What is Online Privacy Violation and How to Protect Yourself From One?
Be honest with yourself. How many times have you shared your data online without really considering the consequences? When signing up to a website, purchasing an item from an e-commerce store, or downloading an app, you expect the other side to hold their end of the bargain and keep your data safe.
Except that doesn’t always happen and one way or another, your data gets exposed and you become a victim of privacy infringement.
How do you protect yourself from violation of privacy rights?
You need to understand what your online privacy rights are, who can infringe upon them, what online privacy laws can protect you and finally see some examples of privacy violation and learn from them.
An Online Privacy Definition
Unfortunately, if you asked them, most people on the Internet wouldn’t be able to tell you exactly what online privacy is.
This is why we first need to find an online privacy definition.
Here, just Googling the term “online privacy definition”, we can come up with some good definitions.
For example, Technopedia defines Internet privacy (which is really just a synonym for online privacy) as:
“The vast range of technologies, protocols and concepts related to giving individual users or other parties more privacy protections in their use of the global Internet.”
Or, if we use Webster-Meriam’s definition of privacy as:
And use it in the online context, we can say that online privacy is:
“Freedom from unauthorized intrusion online”.
Finally, we can also use this online privacy definition, which is perhaps the simplest to remember and says it the best:
“Online privacy is the level of privacy and protection a user has while they’re connected to an online network.”
Okay, now that we’ve defined online privacy, let’s take a look at some of the biggest examples of online privacy violation that happened in the last couple of years.
10 Biggest Examples of Privacy Violation in the Last Few Years
The last couple of years have been especially “fruitful” when it comes to privacy infringement on the Internet. While there are certainly countless examples we could tell you about, we’ll just cover the 10 most glaring that happened in the last few years.
- Facebook and Cambridge Analytica
The $5 billion fine that the Federal Trade Commission (FTC) imposed on Facebook was the biggest sum one company was forced to pay for consumer privacy violation to this day.
British consulting company Cambridge Analytica collected personal data from up to 87 million Facebook profiles for years through an app called “This Is Your Digital Life”. This data was then used in the 2016 presidential campaigns of Donald Trump and Ted Cruz.
The misuse and privacy violation were uncovered in 2018 by a former Cambridge Analytica employee, Christopher Wylie, which led to a series of hearings, including the CEO of Facebook, Mark Zuckerberg’s testimony in front of the US Congress.
- Google Violating Child Privacy Laws
In September, 2019, the FTC, acting on the lawsuit from the California federal court, fined Youtube $170 for violation of privacy rights of children.
Namely, Youtube, a company owned by Google, was found to have gathered children’s data without their parents’ knowledge or consent and violated the Child Online Privacy Protection Act (COPPA).
- Zoom Selling User Data to 3rd Parties
Few companies have benefited from Covid-19 the way that video conferencing site Zoom did in 2020, garnering millions of new users.
However, this wasn’t enough for Zoom as an article in The New York Times uncovered how Zoom transmitted user data into a system that then matched users with their LinkedIn profiles via its subscription-based service Sales Navigator.
To make this worse, signing anonymously to Zoom didn’t matter as it still connected to their LinkedIn profile.
- Ring Doorbell Trackers
How many times have you had someone ring your doorbell when you’re not at home? Perhaps you even missed a delivery because of this.
Ring Doorbell is an app that allows you to see and speak to someone who comes to your doorsteps when you are not home.
Unfortunately, the app is absolutely packed with 3rd-party trackers, an investigation by the Electronic Frontier Foundation discovered.
According to the EFF report, Ring Doorbell sent personally identifiable information (PII), including user names, IP addresses and data from device sensors to facebook.com, appsflyer.com, branch.io and mixpanel.com.
- The Surge of Facial Recognition Systems
Today, everywhere you look, you can find a facial recognition program (or it can find you, better to say).
First, it was the cameras on every street corner that we’re told are supposed to help law enforcement identify criminals and find missing people. Then businesses and stores adopted the technology to strengthen their security measures and make shopping more efficient.
However, many companies neglect to tell you that they are using facial recognition technology in their stores to identify and track you and are as such guilty of privacy violation.
Some of these companies even share your biometric data without your consent.
- Smart Home Devices Sending Encrypted Data to 3rd Parties
Researchers at the Imperial College London and Northwestern University recently discovered that smart home devices are often sending encrypted data streams to 3rd parties.
For instance, the researchers alleged that “almost every Smart TV they tested contacted Netflix”. That’s even though none of the tested devices actually had configured Netflix accounts.
