Privacy vs. digital age: Where's the balance?

Privacy vs. digital age: Where's the balance?

Summary: The digital age is launching an assault on privacy as we've known it. As social sites collect more and more data how will attitudes toward privacy change. And what can be done from a self-regulation, legal and end-user stand point to put more control back into the hands of consumers.


What has become of privacy?

There was a time when just drawing the window shades ensured a private sanctuary.

But the digital age is less shade and more glaring light, and it is shining brightly on personal data.

Privacy vs. digital age: Where's the balance?"There has never been another time in history where privacy was under the kind of assault it is today," said Rainey Reitman, activism director for the Electronic Frontier Foundation (EFF). "Consumers have increasingly digital lives and they are developing an unfathomably large data trail every day."

There is a perfect storm, Reitman says, involving digital lives, low-cost storage that allows companies to save everything, and the revenues that incent those companies to collect as much data as possible.

The long-term consequences on privacy are an unknown, but Internet users are feeling some fatigue and questions are flying as the law chases data sharing technologies operated by some of the richest juggernauts ever.

In addition, technologists are busy designing tools intended to give end-users control over their lives online.

How deep is the glut of personal and "private" information online?

Each week users post 3.5 billion pieces of content on Facebook, according to social media firm HubSpot. Google runs about 900,000 servers to handle the load of its services, according to independent estimates. Twitter claims 100 million active users. And Nielsen estimates that social media sites and blogs reach 80% of all active U.S. Internet users.

It's not just the volume of individual pieces of data, but the aggregation of that data that starts to really raise the hackles of privacy advocates.

That point was reinforced over the past week with news of Google's new privacy policy, which allows the company to aggregate user information across services, and Facebook's no-opt out deployment of its Timeline, which mixes a users past with the present.

But its not just Google and Facebook mixing data to find trends and make decisions, it's data collected by any technology and used by automobiles, high-tech home sensors, insurance providers, employers, retail sites and political parties.

Lately, however, it is social sites, fed with user-created content, dominating the privacy news. Those sites have a thirst for information that aids ad sales and stimulates other business opportunities around data that defines a person and their actions.

Today, those sites are staunchly defending that position. For example, Facebook spent $1.4 million in 2011 on lobbying, a nearly 300% increase over 2010. And Google spent $9.7 million, nearly a 90% increase over the previous year. Earlier this month, Google, which declined comment for this article, committed "tens of millions" of dollars to a privacy ad blitz around its Google+ social site.

At the same time, privacy groups like Consumer Watchdog, Electronic Privacy Information Center, Privacy Rights Clearinghouse, Future of Privacy Forum, and the Electronic Frontier Foundation, and government bodies such as the Federal Trade Commission (FTC), the U.S. Congress, and the European Commission are calling for checks and balances.

In the past nine months, both Google and Facebook have been subjected to FTC fines and sanctions that stretch over 20 years.

"These companies grew up fast and they did not look at data like it was gold," said Jules Polonetsky, director and co-chair of the Future of Privacy Forum. "The FTC wants them to realize they have gold here and they have to be careful."

Self-regulation, legal and end-user efforts have helped carve out some limits and restrictions on how data is used.

Bills are working their way through Washington, such as the Commercial Privacy Bill of Rights Act of 2011, which calls for protections of personal information online.

This week, the European Commission proposed new online privacy rules that give users among other protections the right to ask for the deletion of information about them on sites such as Facebook and Google. The proposal, which if passed into law would go into effect in 2014, would have global implications.

"Companies will have to play by the European rules," said John Simpson, director of privacy projects for the group Consumer Watchdog. "And if they do that in Europe, it will be harder for them not to do it in other places such as the U.S."

Outside of the legal machine, technologists are dealing with the reality that data is out of the bag and it won't go back in. The challenge now is how to close the bag and prevent further leakage.

"The first step is to find data that is not being shared in this way now because it is too sensitive, and than discover ways to share it safely with sub-sets of the world, not the whole world, and use that to prove there is a safe data sharing market," says Eve Maler, an analyst with Forrester.

