In a 2012 email regarding Facebook’s data-sharing arrangements with third-party app developers, Mark Zuckerberg wrote, “I think we leak info to developers but I just can’t think of any instances where that data has leaked from developer to developer and caused a real issue for us.” Zuckerberg would testify before Congress six years later after a whistleblower drew attention to one of the largest data breaches in the company’s history.

The resulting investigation confirmed that consulting firm Cambridge Analytica had harvested 50 million Facebook profiles to create a “psychological warfare tool” and—allegedly—influence the outcome of the 2016 U.S. presidential election and the Brexit vote. The Cambridge Analytica scandal raised awareness of data protection and cybersecurity, and for many, the idea that their personal data is a valuable, vulnerable commodity became a new and alarming concept.

What’s the currency of the digital age? Your personal data. Every uploaded cat photo, late-night pizza order, and liked YouTube video is fodder for tech companies and data brokers. What’s your data being used for? And what privacy are you—and your company—entitled to in the digital age? Let’s find out.

The Currency of the Digital Age

Medical records, banking details, and social security numbers are the most sensitive information stored online, but they’re not what the biggest tech companies are after. Rather, it’s social media posts, search-engine queries, and location data—information given without hesitation and, as is often the case, without a person’s knowledge—that have become the most lucrative virtual commodities. A survey conducted by Deloitte found that 91% of people consent to terms of service agreements without reading them. Given how densely written they can be, who would? Yet they’re what gives companies carte blanche to collect, analyze, and sell your data.

What do users get for the monetization of their personal data? Convenience. Google offers many of its core products, including Google Search, Google Maps, Gmail, and YouTube, at no cost. In exchange, Google curates a data profile of every Google account holder. (Click here to find out what Google knows about you.) This may seem like a Faustian bargain, but it’s not all bad. User data allows companies like Google improve and personalize their products and services, while customers gain access to free or discounted apps, websites, and wireless networks. The problem comes when people are bombarded with targeted ad campaigns, shown “dynamic pricing” based on their location or income, or have their private information stolen in a data breach.

Sold to the Highest Bidder

Tech companies, at the very least, offer something in exchange for amassing personal data. Data brokers have no such inclination. Collecting most of their data from public records, including court, bankruptcy, property, and motor vehicle records, data brokers categorize people based on their age, ethnicity, interests, etc. and sell their information to the highest bidder—perfectly legal.

Financial Information Brokers

Data brokers that dabble in financial information help companies verify identities and detect fraud. This wouldn’t be a problem if public records weren’t sometimes wrong or out of date, but so what? That’s of little consequence to the players in this $200 billion industry.

Marketing and Advertising Brokers

These brokers sell personal information that enable companies to offer deals and discounts that align with their consumers’ interests. There is the chance for misuse, however. Take, for instance, an insurance company raising premiums because it deems a person’s search history indicative of risky behavior.

People Search Sites

For little to no cost, an individual can visit a people search site and access someone else’s personal information. While these sites can be used to track down old friends or long, lost relatives, they are just as likely to facilitate doxing, stalking, or identity theft.

The Right to Privacy

Most Americans believe they have little to no control over how their data is collected or used by companies or their government. Who can blame them? There is no singular law in the U.S. that covers all types of data, and the patchwork of federal and state laws leave companies more or less unregulated. Throughout most of the country, companies are under no obligation to notify users when their data is collected, breached, or sold to third parties. Privacy scandals like Cambridge Analytica remind us of that personal data is a currency unlike any other, creating both personalized experiences and sizeable risks. Yet as out of control as data collection may seem, it’s important to remember that privacy isn’t a luxury: It’s a basic human right.

Protecting Data on All Fronts

Personal information shared online is fair game for any number of entities. However, the responsibility for protecting proprietary information remains in the hands of corporations, which is why so many are prioritizing data protection and cybersecurity. By taking a multilateral approach, companies can prevent data breaches, mitigate emerging threats, and remain compliant with state and federal laws. Data breaches can come from anywhere within an organization, and corporate culture is vital for safeguarding data. Still, it doesn’t hurt have a team player with in-depth knowledge of cybersecurity.

The University of Texas Permian Basin offers a 100% online Graduate Cyber Security Certificate designed to prepare professionals for advanced cybersecurity roles. Throughout our program, you’ll learn to identify security breaches, analyze security vulnerabilities, and design classical encryption techniques. Naturally, our cybersecurity program caters to the technologically savvy, and you can leverage our innovative, entirely online format to maximize your time and professional returns. Complete coursework on your own time, at your own pace. Courses can be taken in any order you choose, and all 12 credit hours can be applied to UT Permian Basin’s master’s degree in computer science.

Become a protector of personal and proprietary information. Apply to UT Permian Basin’s 100% online Graduate Cyber Security Certificate program to prepare for your future in cybersecurity.

Sources:
https://www.wired.com/story/cambridge-analytica-facebook-privacy-awakening/
https://www.wired.com/story/wired-guide-personal-data-collection/
https://www.avg.com/en/signal/online-tracking
https://www.vice.com/en/article/bjpx3w/what-are-data-brokers-and-how-to-stop-my-private-data-collection
https://www.nytimes.com/wirecutter/blog/state-of-privacy-laws-in-us/
https://www.forbes.com/sites/theyec/2020/11/25/why-data-protection-and-cybersecurity-cant-be-separate-functions/?sh=2abe464e17cc