In addition to Netflix, the IoT devices were also found to contact Google, Amazon and other companies.
The good news in all of this was that most of the data were encrypted, though some devices did send unencrypted data. According to the researchers, the unencrypted data included very little PII.
- Automatic License Plate Readers (ALPR)
In August 2019, Rekor announced the launch of Rekor Public Safety Network (RPSN), a real-time database of license plates of over 150 million people in 30 states.
What the RPSN does is give law enforcement and other government organizations real-time access to your license plate information. In other words, the government can use this to track your vehicle and predict where and when it will show up next and it’s free.
- Preventing the Next Pandemic by Tracking Billions of People
You probably already have an app that measures your heart rate, tracks your steps, calculates how many calories you’ve eaten and similar, but one doctor’s suggestion takes monitoring apps to a new, dangerous level.
In his new book, Lifespan, Doctor David Sinclair suggests that the next big pandemic can be prevented by everyone wearing a biometric monitoring device that would then be connected to a centralized monitoring system.
In other words, while this could help prevent the spread of some new virus, you could basically say goodbye to your privacy rights.
9 Texas Law Firm Data Dump
One of the things you likely expect from your lawyer is confidentiality. This is why you want to make sure that the law firm is using encrypted email.
A Texas law firm Baker Wotring came under attack from a hacker group Maze in 2020 and had their entire document management system (DMS) leaked after refusing to make a ransomware payment.
This included all the legal documents of their clients.
10. The Dangers of Showing a Peace Sign On the Internet
Showing a “V” peace sign is generally considered harmless if we don’t count someone calling you a “hippie” or “pacifist” because of it.
But according to a Shanghai Information Security Association deputy Zhang Wei, showing “V” could actually be used to create a 100% copy of your fingerprints if the photo was taken from up to 1.5 meters.
What is There to Protect You Against Privacy Infringement?
Luckily, you are not completely undefended when it comes to preventing privacy violation.
There are several laws and regulations and other ways that protect your online privacy and data including:
The European Union’s General Data Protection Regulation was officially introduced in 2018 as a way to better control how companies store and use EU citizen’s personal data.
Those that fail to comply with the GDPR or otherwise breach it can expect a fine of up to 4% of the company’s annual revenue from last year (or 20 million euros, whichever sum is higher).
So far, according to stats by Data Privacy Manager, Spain leads in the number of GDPR fines with 175, while Italy has the biggest total amount of fines of any country of 70,290,601 euro.
Not surprisingly, Google was slapped with the largest GDPR fine so far of 50,000,000.
We already mentioned the Children’s Online Privacy Protection Act in one of the examples, but it bears further explanation.
COPPA was the first US privacy law written for the Internet, being passed originally in 2000 and was amended in 2012 (official changes implemented in 2013).
This act requires any website that collects data on children under 13 years of age to do so in full compliance with the FTC.
There are times when you want full privacy on the Internet, without anyone, including the government, knowing what you do online.
One way you can achieve almost 100% online privacy (read this article to learn if Tor is completely anonymous) is by using an anonymous network called Tor.
Tor, or The onion router, passes your Internet traffic through relays or “nodes”, all the while protecting your online identity from prying eyes.
One way or another, you are being spied upon when using the Internet. Your data is collected and shared with 3rd-parties without your knowledge and these companies are making a buck out of it.
That’s not even mentioning government spying and hackers.
What can you do to protect and prevent this privacy violation?
You can use a Virtual Private Network (VPN). This will hide your real IP address and make it seem like you are using the website from a completely different location than the one you are currently in.
- Encrypted and Anonymous Email Service
Regular email services like Gmail will collect and often share your data with third parties, including the government. They care very little about privacy infringement and as you can see, are willing to pay hundreds of millions of dollars in fines if they are discovered.
This will hardly stop them from continuing to do the same as these fines are a mere slap on the wrist when compared to the money they are making.
Instead, you should use encrypted and anonymous email services like CTemplar, which protect your email data from prying eyes.
A violation of privacy is any revelation or intrusion upon one’s privacy.
The main difference between privacy and confidentiality is that privacy protects the access to the person and confidentiality protects access to data.
Privacy is something you might (reasonably) expect in your own home, at the doctor’s during a medical examination, when using a public toilet, or online.
Confidentiality is something you expect when sharing information with your lawyer, doctor, or some other authorized person or entity.
Privacy is important, but with so many companies and the government infringing upon your privacy, especially online privacy, you need to know how to defend it.