Before joining Forrester, Maler spearheaded and continues to work on an ongoing effort called User Managed Access (UMA), technology designed to put the user in control of their personal data, deciding who gets what and what they can do with it.

It's a work in progress, and it builds on other emerging technologies, notably OAuth 2.0, an authentication/authorization framework for securing access to data.

"UMA is about authorized sharing of your stuff no matter where it is and with other folks no matter where they are," says Maler.

There are other efforts underway to help users control their information and relationships online such as personal data stores, and Vendor Relationship Management, a project at the Berkman Center for Internet and Society at Harvard. Simpson is working with the World Wide Web Consortium on a "do not track" standard.

Giving that sense of control back to users might just be a wave that could catch on.

This week in the wake of Google's new privacy policy, an informal Washington Post survey of nearly 14,000 readers showed nearly 66% were going to cancel their accounts in the wake of Google's privacy changes.

Whether they can actually cut the cord is another story.

"I think the challenge is for the industry to help users feel in control of what is going on," says Polonetsky. "Today the reaction is this [data collection/aggregation] is not something being done for them, it is something being done to them."

If a shift in mindset comes about, it could be the start of significant progress that benefits both the Facebooks and the Googles of the world as well as the users of those sites and other technology that watches, records, and archives digital life.

"These are truly historical moments," said Consumer Watchdog's Simpson. "We are trying to sort out culturally what the appropriate bounds are to give people the kind of personal privacy that they have had historically but is now deeply threatened by technological change."

EFF's Reitman says we shouldn't lose sight of the technological marvels developing before our eyes, nor the implications. "It has been a wonder to society, and in some respects a death knell for individual privacy."

How will privacy be defined in the digital age? Where is the balance?

See also:

Topics: Social Enterprise, Google, Legal, Security


John Fontana is a journalist focusing on authentication, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he also blogs about industry issues and standards work, including the FIDO Alliance.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Privacy vs. digital age: Where's the balance?

    Perhaps you should ask your colleague Chris Dawson. It's people like him that make the Internet a bad place to go anymore. Thankfully, there's browser addons that can randomize user data that gets sent back to [s]Google[/s] Big Brother, protecting our privacy, even when people like Chris are careless enough to throw it away.
    The one and only, Cylon Centurion
    • RE: Privacy vs. digital age: Where's the balance?

      @Cylon Centurion

      Wasn't there some alternate search engine out their called "Scroogle", where it acted as a go-between for you and the Google search engine, and:
      -- cut out the annoying "ad" results from the search results
      -- cut your IP address out of the loop, so that all Google saw was the IP address for Google's server

      Not sure how it would work if, for example, you were logged into your Gmail account on another tab, but it still might have some possible use...
    • RE: Privacy vs. digital age: Where's the balance?

      @Cylon Centurion The best privacy on internet providing us this company:
    • RE: Privacy vs. digital age: Where's the balance?

      @Cylon Centurion <br>[i]Perhaps you should ask your colleague Chris Dawson.[/i]<br><br>And Mr. Dawson is being benignly naive. Believe it.
  • Privacy is easy

    Just don't put on the net anything you don't want the world to know.
    • Privacy is NOT easy

      @lepoete73 ... you run around with your phone, you buy gas using a credit card, you get groceries with a debit card. The location of your phone and the products you buy, where and when you buy them - that would tell anyone looking in to you almost everything they need to know.

      To achieve privacy, you'd have to stay off the internet almost entirely, run around with a pocket full of cash, and not carry a phone or other electronic device.

      It could be done, but 'easy' is to just say yes to popups on facebook, take that phone call, send that email, browse the internet.
      • RE: Privacy vs. digital age: Where's the balance?

        @HollywoodDog - so, you know when and where I buy my groceries, now what? I do not even mind if you manage to make a fortune out of this knowledge - be my guest - as long as long you are not stealing my credit card numbers.
      • RE: Privacy vs. digital age: Where's the balance?


        So true seems that the 1998 movie Enemy of State is starting to show thru in the new 2012 digital age. It is only a matter of time before skynet a.k.a google,facebook,microsoft,twitter etc... will become self aware and terminate its creators and humanity. It may very well be on 12-21-12 you never know
    • The user as vegetable


      Users of Facebook and Google are not consumers

      The users are a product whose data the companies sell to their real customers; the people who buy the advertising.

