Three Golden Privacy Tips For 2023
In the last three weeks, I joined the AI trend and discussed here at The Privacy Whisperer how AI tools can impact our online privacy. As it looks like we are currently experiencing a period of meaningful and irreversible changes in the digital sphere, today I discuss three golden privacy tips for 2023, which I hope can be useful and empowering to you and to people you know.
1- Social networks profit from your personal data and benefit from your oversharing. Be critical ("why am I posting this?") and focus on yourself
It's 2023, and we have been living with online social networks for almost 20 years. But it seems that many people are still not aware of what goes on behind digital curtains and remain stuck in the posting ❯ likes ❯ dopamine cycle.
Many people still spend hours scrolling social media feeds indefinitely and without any purpose, paying attention to endless posts, images, and videos that social networks' algorithms decide to show them; many join polarizing online fights which generate nothing but stress and frustration; many post details about themselves to audiences much larger then it would make sense in real life, unknowingly harming their own reputation; others practice sharenting, exposing their children to various types of privacy harms in exchange for online social validation (likes, comments, and shares).
Social networks were designed to stimulate our primitive instincts of belonging to a group and needing social validation. In this video from 2017, Sean Parker, Facebook's ex-president, told the audience that they intentionally created a product (and features) that exploit human vulnerabilities, making us share more to get the dopamine hit from the likes/comments/shares - the social validation. As I wrote a few months ago, TikTok took the dopamine cycle and engagement optimization to a more dangerous level, given that their core audience is so young.
I am not against social networks. I use Twitter and LinkedIn daily. What some people are missing is more awareness of why they are using them and sharing personal information online. Does it make sense to post this personal information? Maybe it's pure dopamine addiction, pushed by social networks for their own profit? Maybe oversharing and overconsuming social media content are making them feel worse about themselves? Maybe sharing less online would be more beneficial for them?
2- Don't underestimate the value of your personal data - for you and for those collecting it
When you share personal data, for example, when you fill up a form with your name, surname, email address, and country in order to access a PDF report from a consulting company, depending on the policies in place, your data can potentially be shared among various - sometimes hundreds - of third parties that you have no idea who they are.
Behind a seemingly harmless form presented by a consulting firm, there are various layers of business partnerships and transaction agreements in place, dealing with this very important asset which is your personal data. There are also increasing cases of data breaches, which can expose your personal data to malicious parties. There can be unexpected forms of profiling that could prevent you from accessing certain opportunities now or in the future, and you will have no idea that it is connected to that innocent-looking form that you casually completed in 2023 to get access to a "free" PDF report.
Even if you do not buy anything from a company, your personal data by itself can be turned into profit. In a digitalized world, where our offline identity gets more and more intertwined with our online selves, we should get used to applying similar levels of self-awareness, suspicion, and critical thinking when deciding how, when, and why we share information with organizations online.
Ten months ago, John Oliver launched this informative and accessible video on data brokers and some of the privacy harms that can happen as a consequence of sharing personal information online. It is a visually compelling approach to online privacy and potential harms, especially for less tech-savvy audiences.
3- Your smartphone is also your personal surveillance tool
I remember clearly the first time I saw a friend using a smartphone. I thought how useless it was, as it did the same things that a computer could do, but with a smaller screen. Why not wait to get home to read your emails? Why such a hurry to read emails or check your calendar while doing something else and having to type uncomfortably on that squeezed keyboard? What else would I need that smartphone for to justify such an amount of money? That was 2009.
Fast forward to 2023, if you have a smartphone, chances are you think it would be impossible to live conveniently without it. Calendar, email, maps, cloud files, photos, contact list, music, social media, games, digital wallet, and a myriad of apps for every possible task you may think of. The offline life migrated online through smartphones. But smartphones incorporate a certain architecture to provide you with these convenient apps and services, and it's a surveillance-based architecture.
To download and access apps, one has to give dozens of permissions = access to your personal data. Many of those permissions are not directly related to the provision of the core service, but they might offer additional data to advertisers and other business partners associated with the company providing the service. Personal data related to your GPS location, Wi-Fi/data network, access to your microphone, camera, biometric sensors, email, contact list, social networks, calendar, phone, and so on are up for grabs - hopefully with your "informed" consent.
By being accessed on a mobile device, these apps can frequently know your location and how you move around during the day. Additionally, defaults matter, and as people do not read privacy policies, privacy notices, or privacy pop-ups, whatever is set as a privacy-invasive default will remain so.
What you can do about it? Be mindful of the business model behind apps - there are companies behind them, and usually, the convenience will have a privacy price. Only download apps you trust and that you believe have reasonable and fair privacy and security practices.
It's 2023, so I started talking about AI, and I will finish talking about AI again. It seems that AI-based tools and services are being quickly incorporated into usual data-intensive services, such as search engines like Bing and Google. Hopefully, as I wrote in December, AI Regulation seems to be coming soon, at least in the EU, to help us have legally grounded avenues to curb privacy and other types of AI-derived harms.
Meanwhile, anything you posted publicly online until 2021 was likely used to train large language model-based tools such as ChatGPT. In practice, it means that the AI program, when prompted, can potentially tell things about you in a contextless and perhaps fantasized way, as I wrote two weeks ago. I have no tip for what to do in that case - only to optimistically wait for AI regulation to arrive.
💡 I would love to hear your opinion. I will share this article on Twitter and on LinkedIn, you are welcome to join the discussion there or send me a private message.
🔁 Trending on Social Media
1- AI bias. Interact with the Tweet here:
2- Sharenting and privacy harms. Interact with the LinkedIn post here:
📅 Our Upcoming Privacy Event: Women Advancing Privacy
640+ participants confirmed! February 23 - global & remote on LinkedIn Live. Register here.
📢 Live Online Course on Privacy-Enhancing Design: The Anti Dark Patterns Framework (April cohort)
In this 4-week-long live course with me, you will learn about dark patterns, how they affect user privacy, and what can be done to avoid them. By exploring examples and the latest reports, legislations, case studies, and fines, you will be able to understand the impact that product design choices have on privacy compliance, the regulatory background around it, and how to revert dark patterns in privacy into Privacy-Enhancing Design. This is a course made for tech professionals (especially product managers, designers, developers, and marketers), privacy & compliance professionals, and lawyers. Tomorrow at 3pm ET (8pm UK time), I will send via email more information on the program, schedule, benefits, and an early bird 20% discount. Sign up here to receive it tomorrow.
📌 Privacy & Data Protection Careers
We have gathered relevant links from large job search platforms and additional privacy jobs-related info on this Privacy Careers page. We suggest you bookmark it and check it periodically for new openings. Wishing you the best of luck!
✅ Before you go:
Did someone forward this article to you? Subscribe to The Privacy Whisperer and receive this weekly newsletter in your email.
For more privacy-related content, check out The Privacy Whisperer Podcast and my Twitter, LinkedIn & YouTube accounts.
At Implement Privacy, I offer specialized privacy courses to help you advance your career. I invite you to check them out and get in touch if you have any questions.
See you next week. All the best, Luiza Jarovsky