It seems that every day we hear stories in the news about data breaches by large companies that we entrust with our personal information. You may have heard about the data breach suffered by Yahoo in 2013 where the personal data of more than 3 billion users was compromised. Or the Equifax breach in 2017 exposed the social security numbers of 143 million Americans. Or, perhaps, you were affected by the breach of Facebook in 2018 or the Marriott group at the end of 2018 where the data of 500 million clients was compromised.
Each one of these breaches has sown deeper the seeds of mistrust that the general public has towards giving out their personal information. More and more, people are becoming cognizant of how their personal data is being collected and used. This is especially true if they have a smartphone, use social media, or make purchases online.
What is data privacy?
According to privacy law expert Robert B. Standler, privacy is “the expectation that confidential personal information disclosed in a private place will not be disclosed to third parties when that disclosure would cause either embarrassment or emotional distress to a person of reasonable sensitivities.”
Do we need to take care of our data?
Yes. Absolutely yes. You may think that you have nothing to hide, and therefore there is no reason for you to be concerned about data privacy. But keeping data private isn’t simply about hiding information like your browsing habits. Companies are actively trying to collect as much information on you as possible. Not just your interests, but more personal information like how much money you make, where you travel, and even the makeup of your DNA. Beyond corporations, hackers are also trying to get your data so they can sell it to someone who will try to steal your identity.
Why data privacy matters?
It is true that there are certain benefits that come when you opt to surrender your data. For example, you may enjoy receiving personalized ads as opposed to ads for products you will never buy. Or you might enjoy learning about your ancestors from an at home DNA test. And while it is true that there are benefits that can come from giving up personal data, we need to be concerned about who has our data and what they are using it for. There are significant risks that can be posed to us by giving up our data. Governments can use facial recongnition and your phones geolocation data to track your every moment. Hackers can steal your identity and open credit cards in your name without your knowledge.
Here are 17 reasons why organizations, people and governments should be concerned with controlling data privacy.
- Identity theft
It’s impossible to hack a paper certificate, but it’s quite easy to hack a digital ID. Once identity thieves have access to someone’s personal information, they are able to use that identity to commit almost any crime in someone else’s name, such as trafficking drugs, committing cyber-crimes, laundering money and much more.
Confidential data theft becoming a major threat
- Banking security
Once identity thieves have your personal data, they are able to do whatever they want with it. Financial fraud is one of the most common types of crime. For instance, credit card fraud, bank fraud, tax rebate fraud, benefit fraud, and telecommunications fraud. An identity thief could open a credit card in your name or even file your taxes, submit fraudulent documents to make it look like you were owed money and take the return for themselves.
- Cyberstalking
Cyberstalking is a criminal practice in which an individual uses the internet as a means to harass or threaten someone[1]. A cyberstalker targets the victim through every online platform — instant messengers, social media, blogs, chat rooms, spyware, web camera, and emails. They may also use web-connected home devices to perform the assault.
The assaults do not only target the victim but often include the victim’s loved ones.
- Stalking and blackmail
Online accounts including Facebook, Google account, Twitter, Wechat, Weibo, Email, Cloud and banking accounts leave a trail of personal information for a stalker to thrive on. Anything posted or sent online, can be used against the person. Smarthome devices can also leak personal information to a stalker. Once they successfully access the devices, they will be able to monitor the victim whenever they want.
Cyber-blackmail, also known as “cyberextortion”, is the act of threatening someone to share his/her private, often embarrassing, information with the public, his/her friends or family, unless a demand is met, or money is paid. Cyber-blackmail can occur when cybercriminals breach corporate networks to gain personal information. The cyber economy research firm Cybersecurity Ventures[2] reported that ransomware is growing at an annual rate of 350%. They predict that the annual global cost of damage from ransomware will be greater than $11.5 billion by 2019, up from $325 million in 2015.
- Doxing
Doxing is also known as “internet mass hunting” or “human flesh search engines”. It is “a practice of searching and broadcasting of private authentic information about specific persons or organizations against their will, based on internet technologies, evil-minded as a general rule”. It is an effective cyber-weapon that can be used against anyone, even if they are miles away. A basic web search for someone’s username or profile photo can often lead an investigator to other accounts online and more personal information.
