Understanding New Media
Professor Strate
February 27, 2010
Internet Privacy
Internet privacy is a concern to users globally, but the concept of internet privacy has yet to be clearly defined. There is no definite understanding as to what internet privacy is, and if it really even exists under any context. The purpose of this paper is to discuss some of the definitions and conceptualizations of “privacy” in the age of the internet, and some historical back ground as to what privacy has meant to the individual in light of new technology in the past. Threats to privacy and personal information that is processed over the internet will be explored, such as the implications of computing power, technological developments, connectedness, as well as governmental and non governmental surveillance issues. Some programs and websites that appear to invade privacy will be discussed as well as the effects of internet viruses. Security protection programs and a closer look at how personal information is collected and used for marketing purposes will also be discussed.
The idea of privacy originated in the late 19th century, when Warren and Brandeis in 1890 co-authored a famous article entitled “Right to Privacy,” defining privacy as “the right to be let alone” (Woo, 5). After the increase of print technology, new affordable texts such as the Penny Press allowed individuals to read information in their own homes for the first time. This provoked individualism within society, with a new value of private property, and privacy as a “social value being able to read a book in your own private home” (Woo, 6). Privacy began to be viewed as a power against authority, and a means to balance social control from others; information becoming a source of privacy. The birth of the printing press and the affordability of the news fueled mass media. Soon, technology developments, as author Louis Brandeis discussed in his article regarding the effects the then new camera was having on the individual’s privacy, enabled the mass media to produce pictures and print private information on citizens, making it public (Waldo, 88). This increased the importance of privacy in the individual, and also shaped it as “the people’s right to be free from the government and mass media intruding into their lives (Woo, 6).
It’s important to remember that media is always growing, and new media always succeeds an old media that once was new. The printing press, photography, and the telephone, have always questioned the ability to maintain an individual’s privacy.
Today, the computer age has posed new threats. Since its birth in the 1980s, the internet as a new mass media is still dealing with the issue of privacy, and it is becoming an ever growing problem the more it is being relied, used, and integrated into the modern world. The National Research Council established the Committee on Privacy in the Information Age, who identified four key factors of privacy in the modern age. The first was the areas of concern associated with new technologies and the individual’s personal information. Next were the technical and sociological effects of technology, ranging from the collection devices and methodologies that put personal information at risk. These include storage, communication, and the user’s voluntary and involuntary sharing of information. Next was to asses the developments in government and private sector practices with the growth of technology and last to examine advertising aspects of information sharing (Waldo, 20).
As technology develops, so does the computational power. Today, the amount of storage space that is available is ten-fold to what it was in the last decade, allowing there to be traces of data left from nearly any action that users take while using a computing device (Waldo, 92). The more power, the more data can be stored for purposes the information was not originally intended for, such as advertising. Additionally, the massive amounts of storage space leave enough room that files may not even need to be erased, but can be compressed and uncompressed, making information nearly impossible to destroy once it has been produced. Even on a home disc drive, it is possible to recreate deleted files, and restore erased data. This ability to never really destroy stored information and processes questions how private a digital aged archiving system is (Waldo, 93).
Yet, storage doesn’t just have to be looked at from a computing power angel either. Today it is easier than ever to take and store pictures and video on cell phone and music devices than it was. And with this it makes it easier for there to be an invasion of ones privacy if you have the ability to record, store, and transfer private acts on a device. But cell phone computing power poses new issues of privacy such as GPS, calling and message records that are solicited for purchase on the internet, from companies that fraudulently obtain user data over the internet (CNET). Such abilities to buy cell phone records make it easy for any individual to threaten and stalk another.
In addition, the connectedness that the internet has enveloped has now made it easier to access information that was previously only obtainable physically. Now it is possible to track credit history, real estate transactions, and public records over the internet (Waldo, 99). Overall one would argue that this eases the invasion of ones privacy by making it easier to obtain documents on an individual that might normally have taken more time, effort, or required a legal reason. But there are also benefits to the connectivity that straddles the privacy line. Such websites like Family Watch Dog (http://familywatchdog.us/) enable anyone in the United States to look up and discover where registered sex offenders live, what crimes they were prosecuted for, and any additional offenses they have made in addition to their photographs and detailed descriptions of the individuals.
