The Cost of Privacy
I got an email today pointing me to this story in Time magazine, Trying to Escape the Surveillance State, where a journalist tries to live for a month without his privacy being impinged. It led to a conversation about privacy and whether or not there is privacy on the Internet or will people pay the cost for the amount of personal information that they freely give to various sites such as Facebook, Twitter, LinkedIn etc.
I argue that there is privacy on the Internet depending on the choices you make. In most cases an online transaction be that purchasing something online, joining a social network or sending emails has privacy as an element built into the cost of that transaction. In order to buy those goods you surrender your privacy surrounding your personal details to receive those goods, you also probably use a credit card which means that your transactions are noted by your credit card issuer and finally sites may keep track of your activity to suggest recommended goods on your next visit. This is no different from the physical world where you purchase items by credit card and perhaps use a loyalty card in the store.
Joining a social network, e.g. Linkedin, also has its privacy transaction costs. You want the benefits of a social network then you need to surrender your personal details to become part of that network. In real life you join social clubs, meet friends in public places where you also trade part of your privacy to take part in the group.
Some will argue that governments monitoring of Internet usage is a breach of privacy, for example your Internet browsing and email history is retained under the EU Data Retention Directive and that your ISP knows all your activity from their system logs recently highlight by the Phorm controversy in the UK.
This is true but you can still take measures to protect your privacy online using various techniques such as anonymous proxies, never using your real name online, never purchasing items online and not joining any social networks or forums.
You can control your privacy on the web, the question needs to be asked, at what cost?
I don’t think privacy and secrecy are necessarily the same thing, though they are closely related.
I carefully choose what details to divulge on my website, LinkedIn, facebook, etc. and many would consider the level of information I share far too much. E.g. my mobile phone number – but I would counter that is no more than what a tradesman does by putting his number on his truck.
While these things are no longer “secret” in the strict sense, and bring with them an increased risk of identity theft, that isn’t my sole concern when it comes to privacy.
I expect to control the information. I expect the information to me my property. Something I can updated and change disclosure policy on over time.
I know this is an unrealistic expectation, but I think it is a common one!
What is the state of the law? If I publish some information that would normally be considered private, does that mean the information is no longer covered by privacy laws / data protection? Would a data protection complaint against a company that abuses my phone number not be upheld because at one time in the past I published it?
Or is it simply that data protection laws are unenforceable given that once something is published on the internet (and indexed by google and bing) it can never really be unpublished?
Sorry if this is off topic.
Hi Mark
Thanks for taking the time to drop by and make a comment.
Your points are very valid and I also believe that privacy and security are not the same thing but are closely related.
Under Eu and Irish law your personal information is your property and should be treated by companies as such and the Data Protection Act details how companies should handle that information entrusted to them. However, this only applies to companies that are located within Ireland, or indeed, the EU. Under Irish law these are the rights you have under that act http://www.dataprotection.ie/ViewDoc.asp?fn=/documents/rights/RightsPlainEnglish.htm&CatID=16&m=r.
However, should you give your personal details to a company outside of the EU then they are not obliged to treat your data in accordance with the Data Protection Act. That is why it is important that people read the privacy statement or the terms & conditions on the websites they deal with so they know and understand what can happen to their data should they provide it to that website.
The Data Protection Commissioner has a good informative video the act at http://www.youtube.com/dataprotection
The Data Protection Comm