I hear the argument all the time that if you aren’t doing anything wrong, you don’t have to worry about privacy. So is data privacy important? I’ll tell you why it is.
There was a very vocal element of society that was very anti-data privacy until 2021. Once the COVID vaccine was released, suddenly they became very concerned about their privacy. I hope that element of society learned some empathy from this. How they felt about their privacy is how the rest of us feel when it comes to large corporations tracking our every move.
Context is everything
I once had to make a Splunk dashboard to show when people were working. It was a major invasion of privacy, and I didn’t believe in the assignment, so I left the job soon afterward. There were a ton of problems with this dashboard.
The first problem was the gap s in activity. If the gap was a couple of minutes, people assumed it was coffee breaks. If the gap was 30 minutes, obviously that’s lunch. The gaps that were 5 to 10 minutes were problematic. Suffice it to say, I have no need nor right to know what was going on during those times. But we all had our own ideas.
Of course, some of those 5-minute gaps were work-related conversations. But we didn’t have the context to know which ones were which. All it did was reinforce existing beliefs about the person in question. If you thought the person was a hard worker, they used the bathroom once a day, and all the rest of those gaps were work-related conversations. If you didn’t think that person was a hard worker, every last one of those gaps was a trip to the bathroom.
Data without context is a dangerous thing.
I left that job soon afterward because I didn’t want my project to be the reason someone lost their job.
Other data without context
One reason I don’t want my auto insurance company tracking me is because of a little plaza near where I live. There’s a bakery / sandwich shop there that I like. There’s a really good Thai restaurant there. There is also an establishment you have to be 18 to enter. There’s also a dentist’s office. When my GPS coordinates place me at that plaza, which of those establishments am I visiting? The GPS coordinates of where I parked my car do not adequately answer that question. You can infer whichever conclusion best suits your purposes.
Of course, someone other than an auto insurance company can track my every move. My phone provider and the maker of my phone’s operating system know absolutely every place I go. Not only do they know which establishment I enter, they have a pretty good idea where I sat.
They have more data, so their inferences are less problematic. But they know things about me that I’ve forgotten myself.
And I have no control over who they are selling that information to and what any of them are doing with it.
Decisions about you
Some things are beyond your control. Your genetics would be one example. Data privacy about genetic information is extremely important. What if insurance companies could deny you coverage because your genetics predispose you to certain conditions? Don’t think insurance companies won’t do such a thing. They already make decisions about you based on things like your ZIP code. Insurance is all about pooling risk so we can protect ourselves against catastrophe. But insurance companies can and do load the dice by trying to predict things about you and charging different amounts of money based on those predictions.
The problem is where you draw the line. It’s one thing when those decisions are based on things you can control. The people who race motorcycles at high speed on the North-South drag through my town on Friday and Saturday night should pay more for insurance than I do because I don’t engage in that risky behavior. But should someone be able to deny me insurance because they decided I might be prone to develop, say, diabetes in the future? We all have a non-zero risk of that. That’s one reason we buy insurance. So that’s a tougher ethical question.
The data about us
It’s not just insurance companies and phone companies and operating system companies. The stores we shop at know a lot about us as well. And they infer lots of things from it. This also opens the door to certain conflicts of interest. For example, a certain large drugstore chain owns a large health insurance company. Your opinion of whether it would be okay to use that purchase information to make decisions about health coverage probably depends on which political party you belong to.
But suffice it to say, I’m careful about what I buy at that specific store, in case that information might ever be used against me.
Stores that sell a lot of different products will sometimes know things about us before we know them ourselves, based on observing the purchases of millions of other human beings. They may be able to infer if a woman is pregnant for example before she knows it herself. That could be a problem if they print a coupon for baby formula at the register.
So what can you do about your data privacy?
Data privacy is a big problem for the individual. If you want to participate in modern society, you are going to have terabytes of information gathered about you. You could forgo a phone and make all purchases in cash, but there are limits to being a digital hermit.
I have been known to shut my phone off sometimes, or just not take it with me. I will also sometimes go odd places just to throw people off my tracks. I will do that both in person and online. There is very little I can do to stop anyone from collecting information about me, but I can devalue that information, so I do try to do that.
Online, I use a VPN sometimes (not always), and use Firefox because it can run social media sites in a sandbox to keep them from tracking you on other sites.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.
2 thoughts on “Is data privacy important?”
I think the ship has sailed on this – We have now moved into a different society, which Orwell predicted but he didn’t conceive that it would be corporations doing it not governments. The world we have now has two kinds of privacy – the old kind which we still think we have (what is ours is ours) , and the privacy granted to us by the tech companies – which means that what is ours is theirs(*)’.
(*) and “specially selected partner companies” … or whatever that language is
I can only recomend to everyone to liste to Shoshana Zuboff on this topic.
Comments are closed.