliability, and solve cases. In this example, anonymity is a double-edged sword. Knowing the whistleblower’s identity is crucial for analyzing whether the information provided is reliable. However, to a large extent it is also the reason why people are reluctant to provide clues. Especially in the case of some large-scale criminal cases such as drug trafficking or smuggling, there is often similar news. The leak of personal information allows criminals to discover the identity of the whistleblower, and they retaliate against the other party, resulting in many deaths.
Figure 2: Anonymous. Retrieved from https://www.news18.com/news/tech/anonymous-crosses-6-3mn-followers-on-twitter-as-it-takes-on-donald-trump-racism-2649361.html
Many people choose to use social media, carry cell phones, and engage in other online activities knowing that their data is being collected, their actions are being monitored, and their online experiences are being generated and personalized algorithmically (Marwick, 2018). Users know that they want to use these platforms or software will inevitably be exposed to the threat of privacy. Nonetheless, all people can do is passively accept these unequal collections of information to gain access.
Figure 3: Facebook privacy issues. Retrieved from https://www.abine.com/blog/2019/8-steps-to-secure-your-facebook-privacy-settings/
Leaking of important information (Data Breach/ Internet fraud)
Businesses gain competitive advantages from data, while researchers are able to develop new and better insights, algorithms, and technologies as a result (Halim & Hutagalung, 2022). Whereas in the past, data breaches affecting millions of people made headlines, today events affecting hundreds of millions or even billions abound. Facebook has shared 87 million users’ data with political consultancy firm Cambridge Analytica, which on-sold to third parties for political ads in the 2016 U.S. election (Flew, 2019). The proliferation of data breaches has led users to have significant concerns about their privacy and security. According to research by the Web Security Academy, although some of this information has limited use, it may be the starting point for exposing additional attack surfaces. Personal information is leaked and trafficked at a very low cost, even if all a person’s information costs less than one dollar. Fraud and crime due to information leakage has been a common occurrence over the years, and a recent scam based on personal information leakage is proliferating in China due to COVID-19. Once a confirmed patient is found, China’s epidemic prevention department will quarantine all people who may contact with a positive person. This approach has always been called “dynamic zero” meaning the outbreak is controlled as quickly as possible. The scammers use the leaked personal information to pretend to be epidemic prevention staff to “verify” the identity of the scammers, thus gaining their trust by phone. The scammers then use various excuses, such as the need to pay a certain amount of money for the centralized quarantine or requesting the scammer’s bank information so that the scammers can click on a hacked link to obtain their bank card passwords and achieve internet fraud.
Figure 4: A centralized quarantine site in Shanghai, China. Retrieved from http://www.news.cn/photo/2022-03/30/c_1128516371.htm
Recommending advertisements based on big data analysis of personal information
Platforms have a compelling incentive to exercise control over the content each of people sees – if they keep presenting relevant content they enjoy, users will stay longer and engage more (Suzor, 2019). Google now controls nearly 90 percent of search advertising (Terry, 2019) which is based on keywords. When a user searches for a specific keyword, the merchant or platform that purchased the advertisement will be placed at the top of the search order. This type of advertising still requires self-searching before recommendations are made, and only requires users to spontaneously judge whether the ads are good or bad.
GIF 5: Tiffany native advertising. Retrieved from https://tencentads.com/home/Detail/83
Native Advertising is a much more realistic and personal data-based ad. The smart thing is that because it is well integrated into the normal content, unlike many ads that fill up the whole page or are located in a prominent position on the screen and breaks down the traditional barrier between advertising and editorial (Smith, 2017) users are more willing to click on them. In China, there is a social media application called WeChat, which is a comprehensive and multifunctional social media application, that integrats Facebook, Instagram, Amazon, etc. Users can browse WeChat Moments to get their friends’ updates. Native Advertising, on the other hand, inferred what products users were recently looking to buy from each other, and then planted them in the middle of their friends’ updates without any trace when they browse WeChat Moments. This is often the case when a couple is discussing topics such as “marriage”, “gifts”, “anniversaries”, etc., and the next thing they are suggesting is jewelry brands such as Tiffany. The privilege to “opt-out” of these data-oriented systems is increasingly unattainable (Marwick, 2018). Such personal information-based ads recommendations are difficult to turn off completely. Using WeChat as an example, reducing the options for these ad recommendations requires roughly 20 steps and over 10,000 words of agreement to read. Please note that it is only “reduce” and not “turn off”, even if users spend half an hour doing the above steps, they can only keep reducing the referrals for half a year. What’s more ironic is that the “reduce” here does not specify whether it will reduce half of the referrals or not, after all, even reducing one referral in six months is called “reduce”. Users can not be dissatisfied with this, because many sites will have this sentence at the end of the terms and conditions “The company reserves the right of final interpretation”. Big data is being used to spy on the content of conversations and force advertisers to show ads without the consent of the users, which is undoubtedly a violation of privacy for one-way advertising to gain profit for the company.
Rethinking the security of online privacy
In the era of the Internet of Everything (Internet of Things), Internet users’ mobile phones, laptops, and other information-based devices are all connected to the Internet. With the continuous collection of personal information, fragmented data is aggregated, mined, and analyzed, making everyone to be almost “transparent”, and these data may be improperly used, disclosed or leaked, thus triggering public concerns about online privacy. In response to this phenomenon, a rethink of online privacy inevitably arises. The government needs to strengthen supervision in the supervision of privacy leakage, and continuously draft and introduce online privacy regulations; individuals also need to pay special attention to protecting personal privacy.