The website
However, the Family Watch Dog website also makes it possible to search email addresses and uncover personal photos that have been on websites and video from any individual with a working email address. The website, Spokeo.com, searches through social networking sites to reveal personal details on individuals by use of their email address. The service offers for free the individuals name, age, sex, location, pictures, and networking information if found. There is also an option to pay to allow the service to offer more data that is linked to the individuals email address, such as blog posts or anything published on an online networking site. Many websites like these exist, such as 123.people.com supported by Intelius that allows you to do background checks on individuals using their paid service. It also offers free searches that allowed you to view the town and state the individual lives. For a fee of a dollar you can find out DOB, address, telephone number, address history, average income, and value of an individuals home. Intelius is a public record database, and their privacy policy states that all the information they collect is either of public record, or is personal information that was made commercially available. The Intelius privacy policy states,
Publicly available information consists of online and offline information that
is generally available but is not maintained by a government agency, such as
names, addresses and telephone numbers of individuals and businesses,
professional licensing and trade organization information, press releases and
newspaper articles and content from blogs or social networking sites. Commercial
records consist of information that is maintained by enterprises and is
available for purchase, such as marketing and telemarketing lists, phone connect
and disconnect information, and business profile data (Intelius, Privacy
Policy).
These websites exist and are a testament to the fragility of personal information and privacy in cyberspace. What’s even more important to note is that many users of the internet are unaware of these websites and what they are capable of uncovering.
The growth of technology has also allowed surveillance easier access, speed and a wider scope. Surveillance is defined as the collection and processing of personal data, whether it is identifiable or not for purposes of influencing or managing those whose data have been garnered. The surveillance becomes broader and more prevalent, but harder to identify as the technology advances. Private and corporate agencies are using increasing technological capabilities to build knowledge about consumer behavior for commercial purposes and citizen behaviors to detect crime (Dinev, 214). Cybercrime defense began in 2002 by the FBI who declared cybercrime their third top priority, and began internet surveillance of vendor and online service providers (Dinev. 215). Other laws such as the Patriot Act make the government’s surveillance legal and legitimate, with the government having the ability to tap into phone conversation without a warrant (Lee, 2003). This also allows room for government seizure of internet history from search engine providers such as Google, who refused to turn over data from their repositories after the Bush Administration in 2006 issued a subpoena, fearing it would be an invasion of its user’s identity and privacy (PBS). Other search engine powerhouses such as Yahoo and AOL turned over data, but did not fully comply with the government’s requests.
The government’s access to new technology in the internet age has given them the ability to watch dog users, and look for suspicious behavior, as opposed to having probable cause then observing for suspicious behavior. The technology removes the first step of probability, and instead just observes for out of the ordinary behavior, putting every user under the scope of surveillance (Waldo, 256). As well as surveillance, the government has control over censorship of internet materials. For example, China is one of the most policed countries in the entire world, and in 2006 Google agreed to censor search results from its search engine to meet Chinese government standards in order to enter the largest internet market in the world (BBC). Four years later, Google announced on January 12, 2010 that they would no longer comply with the Chinese restrictions of their services (Business Week). But it took Google several years of backlash from the Chinese government, people of China, and activist groups before the company buckled and refused to comply with the censorship. Another reason why Google may have finally went against the Chinese government was because they only had 35.6 of the Chinese internet market, where as BIDU was the leader by a substantial amount. Was Google finally making a statement of the right to information and privacy of the Chinese people, or was there not enough money involved to make it worth censoring China?
Despite government and nongovernmental surveillance, another main concern and aspect of internet privacy is the collection and use of personal information. A major threat to a user of the internet would be marketing practices. A users understanding of privacy strategies also hinders the ability for there to be effective tools to protect information being distributed over the internet. There are several practices that are performed by websites that have to deal with the dissemination of personal information.
Internet cookies, which are data that is sent between the website and the web browser, contain tracking information of a user’s internet history; what websites are visited, for when, how long, and what they are looking at. Mobile phone numbers, and those shopper loyalty cards (those CVS, Shoprite cards) are also used, much to people’s surprises, for marketing purposes (Zero Knowledge, 1). These sources and cookies help collect information and store them in databases that log the activities, movements and purchases online of a user. This information is used for advertising purposes, and the “knowledge guiding the treatment of the individual” (Zero Knowledge, 1). Websites are serving as surveillance for advertisers, tracking internet behavior in order to classify them into certain groups for advertising purposes. An example would be the practices in which the Wall Street Journal uses internet cookies. WSJ has eight categories it uses cookies to track its users into, and then feeds this information to advertisers who use ads to target a user’s particular interest, like business or travel.
