Is the Internet Destroying Privacy?

March 27, 2011— -- In an interview with TechCrunch last year, Facebook CEO Mark Zuckerberg said sharing private information online with the faceless masses had become a "social norm."

Interpretation: Privacy is a has-been luxury, a relic of a bygone, unwired era.

Today, oversharing has become typical of online social networking, with people publicizing real-time information of where they are (Foursquare, Gowalla) and what they're doing (Twitter, Facebook).

"It may be that social norms just haven't completely developed yet, but we end up revealing so much more than we likely would have without the Internet, and we reveal it to a much wider range of people," Lorrie Cranor, director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University.

Whether we're constantly updating our Facebooks and flickrs or not, we still leave behind a virtual breadcrumb trail anytime we hop online, thanks to data tracking software, cookies and web bugs that log what we search for, where we land and what we do once we get there.

"In a commercial setting, it used to be that if you go into a store, the store knows what you bought, and if you buy with credit cards they can tie it to your name, and if you pay cash they may not even know who you are," Cranor said. "But they didn't know all the things you took off the shelf, manipulated, put back on the shelf, thought about. On the Internet, they all have that."

Studies Show People Typically Ignore Privacy Policies

Due to that online dossier about your habits, likes and dislikes, sites can serve up advertisements targeted directly to you.

Sure, plenty of websites offer privacy policies that explain what they will and won't do with any personal information they collect from visitors, but Cranor's studies show that people typically ignore them and don't understand the legalese, anyway.

And simply seeing a privacy policy without reviewing what it actually says often provides a false sense of security to consumers who might assume that "privacy" inherently implies protection from third-party intrusion.

"They are plenty of privacy policies that say 'we collect whatever we want from you and we do whatever want with it.' And that's a privacy policy," Cranor said. "It's not a very protective privacy policy, but it is a privacy policy."

Web Industry Has Relied on Self-Regulation to Protect Consumers

There aren't any government policies in place to stop this type of data collection and tracking, either.

The web industry has relied on self-regulation to protect consumers' sensitive information, and research clearly indicates that it isn't exactly a watchdog about the issue.

When Ashkan Soltani, an online privacy research and consultant, analyzed "third-party tracking beacons" on 50 of the most-visited sites, they dumped an average 64 tracking technologies (i.e. cookies and web bugs) onto users' computers.

The Federal Trade Commission and Commerce Department have expressed concerns about the ubiquity of data tracking online and the threats it poses to privacy, and there are currently no legal policies stopping web sites' bloodhound tendencies ? though that might soon change.

On March 16, Soltani and others testified before the Senate Commerce Committee during its second hearing on online privacy issues.

Should Browsers Be Required to Offer 'Do Not Track' Option?

At the forefront of the debate is whether Internet browsers should be required to offer a "Do Not Track" option that users can easily opt-in. Developed by Mozilla Firefox, the consumer protection feature will be included in the upcoming release of Internet Explorer 9, Microsoft recently announced.

"This would be a simplified way for consumers to voice their preference of whether or not they want to be tracked," Soltani said, distinguishing it from previous data tracking blockers that users would have to seek out and install.

Despite the rampant tracking and data collection, neither Cranor at Carnegie Mellon or Soltani think the Internet has totally eroded the concept of personal privacy, like Mark Zuckerberg implied. Rather, online activity opens up more opportunities for potential privacy intrusions, and government policy is now slowly catching up to that reality.

"There's new technology, new risks, new implications for society and we might need to compensate," Soltani said. "And we don't want the legal system to be too reactionary or too overblown, and it's a good thing that laws move slowly because you never know other impacts of the law? But maybe it's time to discuss laws regarding normative societal concerns, such as [Internet] tracking."