If you are like millions of other Americans, your “typical” day includes multiple Internet interactions. You probably check your email account, check in on social media—Facebook, Instagram or Twitter (or all three)—place an online order or two and research why your leg hurts at night or where you want to go on your next vacation. In the course of all those online exchanges, you have likely encountered a “Terms of Service” page—which you probably scrolled through hurriedly, so you could click on “Agree” and get on with your task. What you may not know is by checking “agree” on the Terms of Service Agreement, you essentially permitted your personal information to be tracked, mined, sold and otherwise distributed.
Your background, politics, what foods you eat, what pets you own, whether you have children, and even your “ethnic affinity” are all tracked with every interaction you have on the web. Retailers are notified when you “enter” their virtual store, what your income is, and how much time you are likely to spend shopping. If this does not alarm you, it should. Cryptographer and security technologists compare having our smartphones with us every waking hour to being outfitted with a tracking device. If the government told us we were required to notify our local police every time we made a new friend or mail them a copy of every bit of correspondence we engaged in, we would be outraged—yet we allow Google and Facebook to do just that.
Do We Really Care About Our Privacy?
Although most of us (three-quarters of those polled) say we care deeply about protecting our data, we continue giving that data away on a daily basis. So, what is the answer to this shocking lack of privacy we find ourselves in the middle of? If you think you should start reading those Terms of Service Agreements, it is probably too late. Researchers estimate it would take 76 hours a year to read all the user agreements we encounter, and if you balk and refuse to check “agree” on those user agreements you will probably be unable to access a tool you need to communicate, to work, or to navigate. In light of the recent data-sharing FB controversy, if you have decided it is time to take better online security precautions, cybersecurity experts say you are probably out of luck. In fact, the improper data harvesting by Cambridge Analytica is only the tip of the iceberg as far as how corporate data sharing affects our lives.
What Have We Lost?
The personal information we’ve “lost” through data sharing could include everything from our name and contact information to (for those who shop and bank online) our birthdate, social security number, names of our family members, bank account and credit card numbers. For those who routinely use social media, the data gleaned may not result in identity theft, or drain our bank account, but, in some ways, could be even more chilling.
Perhaps you are discussing your best friend’s recent Lasik eye surgery via email. You assume your conversation is private—just between the two of you. But pay attention—before you know it, you will begin seeing Lasik advertisements on your social media accounts. If you are like most of us, you probably will not even notice unless you are specifically looking for it, yet the same thing will happen whenever you click on an advertisement on FB.
Is It Really Too Late?
MONEY talked to cybersecurity experts, and almost without exception, they agreed that we have little or no power over our personal information, once it is in the hands of a third party. That being said, you should still attempt to follow best online practices such as using more complex passwords, and, when possible, two-factor authentication. Unfortunately, those sites which require security questions are not as secure as you might think.
Security researchers at Google found that with a single guess, a hacker has a 19.7 percent chance of getting the correct answer to a simple question like “What is your favorite food?” In only ten tries, a hacker has a 39 percent chance of guessing a Korean-speaking user’s answer to the question of “What is your city of birth?” If this makes you nervous—it should. While you might try switching to a search engine that does not collect your data, achieving total privacy online is probably next-to-impossible for the average person.