- Reputation damage
Fake social media account
Nowadays, creating a social media account in someone else’s name is not that difficult. A fake social media profile in your name is an easy way for someone targeting you to damage your reputation.
Credit score
If a cybercriminal dipped into a bank account, the victim’s credit score could be damaged even if they are to absolve themselves of responsibility for the debt. By the time the information has been corrected, this person may have already been rejected for a number of credit opportunities. Anyone doing a credit check on his/her name in the future will see these rejections. The black mark on the credit record could stop this person from qualifying for a mortgage, buying a home, or even getting a job because employers often conduct credit checks on their potential employees.
- Unwanted calls & emails
Direct marketing targets individuals through phone and mail to promote products and services or to get people to request additional information about the product or service. If you don’t want to receive endless robocalls, junk emails or texts, you may need to pay attention to your daily online behavior. Something as simple as clicking “like” on a social media post may lead you to related new ads. Advertisers keep tracking customer lifestyle, need, habits and interests to show directly target ads to them.
- Paying more
Retailers track customer habits and lifestyle, as a way to offer a “personalized” experience for their users. Unfortunately, this also means that customers sometimes end up paying more. Retailers are able to know what customers are willing to spend through their purchase history, browser cookies, or even their smartphone operating system. By analyzing all the data they have, retailers can show you a personalized (raised) price, and make you pay more than other customers.
- Insurance policy
When you are wearing a fitness tracking device or using health apps, your health data are recorded. Such information reveals a lot about your health. Insurance companies may use it for risk assessment. As a result, they may change the insurance policy or raise your payment.
- Child Safety
Smart toys
Studies have shown that kids are often unaware that others might hear what they say to their toys. Stories abound regarding children sharing personal information with toys that transmit voice messages, internet history and location data. In some cases, this has led to identity theft, online scams and, most worrying, exploitation of a child.
Smart watches
Some smartwatches aimed at kids are susceptible to being hacked, allowing strangers to track children and even communicate with them without parents’ knowledge.
Smart home devices
A hacker may access family security-related devices to figure out when the parents are at home or away. Criminals sometimes break into WiFi-connected baby-cams, even hijacking the speakers to talk to children and caretakers.
Crime
Without data privacy, your kid’s photos may be misused by others. According to an Australian Children’s Safety Commissioner, one site offered at least 45 million images, half of which were photos of children taken from social media accounts. Kids can be harmed if photos end up being misused by strangers. “This information that’s out there can be misused by predators — whether it is paedophiles or pornography sites,” said Dr Bahareh Keith, a paediatrician at the University of Florida Health and a co-author of the research. Data breach of kid’s photos may also lead to “Digital kidnapping”. According to Bustle.com “Digital kidnapping” is when strangers steal baby photos and repurpose them with new names and identities, often claiming the child as their own.
—story: Life changed forever for the Thompson family on May 4. It was a normal afternoon, the Thompsons hanging out in their suburban Seattle home, enjoying time with their two seemingly well-adjusted kids, 17 and 11 (I won’t be naming them). A ring at the doorbell roused the couple, who soon found themselves talking to a Snohomish County sheriff’s officer and a social services expert on the front porch. Their 17-year-old son has been sexually abusing his 11-year-old brother, the officers said. The FBI has pornographic videos, images and chat logs. There is strong evidence, though the parents can’t see it—yet. The officers demand to speak to the older son. He denies everything, insists it must all be a crazy mistake…https://cyberscout.com/education/blog/digital-kidnapping-one-familys-story
- Being listened to all the time
AI assistants such as Google Home and Amazon Alexa are equipped with microphones that are on all the time to listen for their owner’s requests. Companies claim that these digital assistants only start recording after the “wake word”. But it is clear that technically it is always listening and able to pick up your conversations, even if you think the microphone is off. If we aren’t careful, these smart devices could make it possible for someone to listen in on private matters.
- Being watched at home
One of the more obvious issues pertaining to security is the topic of cameras. Security-related devices, baby cams, and even smart TVs can watch everyone. It is like having an invisible guest in your room, and they may hurt people one day. For example, an outdoor security camera with Internet connectivity can be hacked, then the hacker could know where his target lives or use it to spy. Increasingly recorded footage from surveillance cameras is stored in the cloud, which means these videos are being trusted to the company that sold the camera, or even a third party. If one of these services was ever compromised, it is possible that leaked videos of you and your family in your living room, could be available to anyone. Moreover, since some governments have the technology of accessing citizens’ devices, everyone is at risk of being surveilled by the government.
