Users should protect own privacy

But how much power and ability online users have to safeguard their own privacy remains in question, even as market watchers and privacy advocates underscore need for users to take personal responsibility.
Written by Jamie Yap, Contributor

Individuals have to take their own steps to manage their personal data but how much power and provision they have to do so remains in question, according to industry players and advocacy groups.

Graham Titterington, principal analyst at Ovum, described user privacy as a fundamental component of the human psychology as well as a symbol of trust and intimacy. For these reasons, it is still "a major issue" in today's Web 2.0 society, he told ZDNet Asia.

Furthermore, Titterington said, most forms of cyber authentication use personal information. "If privacy is dead, so is online commerce in the long run," he said, adding that many Internet companies have a business model that is totally dependent on users' personal information.

The Australia-based analyst, though, emphasized the users' role in protecting their own privacy. He noted that many consumers have a "false idea that everything online is free" and do not realize that the content still needs to be paid for in some form or another.

"Ultimately, it is up to users to determine whether they want a free Internet or control over their information," said Titterington. "[Consumers will] just have to look after themselves... [Businesses] cannot be relied upon to act in the best interests of their customers."

In an e-mail interview, Singaporean undergraduate Rachel Goh related how online users previously had more control over what personal data to provide in exchange for services they want.

"Our privacy, today, is no longer one where you have some clue or control of what is being done with the personal information you consciously give to Web sites so that you can carry out online activities, like checking your e-mail or paying your bills," Goh said.

"Now, sometimes you don't even realize information is being taken from you," she noted, referring to the previous privacy breaches involving Apple iPhone mobile apps and Google's Street View.

After admitting its Street View cars had harvested personal data from unsecured Wi-Fi networks, Google could face charges in South Korea where local authorities had indicated plans to bring the case to court. Governments in United States, Australia and Germany, where the Internet giant faced similar scrapes, had decided not to pursue the matter.

In an e-mail statement, a Google spokesperson told ZDNet Asia: "While we have repeatedly acknowledged that [the data collection] was a mistake, we believe Google did nothing illegal in Korea, and we are working with the relevant authorities including the Korean Communications Commission and the police to respond to their questions and concerns."

She added that besides ceasing all Wi-Fi data collection from its Street View cars, Google has also made several changes to create stronger privacy controls including simplifying its privacy policies, and appointing a privacy director, Alma Whitten, to ensure its products and internal practices contain effective privacy controls.

Provision of privacy controls limited
While Goh agreed that online users should take steps to protect their own privacy and not rely on a third-party to do so, she noted that there are sometimes limited tools and controls available to allow users to manage their privacy.

This is an area some Internet companies such as Facebook have said they constantly seek to address.

Kumiko Hidaka, global communications manager for the social networking site, said: "User control is something we seriously think about when developing Facebook's features in general".

She told ZDNet Asia in an e-mail that Facebook users can "control exactly what they want to share and with whom they want to share it". Hidaka said the site offers a "comprehensive set of privacy tools" to allow a granular level of control that individual pieces of information can be targeted to, or restricted from specific persons.

For instance, referring to Facebook's phototagging feature which uses facial-recognition technology, she said there are controls which allow users to manage who can view photos in which they have been tagged.

The social network, however, had faced much criticism over its privacy practices.

Quizzed about critics of the company's opt-out privacy controls, Facebook's Hidaka replied that the site offers a set of recommended settings as default configurations, and people can choose to share their information with friends, friends of friends, everyone, or to a customized list of friends.

However, privacy advocate Beth Givens said "opt-out is a very imperfect vehicle for protecting personal privacy" where individuals have to take the initiative to opt out of the use of their personal information.

The founder of Privacy Rights Clearinghouse, Givens noted in an e-mail interview: "Privacy is a human right...Like all human rights, the individual should not be burdened with protecting one's privacy."

She added that companies should instead allow consumers to opt-in to data collection and behavior tracking.

Law not keeping up
Givens, who is based in the U.S., said laws in the country are inadequate to prevent identity theft and curb stalking or provide individuals true privacy protection.

The judiciary courts want to see "harm" to find cause for breach but it is difficult for a user to show a direct correlation between the company that shared private data and the harm the consumer experienced, she explained.

Bryan Tan, a Singapore-based tech lawyer who runs his own practice, Keystone Law, noted: "There is no presumption of privacy in privacy legislation."

In an e-mail interview, Tan said commercial forces have every incentive to lobby against privacy legislation. "Until lawmakers feel that someone is overstepping his boundaries, lawmakers will only enact legislation to counter what needs to be countered," he said.

Nonetheless, Ovum's Titterington described proponents of user privacy as fighting "a hard, [but] not losing, battle".

"The death of privacy has been predicted for many years, but it hasn't gone without a continuing fight," said the analyst, citing Sun Microsystems' then-CEO Scott McNealy who famously declared in 1999: "You have zero privacy. Get over it." Just last year, Facebook CEO Mark Zuckerberg proclaimed a similar stance, noting that "age of privacy is over".

Editorial standards