      Google and Facebook think about their users the same way a fruit and vegetable shop thinks about fruit and vegetables.
  • Privacy was gone in the 1980's, the author is late!

    Back in the 1980's, we could collect enormous amounts of data on individuals (long before search engines and general access to the Internet) just from the 3 credit agencies. Do some research on a guy (Robert John Bardo) doing Life for the 1991 murder of an Actress (Rebecca Schaeffer), documented in "Privacy for Sale: How Computerization Has Made Everyone's Private Life an Open Secret" by Jeffery Rothfeder, published in August 1992. This article is 20+ years late!
    • Quite true

      @B.O.F.H. <br><br>But the internet hasn't helped by spreading the same info (and more) far more freely and indiscriminately. Then you have all these new Net entities providing services for free while they data mine the sh*t out of you. And it's only just begun. <br><br>Of course Googles almost rhymes with Chuckles -- but really, who cares.
  • It will take egregious misuse to change anything

    1. Private citizens don't value their privacy. They make stupid assumptions that *somebody* is protecting them somehow, but neither the government nor the corporations are doing that job.
    2. Corporations are making big money off of your data. They are interested in making more, not less, so privacy will continue to be eroded without end.
    3. Corporations gather the data legally that would be difficult for authorities to gather without probable cause. It is an unholy partnership: the private sector gathers the data, then the government comes and takes whatever they want with a blanket subpoena or National Security Letter. Building a dossier on a citizen used to be a costly and time-consuming exercise, now it is a snap. Three quick hits will get an agent an incredible amount of information: Google file, your credit report, and your cellphone logs. Extras like Facebook and Twitter logs fill in the details. It is an agent's dream, all paid for by corporate money.

    What can you do about it? If you are addicted to being online, nothing will help you. If you can't turn off your cellphone without having an anxiety attack, then you might as well put a dog collar around your neck and wait for them to snap the leash onto it. For every browser trick, pseudonym, proxy server, etc., there are smart people looking at ways to finger you anyway. You just can't avoid it.

    Things will only change after authorities and insiders are discovered routinely abusing the system, and maybe not even then. Once you lose control of your private information, you can never really get it back again.
    terry flores
    • RE: Privacy vs. digital age: Where's the balance?

      @terry flores that is possibly the most coherent and therefore frightening explanation i've seen.

      So perhaps the most effective counterattack is at the nexus of this unholy alliance... to dispense with the stupid idea that corporations are people and can lobby the government, to cripple the nanny state so that there's less incentive to lobby, and to institute a wall of separation between government and business at least to the same degree as we separate government and religion. For starters, i mean.

      I wouldn't trust any federal privacy laws because as it is, they're written by corporate interests. If Congress came out with the Protect People's Privacy Act of 2012 i think it would scare the poo outa me because i know it would do the exact opposite.
      Joe McPlumber
  • FaceBook and Google are way too expensive

    Every user is worth $100 to FaceBook in terms of advertising revenue.

    I might be prepared to join up if they pay me $90, plus $0.50 for every item of new data I add to my profile.
  • RE: Privacy vs. digital age: Where's the balance?

    The compromise is to protect your privacy first, then indulge in browsing and on-line activities second. It's a known issue and there's simple ways to remain as anonymous or even invisible. I think it should be mandatory for schools to teach kids how to remain private and not post photos or personal data -- and the kids should be required to pass tests and maintain standards of conduct on-line, just as they must in school, in person.

    ironically, all these sites like this one from a publisher like ZDNet try to gather as much data from the visitors as possible, then spend their time and resources on figuring out how to monetize and profit from what they glean.
  • RE: Privacy vs. digital age: Where's the balance?

    Doc hopes for the best, John, when it comes to privacy rights among consumers, but fears the worst. We've become fairly complacent on the subject and it seems many people have given up on any real privacy protection. How much will we give up in the name of convenience? Hard to say, but I think it's a lot. This is an unprecedented time in our history and we have to tread carefully or there will be no going back, I'm afraid.
    DocuMentor (Doc)