Here's What Happens When You Give Companies Access to Your Data Online
Have you tried using an online service (regardless of whether it's paid or not) without registering an account first? Years ago, this was possible, but in this day and age, it's almost unheard of. Every day, websites and online apps of all shapes and sizes ask us to create accounts, and of those who don't, quite a few try to get us to use our social media profiles. But why don't they just let us use the service without being signed in?
It is true that using some websites and applications without an account would be a nightmare, but far too often, online services have another reason for making us create profiles on their platforms. Personal accounts hold personal data, and personal data can be very valuable.
What do online services do with our data?
It's one of the 21st century's strange paradoxes. We give our personal information away day in, day out. We create new accounts and connect existing ones without so much as batting an eyelid, and online services amass more and more information about who we are, what we like, and where we go on a daily basis. This type of data collection is one of the things that has shaped the current online landscape, and without it, our existence on the internet would be next to impossible. And yet, if you ask people what they think about it, many would say that this sort of mass gathering of information is a bad thing and has gone way out of control. This is not entirely true.
Giving our personal data to online service providers can sometimes keep us safe. With it, applications can ensure that we are who we say we are and that nobody interferes with our accounts. What's more, our personal data can improve our overall experience because it helps providers show us content we might actually like and connect us with people we know or would be happy to meet. This makes using the services more enjoyable, but we have to be aware of how much tech companies know about us and what they're doing with our information.
How tech companies gather personal information
Unfortunately, it's not just about the data you put in the registration form. Thanks in part to the Internet of Things (IoT), tech giants have a number of different ways of learning where we are, what we're doing, what we're interested in, and all manner of other details about our personal lives. For the most part, these data collection mechanisms are detailed in the legalese that comes with every single online service, but people don't know about them, and when they do learn what's going on, they tend to be quite upset.
As we've mentioned in the past, reading through the privacy policies of every single one of the online services and applications you're using is not really possible. Skimming through them and bearing in mind that companies will try to collect your data in a variety of new and interesting ways is very important, though. Unfortunately, after they get it, it might end up in the wrong hands.
When service providers fail to protect our data
The mountains of data found in misconfigured Amazon S3 buckets, ElasticSearch and MongoDB databases show that improper data storage is by far the biggest reason for the huge number of data breaches nowadays. This sort of exposure happens every day, and although the mistakes are fairly simple on the face of it, they're made by both big and small companies.
Hoping that you won't be affected by a data leak of similar nature would amount to little more than wishful thinking. Hoping that responsible security researchers get to the misconfigured servers before the cybercriminals is a bit more realistic.
When service providers monetize our data
We mentioned already that personal data is a valuable commodity, and you probably won't be surprised to hear that some people are willing to pay a pretty penny for it. The fact of the matter is, some service providers will sell our personal data to advertisers and marketing companies, and they won't necessarily ask us if we're okay with this.
The consequences range from annoying cold calls to potential identity theft, and security experts advise that to minimize the risk, users should limit the number of online companies and service providers they deal with and stick to the ones they know and trust.
When the government knocks on the door
Government agencies the world over contact tech companies and request the personal information of users. It's a fact of life that you probably haven't paid that much attention to so far, but it's true. In fact, a couple of months ago, tutorial website AddictiveTips.com tried to analyze some of the trends. Its reporters went through a few transparency reports published by some of Silicon Valley's most recognizable names, and they discovered that the number of information requests went up from under 30 thousand in 2010 to more than 380 thousand in 2017. New data privacy laws did buck the trend a bit in 2018, but overall, the numbers are pretty significant.
Needless to say, not every request is granted. Facebook, which received the largest number of requests from government agencies, agreed to give away personal information in 74% of the cases. Apple and Snapchat received far fewer requests, but they granted about 80% of them, and Google agreed to share information with governments 66% of the times. When it comes to sharing personal information with government agencies, Airbnb and LinkedIn (which granted 34% and 43% of the requests, respectively) are the most reluctant services. American users will probably be interested to learn that the US Government is responsible for by far the largest number of requests.
Many users tend to think that the privacy of their personal information isn't very important because nobody is that interested in it. They assume that tech companies, criminals, and government agencies would be more willing to get their hands on the data of specific, high-profile users rather than the average Joe and Joanne. The continuous stream of security incidents, the barrage of personalized ads, and the government requests AddictiveTips.com talked about clearly show that this is not the case.