- Privacy Right
Privacy online and offline is a basic right. Like the Fourth Amendment of the U.S. Constitution[3] that prohibits the government from entering its citizens’ home and listening to their conversations without a warrant. Such online conversations are also a right. People are now aware that governments spy on their citizens. They could use data like digital ID, biometrics, facial recognition and messages to conduct mass surveillance on the population. Windows, Macs and Linux OS computers may all accessible. The systems of surveillance may be misappropriated and misused at any time by future governments, foreign intelligence agencies or double agents. Some freedom is threatened by data. Everyone is at risk of being surveilled by their devices according to the capabilities of government entities.
- Legal liability
If a criminal has used person’s identity to commit a crime, this can put this person under police suspicion and being investigated as part of a criminal investigation, and in some cases, people may find it difficult to prove their innocence.
Governments are increasingly in favor of online surveillance. They are collecting their citizen’s data to enforce security and stability. Some countries obtain citizens’ information, as in some parts of the world, it is illegal to say or do anything that can be viewed as anti-government or against religious norms. Moreover, some states will fine people if he or she is enjoying media and content that the government has deemed to be ‘’improper’’.
- Political influences
The public might not be well-equipped to separate quality information from false information. As a result, fake news could bias the public opinions. The U.S. 2016 election has caused a heightened awareness of “fake news” online. This term became mainstream during the 2016 US election campaign when hundreds of websites published falsified or heavily biased stories – many of them in the pursuit of capitalizing on social media advertising revenue.
The US presidential campaign demonstrated the power of the relationship between politics and social media. This is the case with the scandal of Facebook’s Cambridge Analytica.
How Fake News Goes Viral: A Case Study
Social Media and Fake News in the 2016 – Election| Journal of Economic Perspectives—Volume 31, Number 2—Spring 2017—Pages 211–236
The Computational Propaganda Research Project – includes analysis of how tools like social media bots are used to manipulate public opinion by amplifying or repressing political content, disinformation, hate speech, and junk news.
- Data profiling
Under GDPR, profiling means any form of automated processing of personal data consisting of using those data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural persona’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements. An accurate profile can reveal a huge range of details about you: gender, sexual orientation, religion, and political opinions. This is why we need real data protection — not just better privacy settings.
- Bias
“The study of Google ads, using a CMU-developed tool called AdFisher that runs experiments with simulated user profiles, established that the gender discrimination was real” — Anupam Datta, associate professor of computer science and of electrical and computer engineering.
Big data may create a risk of unintentional discrimination. Since the data collected by companies include ethnicity, gender, religion or age, it may lead to a bias decision consequently based on the bias results.
Machine Bias – There’s software used across the country to predict future criminals. And it’s biased against blacks.
The Scored Society: Due Process for Automated Predictions – Washington Law Review, Vol. 89, 2014, p. 1-U of Maryland Legal Studies Research Paper No. 2014-8
________________________________________________________________________
What Have We Learned About Data Protection After Another Year of Breaches?
A User’s Guide: 10 Ways to Protect Your Personal Data
66 Ways to Protect Your Privacy Right Nowl
The same data used to protect immigrants could be used to deport them
Why Do We Care So Much About Privacy?
Automated Experiments on Ad Privacy Settings
Millions of Chinese CVs exposed on cloud server
More than 95,000 data breach complaints since EU rules kicked in
2018 saw 6,515 reported breaches, exposing 5 billion sensitive records
I Have Nothing to Hide – Really? Here’s why privacy matters to all of us
WHAT IS
CYBERSECURITY? HOW DOES IT AFFECT OUR PRIVATE LIVES
[1] Violence Against Women Reauthorization Act of 2013
[2] https://www.herjavecgroup.com/wp-content/uploads/2018/12/CV-HG-2019-Official-Annual-Cybercrime-Report.pdf
[3] https://www.law.cornell.edu/constitution/fourth_amendment