Personal information is also used by social networking sites that benefit from advertising to generate revenues. So do websites that request information in exchanges for services. Let’s examine two of the most visited websites who fit this description according to the web information company Alexa: Facebook and Google. Facebook has a unique advertising platform that it established in 2009 in order to generate increased revenue after it anchored itself as the leader in the social networking market. Facebook advertises to potential clients that their site enables a business to display their ad to the exact demographic that they need in order to generate the most business. Directly from the Facebook website, they use an example of a wedding photographer who was able to use Facebook ads to have their ad displayed on the pages of 25-30 year old, recently engaged women.
"Over 12 months, CM Photographics generated nearly $40,000 in revenue
directly from a $600 advertising investment on Facebook. Of the Facebook
users
who were directed to CM Photographics’ website from the ads, 60%
became
qualified leads and actively expressed interest in more information."
(Facebook Ad Page)
The question now is, how does Facebook collect this information on its users? On their privacy page, Facebook states their privacy policy, and states how basic information that the user provides in exchange for the Facebook service are used for advertising purposes in order “to serve personalized advertising to you” (Facebook Privacy Page). Facebook has an intricate privacy policy that addresses every possible issue related to the user’s information.
The next site to examine is Google and its privacy policies and pages. Their privacy center claims that it has 5 privacy principles to describe how Google “approaches privacy and user information across all out products” (Google). Their five principles are as follows:
1. Use information to provide our users with valuable products and services.
2. Develop products that reflect strong privacy standards and practices.
3. Make the collection of personal information transparent.
4. Give
users meaningful choices to protect their privacy.
5. Be a responsible
steward of the information we hold.
The page also has videos describing Google’s privacy standards, and there is a privacy page for each of Google’s products. Google also lists how they collect user information and how it is used. The first is information that the user provides in exchange for services. They also use cookies, log information, various user communications, affiliated Google Services on other sites, Gadgets, location data, and links that are formatted to track the users use of them. Google also includes a note that their privacy policy is for Google services only, and does not translate to search results that are clicked and selected from Google’s search engine. They also note that they process personal information for the use of:
• Providing our services, including the display of customized content and
advertising;
• Auditing, research and analysis in order to maintain, protect
and improve our services;
• Ensuring the technical functioning of our
network;
• Protecting the rights or property of Google or our users; and
• Developing new services. (Google)
It is important to note that information that can be gathered and stored with speed also can be analyzed, changing the economics of what it is possible to do with information technology. Hardware, hardware connections over networks, advances in software to extract data info, organizations and companies that sell/offer information they have gathered themselves can organize and analyze information without the user even knowing it, any time they use the internet (Waldo, 93). The Federal Trade Commission five core principles of fair information practices: Notice, choice, access, security, and enforcement. But how often is a consumer aware that their information is being collected and used?
Other technologies called “Data Gathering Technologies” that are on the rise are GPS devices and cell phones that are emergency 911 capable. Sensors, infrared and thermal detectors, radio-frequency identification tags, spy and remote cameras, and traffic flow sensors are among many new technologies that invade personal privacy that have been embedded into normal every day life (Waldo, 94). Certain cell phone and GPS enabled devices are able to trace an exact location that the user is at any given moment in time, and are sometimes marketed for parents being able to trace their children. There are even mobile applications and services from Google that allowed a user to see other users on a map, and know if they are at work, school, or at home. Users consent to using these devices, but how do you know if you are being tracked or not when using a phone? What kind of surveillance is united with all of this technology, and what price is privacy paying?
An example of GPS technology invading privacy is the “Guardian Angel Locator” cell phone company. It allows parents to view their child’s exact location by tracking it via GPS embedded software and viewing a map on a computer. The site says that it uses GPS technology to send data over the cell phone provider’s network to their secure servers. Satellite views of maps make it possible for a parent to track a child’s exact movements, and even speed and direction of a vehicle they may be in. It also stores locations that the child has been in for up to a month. Services like this exist within cell phone providers, who in emergency situations can track where the user of the cell phone is.
Below is a link to a promotion video from the Guardian Angel website, that shows how the technology works.
http://www.guardianangeltech.com/video_flash.php
This is a picture from the website of how the monitoring system works via the internet.
