No Spies Under My Bed

Computer spy

Currently, the only truly effective way consumers can stop the collection of their personal data when shopping is not to use the internet, to be paid and to pay for everything in cash, and to hide their money in their mattress.

More seriously, most of us will continue to use web services despite privacy concerns. You can try to opt-out of marketing schemes or reconfigure your web browser to reject advances from sites that offer cookies or install spying applications. However, most such rejections will prevent you from trading on most e-commerce sites altogether. So, cookies will crumble, there’s no two ways about it if you want to shop online or use web 2.0 interactive sites. You can, of course, use software to delete those cookies as soon as you’re finished your interaction with the site and so gain a little privacy and prevent the sites tracking where you went after you left when you visit a second time. But, either way, they’re going to get lots of useful information while the cookie lasts.

There is no single solution to preventing the increasing erosion of personal privacy on the Web, says Madan Lal Bhasin of the Business School SungKyunKwan University in Seoul, South Korea. Writing in the latest issue of the International Journal of Internet Marketing and Advertising (2008, vol 4, pp 213-240) he describes how new e-commerce technology has increased the ability of online retailers and others to collect, monitor, target and sell personal information about their customers to third parties.

Countless companies across the globe are doing just that in ways that were not dreamed of before the advent of the Web. Moreover, the emergence of so-called social media web 2.0 sites, such as MySpace and Facebook has led to a new generation of privacy issues that go beyond those seen with conventional e-commerce websites.

As such, online consumer and web user privacy is becoming an ever keener focal point among cyber activists as well as among governments and regulators. That said, when it is the governments themselves losing and abusing the personal data of millions of taxpayers (see recent UK news), then the notion of any government protecting one’s privacy becomes absurd. Nevertheless, in the long-term, finding a balance between absolute personal privacy and the smooth operation of commerce and social sites in cyberspace poses a significant challenge.

Bhasin and colleagues point out that are grave dangers for corporations that collect and use personal information, ignoring privacy legislative and regulatory warning signs. Indeed, such abuse could prove to be very costly not only in terms of putative fines from regulators but also through loss of business among customers increasingly aware of their privacy rights. In the worst-case scenario it is not beyond the realms of possibility that a company abusing standard privacy etiquette to the extreme could collapse should word spread and users boycott the site or mount retaliatory attacks of their own against the company’s web servers. Regardless, many companies can and do repeatedly flout the complex rules and regulations that govern privacy in the US, Europe, and elsewhere.

Technology that protects consumer privacy must work without stifling e-commerce. It must somehow be foolproof and be entirely transparent to end-users. Unfortunately, no such technology yet achieves this. There are countless personal software products, such as anti-spyware programs, cookie cutters, anonymous proxies, and other solutions, such as Firefox plugins like NoScript (which blocks all scripting on a website) and AdBlockPlus (which blocks advertisements). These can reduce the chances of private data being sucked from an individual’s web browsing habits.

However, there are hundreds of such programs each with a slightly different purpose. The field is heavily fragmented and many users are not only unaware of these programs they are also generally unaware of the existence of spyware and cookies. An additional problem arises when novice users having heard rumour of spyware, download tools without taking advice. There are well-known legitimate tools available. There are many instances of malware surrogates of those tools that often rank higher in the search engine results pages and so are more prominent. Installation of such rogue programs can result in deeper privacy compromises than the user hoped to avert.

Similarly, software that encrypts, deletes history files or shields your computer from apparently benevolent, but potentially malicious, applications is available but many users are again unaware of the issues intrinsic to using cyberspace and so do not use such programs. Rogue versions of every kind of protective software exist to exploit the novice user.

Legitimate e-commerce and web 2.0 sites have transparent privacy policies. These sites and others may also use online seals of trustworthiness and browser certificates that demonstrate credibility. However, such statements and badges are only useful if the companies that display them adhere to the underlying principles. Any company could wear a badge of honour, and yet even large, well-known companies do not necessarily comply fully with their own privacy policies and they allow trust certificates to expire. something many users simply ignore without realising the implications.

“Unfortunately, there is no ‘single’ solution to stop the erosion of privacy in cyberspace – no single law that can be proposed or single technology that can be invented to stop the profilers and spies in their tracks,” Bhasin re-asserts. He concludes that, “The battle of privacy, of course, must be fought on three fronts – legal, political and technological – and each new assault must be vigilantly resisted as it occurs.” Whether or not individuals will ever have the weaponry to win the battle is a different matter, we can try, but I suspect the only truly private approach is that bundle of cash stuffed in your mattress.

4 thoughts on “No Spies Under My Bed”

  1. Fair point Ashlee. Of course, there is no intrinsic difference between social media sites and e-commerce sites, like you say, they are commercial concerns established to make their owners money. No one forces you to use them, but neither are you forced to use online e-commerce or billing systems either (at the moment, there may be exceptions already) but millions of us choose to put our trust in online banking, billing and buying.


  2. Why do we all act like we never chose to have our privacy invaded when we post our lives out on Facebook or a personal blog? Business is one thing; the ethics of privacy there are a separate matter but I don’t think lumping online social networking in with online business is the same. Online is the way business has gone and you have to follow it if you want to keep up and pay bills. But online social networking is just the latest cool thing to do. I’m pretty sure no one forces me to join My Space and post my whole personal life there. It’s just the latest cool, and really stupid and dangerous thing to do. Like smoking. So don’t do it.

  3. I think you’re probably right Robert. There are certainly strings of words one might include in a comment that would be instantly flagged by the “system” and maybe get you a little visit from the guys with the wingtips down on Pennsylvania Avenue.


  4. It seems to me that there never was all that much real privacy- it’s just a LOT easier to harvest information now. So I remember a couple of things. From a US Army lecture in the distant past, “The telephone is not secure” and, by extension, email and most other communications can be compromised. And H. L. Mencken wrote “Conscience is the little voice that tells you ‘Someone may be watching’.”
    That’s why I frequently put a little hello in to the Central Scrutinizer or the nosy old busybodies at Homeland Security. (That’s right, you guys. How’s it going?)

Comments are closed.

If you learned something from Sciencebase, enjoyed a song, snap, or the science, please consider leaving a tip to cover costs. The site no longer runs Google ads or similar systems, so your visit is untainted.