In one of the largest studies of its kind, Avast, an antivirus software company, found that “North America has the highest density of IoT devices, with 66% of scanned homes possessing at least one IoT device, compared to the global average of 40%.” Furthermore, there are 4.2 billion active social media users worldwide, with 1 billion users on TikTok, 2.89 billion on Facebook, and 1 billion on Instagram.
While social networks and digital devices add new abilities to every aspect of life, there’s a price to pay. In this digital economy, it’s not always clear whether you’re a customer or you’re the product. According to Tim Sewell, CTO and co-founder of Reveal Risk, people don’t fully understand how much of their personal information they’re giving away online or why it’s so valuable.
Tim has 20+ years in cybersecurity and executive leadership, where the topic of privacy was an ongoing conversation throughout his career. He has seen the scope of what companies are willing to do for personal data, especially those whose entire business model relies on it.
Before we dive into online privacy, lets take a moment to establish the difference between privacy and anonymity. You are anonymous when you interact with a system while the system doesn’t know who you are. There’s no way for the system to lose your information because it never has it. In contrast, you enjoy privacy when the system knows who you are but there are legal or procedural controls that limit the use of your information. The difference is important because it’s almost impossible to be anonymous in a digital world. That means that we rely on privacy controls to keep our information safe from abuse. Digital privacy is about giving consent to what data is collected and for what purposes it can be used.
Within the context of engaging on social media, these companies are constantly collecting your data to analyze and predict your behavior. This helps them create an individualized experience for all users where their interactions are seamless –and potentially addicting. This isn’t limited to just social media companies –Microsoft, Google, and countless other companies do this as well. Even if you passively engage with social media, where you rarely post and only scroll for news updates, they’re collecting information about you.
“They know what topics you like, what you’re interested in, what draws you in, and your location,” Tim said. “They then build a profile based on your likes and interests just from looking at the screen, take that information, and target you with ads.”
Even more frightening is that they build content for you based on geography. In other words, they boost activity based on when and where you tend to use social media the most. If Snapchat notices that from 9 a.m. – 5 p.m., you have a pattern of not using your phone as much because you’re at work, they’ll promote what they predict will interest you when you’re off work and at home, Tim stated.
Even if you don’t post on Snapchat but you do on Instagram, these platforms buy and sell this information with one another. Some apps even have access to your microphones, and they collect that data and sell it to companies they partner with for ads.
The worst part? None of this is illegal because users agree to all of this. It’s required if you want to enjoy apps like Facebook and TikTok. Some may argue that it’s about making the choice to participate in society. These companies don’t try to make this information easy to access either; they actually invest more money and energy into decreasing the likelihood of users reading through their terms before accepting them.
“The terms and conditions are written for lawyers, so most terminology is in legal terms that aren’t easy to understand to the average person,” remarked Tim on the tactics used by social media companies. “Even if you read through the pages and pages of terms and agreed to all of it, you can be subject to completely different policies and standards throughout your usage, because policies change all the time.”
Social media companies do this because being upfront with users could have devastating financial consequences. As an example, millions of people deactivated their social media accounts after Apple let people opt in or out of services tracking their data, which let people see how much of their information was being collected. As a result, Facebook, Snap, YouTube, and Twitter lost nearly $10 billion in revenue in 2021.
And this is just the corporate use of your data. Governments have their own reasons for data collection, which can be very dangerous depending on where you live, explained Tim. The government, just like any other company, has access to the same data markets social media companies use to buy and sell user information. They often purchase information through partner agencies, which can include geographic data to track where you are.
Some governments find so much value in the personal data of its citizens that they’ve restructured their system of trust. Take China’s social credit system; it’s a construction of a moral ranking system that punished people based on negative or “untrustworthy” behavior. This system can be used on individuals or whole companies, and potential punishable offenses include “spending too long playing video games, wasting money on frivolous purchases, and posting on social media.” Punishments have taken the form of barring flight purchases, reserving the best hotels, or buying business-class train tickets.
Why is information about what articles you like to read or what you reshare online so valuable, anyway? Because by figuring out how to keep you engaged online longer, companies can continue to sell your information to anyone who’s willing to pay the price. That means that users have no idea who their information is going out to and what they’re going to use it for. I don’t know about you, but that thought terrifies me ESPECIALLY when we don’t know the extent of all of the information they have about us.
The fact is that it’s impossible to completely avoid internet use without isolating yourself from society. Most websites ask to track your cookies, social media access is not allowed without signing away your data, and going “incognito” on your web browsers does nothing more than clear your browsing history; it doesn’t make you anonymous or keep other websites from tracking your data.
Is there anything that can be done about this? Is it possible to take back control of your data? Tim’s short answer was a hesitant “yes.” You can’t do anything about the data that’s already out there, but you can take steps to minimize future generated data.
“One thing that you can do is sign up for services as a child under the age of 13, where they limit your functionality but can’t sell your data because of child privacy laws,” Tim said. Doing this on YouTube, for instance, would limit your access to certain videos and generate more kid-friendly content on your feed, but it’s one way to engage on some services in a safer way.
Tim also recommends reading through privacy and cookies policies –it’s an investment of time but worth it. There are also browsers available that block trackers and social connections. This often causes page breaks and simplifies formatting and style, but you still have access to what you need from the internet without as much tracking. He also avoids using Google when possible. Instead, he uses DuckDuckGo, a privacy-focused search engine with tracker blocking and encryption.
On the far end of the privacy spectrum, there are services that allow usage of platform access by circumventing their terms of service, therefore breaking them. Some methods include sharing user accounts, which violates the terms of service for many companies.
Overall, Tim has confidence that you can be more private on a laptop or desktop than on a phone, and your online activity can be better hidden if you browse services without actually logging into them. It’s also valuable to research reliable Virtual Private Networks (VPNs) or other technical controls to privatize your data. Not all of them are reliable, as some have gone through security breaches or also sell your data to other companies. In some cases, your internet service provider (ISP) also tracks and sells your data, so your home network can also compromise your privacy.
“It takes a significant amount of effort to use the internet safely,” Tim shared. “You have to be conversant in contract language to even understand the terms. You will break a lot of websites by disabling trackers. There’s a high cost to being a private citizen in the digital economy.”
Generally, Tim would urge caution, as every platform has issues. It’s important to make informed and deliberate choices regarding our privacy, which we all have a right to.