As for pervasive sensors and remote cameras, they are becoming a normal part of ordinary life. In the UK, CCTV (close circuit television) has become a complete norm- with millions of cameras located all over the country and cities, as they are used to reduce crime. According to the BBC, the average citizen in the UK is on CCTV cameras 300 times a day, and that was a record from 2002. The smaller these devices become, the less they are noticed by citizens.
Some other examples of technology that exists, but is often not though upon, are advances in software such as the programs used by banks that monitor and check credit card purchases. These programs, referred to as “data mining and information fusion” assist understanding user behavior. It is not uncommon for a person’s credit card to be denied, or suspended if “suspicious” use is sensed by a program. For example, someone one who travels to another credit card may be denied it’s usage in another country if they do not alert the credit card company (Waldo, 96).This programs are designed to track the consumers’ behavior and be able to identify any uncharacteristic purchases. But is this invasion of privacy or protection? What if a consumer is denied usage of their credit card in an emergent situation? The problem with this technology is that the software believes it knows your behavior, but sometimes can become a bigger problem for the user.
These “data mining and information fusion” programs are also used for government agencies, whether it is to track potential terrorist threats, or to reveal someone’s identity based on a name and color of a vehicle. These programs create a system that allowed the exchange and transfer of information over incredibly broad fields, sometimes facilitating behaviors that are not in the interest of protecting a user, but abusive such as target marketing. The technology is making it easier to classify and group users into categories that can be used for advertising, or manipulative services (Waldo, 97). And because most of these programs are operated over massive networks, they are easily accessible, and there is allowance for massive storage on sever bases anywhere in the world.
Another simple example of GSP technology is when you sign into an internet service provider from a Starbucks coffee shop. In order to use that service you need to give personal information and create an account in order to access the internet. From there, once you log in, the system shows you where your location is (the Starbucks store you are in). For all intents and purposes, if you have supplied a real name and personal information, this internet provider now knows exactly where you are.
But for all that threats privacy, there are companies that privately own and operate the internet. VeriSign is one of those companies, founded in 1995 by Jim Bidzos, present Executive Chairman and current President and CEO Mark McLaughlin. VeriSign manages two of the world’s 13 internet root servers and is considered national IT assets by the U.S. Federal government, and generated 1.026 billion dollars in revenue. VeriSign quotes itself as “the trusted provider of Internet infrastructure services for the networked world.” It protects more than one million Web servers with digital certificates, protecting the majority of secure Websites on the internet, including 93% of Fortune 500 sites.
VeriSign is the company that issues SSL certificates that legitimizes the companies name and website, providing them with a secure connection. How SSL Certificate works is it establishes a private communication channel which enables encryption of data during the transmission. Any website that is SSL certified will have a little handshake or padlock during transmission. Any website with a log in feature, an online store that accepts online orders and credit cards, and if you process sensitive private data (addresses, phone numbers, etc). VeriSign gives users a real sense for privacy, and protection. VeriSign also is the SSL Certificate and provider of choice for 96 of the world’s 100 largest banks. An SSL certificate allows the user to know that the site is real, and any information they share is secure.
But how many users of the internet know that these systems of protection exist, and how to look at the indicators that a site may not be legitimate? Despite all of the private sector and governmental protection, threats still lie to the uneducated internet user. There are still programs out there that intend to do harm, at a PC level, such as the more recent phenomenon of “phishing.” Phishing is when a spammer lures a user into clicking a malicious link where they will ask for their log in information to proceed to the next site. It’s called “phishing” because the user is tricked into clicking a link that appears to be a real message, and when the user clicks on a malicious link, the website appears to be identical to the true website.
Recently in the news, Twitter was invaded with phishing links that were able to trick several important people into getting their information, including UK’s Secretary for Energy and Climate Change, and subsidiary of HSBS Bank. Once they clicked these malicious links, they were prompted for login information that appeared to be legit. Their Twitter accounts then proceeded to spam porn links. Although none of this situations happened to be too detrimental, it just can example of the privacy issues that are facing us today. Newer versions of Windows no have built in Phishing detectors that warn the internet users the possibility that the site may be “phished”, and ways of detecting if it is.
In addition, there is also the threat of spyware, spam clients, malware, and the fear of cybercrime that put the users’ privacy at risk. Spyware is malware that collects small portions of a user’s information without their knowledge, hidden within software files that may have been downloaded onto the computer buried within a system. Certain types of spyware that has been prevalent have been programs that are disguised as trusted anti-virus programs, but are really spyware. Spyware is on the list of concerns by the US Federal Trade Commission. In 2005 AOL and the National Cyber-Security Alliance conducted a study that revealed that 61% of those surveyed had spyware on their computers. Of 61%, 92% of those said they did not even know it was on their computer (Stay Safe Online.org).