Figure 6: Internet security. Retrieved from https://www.dreamstime.com/internet-security-icon-set-contains-editable-icons-theme-such-as-online-privacy-cyber-encryption-message-more-image211900153
Government regulations:
Since 1980, many countries have enacted privacy protection laws to prevent unauthorized data breaches and similar breaches of privacy from the unlawful storage, misuse or misuse of personal data. Most of the developed countries in the world have admitted to implementing these restrictions (Škrinjarić et al., 2019). Inspired by the GDPR, many countries have introduced a comprehensive regulatory system for personal data security protection. For example, the 2020 California Privacy Rights and Enforcement Act (CPRA) states that California residents can have new rights based on strengthening consumer privacy rights and data security protection, such as correcting personal information and restricting the use and disclosure of sensitive personal information. The Data Security Law of the People’s Republic of China and the Personal information protection law officially implemented by China in 2021 provide legal protection for data security, personal information and personal privacy protection at the legal level. Establish a centralized, unified, efficient and authoritative data security risk assessment, reporting, information sharing, monitoring and early warning mechanism. Criminal penalties are imposed on companies that collect unnecessary personal privacy information or sell personal information. The formulation of such laws and regulations enables the government to supervise online privacy, and to have laws to follow when punishing companies and individuals who leak and violate personal privacy.
Figure 7: Personal data protection. Retrieved from https://www.china-briefing.com/news/personal-data-regulation-in-china-personal-information-protection-law-other-rules-amended/
Individual protection:
Although the relevant departments already have relevant laws to reduce the threat of online privacy security in the digital age to a certain extent, it is still incomplete, and such threats still exist under the temptation of huge interests. Individuals also need to pay attention to the security of personal information in their daily lives. For example, in the process of installing or opening an app for the first time, users often click “Agree” without reading the registration instructions. This situation can easily lead to hidden dangers such as unauthorized access to friends’ contact information, chat content, and recordings in the address book. What an individual needs to do is to read these permissions carefully and authorize only what is necessary. For some small-scale websites whose security cannot be determined, services such as “disposable email addresses” and “temporary mobile phone numbers” can be used to register, and fictitious information should be appropriately filled in the information to prevent potential leaking risks.
Conclusion
The rise of digital networks will inevitably bring advantages and disadvantages to human society, which are inevitable consequences of the process of social development. There have been many cases showing that data privacy issues can lead to a variety of hidden dangers, so it is extremely necessary to be alerted in time to prevent them from going astray by government regulation and individual protection. Three different types of personal privacy threats, digital collection of personal information, abuse of personal privacy information and use of big data to recommend advertisements on personal hobbies or topics of concern. Here, several common online violations of personal privacy are exposed one by one, hoping to help readers pay attention to the importance of online privacy security and reduce the possibility of personal information being leaked to a large extent.
Bibliography
Alice E. Marwick & Danah B. (2018). Understanding Privacy at the Margins: Introduction. Retrieved from https://go-gale-com.ezproxy.library.sydney.edu.au/ps/i.do?p=AONE&u=usyd&id=GALE%7CA561120196&v=2.1&it=r
Dareen K. Halim & Samuel H. (2022). Towards data sharing economy on Internet of Things: a semantic for telemetry data. Journal of Big Data. https://doi.org/10.1186/s40537-021-00549-0
KPMG Survey: American Consumers Want More Control, Visibility Into How Companies Use Their Personal Data. (2020). Retrieved 7 April 2022, from https://home.kpmg/us/en/home/media/press-releases/2020/07/kpmg-survey-american-consumers-want-more-control-visibility-into-how-companies-use-their-personal-data.html
Information disclosure vulnerabilities | Web Security Academy. (2022). Retrieved 7 April 2022, from https://portswigger.net/web-security/information-disclosure
Favaretto, M., De Clercq, E. & Elger, B.S. (2019). Big Data and discrimination: perils, promises and solutions. A systematic review. Journal of Big Data. https://doi.org/10.1186/s40537-019-0177-4
Mike, S. (2017). The Native Advertising Advantage: Build Authentic Content that Revolutionizes Digital Marketing and Drives Revenue Growth (1st edition). McGraw-Hill. Retrieved from https://www.oreilly.com/library/view/the-native-advertising/9781259835698/?ar
Škrinjarić, B., Budak, J., & Rajh, E. (2019). Perceived quality of privacy protection regulations and online privacy concern. Ekonomska Istraživanja, 32(1), 982–1000. https://doi.org/10.1080/1331677X.2019.1585272
Suzor, N. P. (2019). Lawless : the secret rules that govern our digital lives. Cambridge: Cambridge University Press. Retrieved from https://www-cambridge-org.ezproxy.library.sydney.edu.au/core/services/aop-cambridge-core/content/view/6688999078ABFE0821E84D76A055BE70/9781108481229c2_10-24.pdf/who_makes_the_rules.pdf
Terry, F. (2019). Platforms on Trial. Retrieved from
https://eprints.qut.edu.au/120461/1/im-july2018-platformsontrial.pdf
Tobias R., Gerhard R. (2017) Privacy Is Precious: On the Attempt to Lift Anonymity on the Internet to Increase Revenue. Journal of Economics & Management Strategy. Retrieved from https://onlinelibrary-wiley-com.ezproxy.library.sydney.edu.au/doi/10.1111/jems.12192