Anti-virus programs such as Norton and McAfee , Kaspersky, F-Secure, and Bit-Defender are additional, and often necessary programs installed to prevent a computer from being infected. Users can subscribe to these services, with the top providers being based on monthly or yearly fees. These anti-virus programs now provide the user with a protective armor; one of which they are willing to pay. Free anti-virus programs exist, but often times do not have the detection capabilities that paid programs do. This software is able to detect threats to your internet usage, and protect email, web activity, instant messaging, and file sharing (Symantec).
Cybercrime most recently has come in the form of malware, bots, phishing, and Trojan horses and is aimed at stealing personal information for profits. Cybercrime comes in the form of identity theft, ways of accessing bank account information, or credit card numbers to make purchases online, or drain bank accounts. Today, this is the biggest form that Cybercrime has taken. Again, the question can be asked as to how private is personal information on the web, and is it possible to completely keep every aspect of one’s cyber life private, even with the use of security services. After examining many of the technological developments, it seems that privacy may never truly be able to exist in a digital world.
It is conclusive to say that privacy in the internet age is constantly being threatened. Although protective services are available to a user such as Anti-Virus software and companies like VeriSign, there are still a number of other implications that arise from new technology, such as viruses, malware, spyware, surveillance, and phishing. In addition to software threats, there are company threats that exist just to sell personal information, such as Itelius and Spokeo.com. Computing power now makes it almost impossible to destroy data that has been produced, and allows the ease of collection of mass data from “data gathering technologies”. Even though websites and companies have privacy policies and post them, how many internet users are aware of what their information is being used for? The internet is still shaping and growing even today, but privacy is crucial issue that still remains to be solved.
Works Cited
Dinev, Tamara. Hart, Paul. Mullen R., Michael. Internet privacy concerns and beliefs about government surveillance – An empirical investigation. Science Direct, 2007.
Hong, Traci. McLaughlin, Margaret. Pryor, Larry Internet Privacy: Practices of Media Outlets.Conference Papers -- International Communication Association; 2003 Annual Meeting, San Diego, CA, p1-24, 24p, 2 charts, 5 graphs
Krup, Nathalie. Movius, Lauren. US and EU Internet Privacy Protection Regimes: Regulatory Spillover in the Travel Industry--Top Student Paper, Communication Law and Policy Division. Conference Papers -- International Communication Association; 2006 Annual Meeting, p1-28, 27p. Conference paper
Phillips, David. Zero Knowledge: Articulating Internet Privacy. Conference Papers -- International Communication Association; 2006 Annual Meeting, p1-24, 24p. Conference Paper
Zwarun, Lara. Yao, Mike Intrusion, Threats, Rights, and Strategies: Using Multidimensional Scaling to Identify People's Perception of Internet Privacy.
Conference Papers -- International Communication Association; 2007 Annual Meeting, p1-21, 21p.Conference Paper
Woo, Jisuk "Internet Privacy and the “Right Not To Be Identified”.
Conference Papers -- International Communication Association; 2005 Annual Meeting, New York, NY, p1-40, 41p.Conference Paper
Waldo, James. Lin, Herbert Millett, Lynette I..
Engaging Privacy and Information Technology in a Digital Age. National Academies Press, 2007.
Google Privacy: http://www.google.com/intl/en/privacypolicy.html
Facebook Privacy: http://www.facebook.com/policy.php?ref=pf
PBS Online News Hour: http://www.pbs.org/newshour/bb/cyberspace/jan-june06/google_1-20.html
http://www.staysafeonline.org/pdf/safety_study_2005.pdf
BBC
http://news.bbc.co.uk/2/hi/uk_news/2071496.stm
http://news.bbc.co.uk/2/hi/technology/4645596.stm
Guardian Angel Technologies: http://www.guardianangeltech.com/
Intelius: https://www.intelius.com/privacy.php
Business Week:
http://www.businessweek.com/globalbiz/content/jan2010/gb20100113_124533.htm?chan=rss_topStories_ssi_5
Semantic Anti-Virus: http://www.symantec.com/norton/security_response/index.jsp
Family Watch Dog
Familywatchdog.us
Posts
