The internet was created to function as a network for a flow of information. After all the years since its creation, it has developed and evolved greatly into such a powerful tool that a majority of us today, are using it on a daily basis. One of the greatest advantages about the use of the internet is electronic commerce, the activity of buying and selling online. We can search through thousands of stores on the web and purchase what we want without having to be present at a certain place. Though it is great and extremely convenient for us, there is one thing that we are not aware of and that is our privacy.
We put in a lot of our information on the internet more than we know of it and the unsettling thing about it, is the collection of that information and how it's being used. E-commerce thrives off data from individuals and the way it's done is business owners would exploit user's data, our data, and privacy to expand their own businesses. Tension and issues arise between e-commerce and privacy. Our data is constantly being collected, shared to, and used by companies without our knowledge since it's all happening on the backside of the internet where they have all these algorithms to perform their actions.
Third-party cookies are the worrisome cookies that can track web surfing habits. They track our behavior on the web whether it's what websites we go on, how much time we spend on those websites, see our interests are, etc. They spy on our every action on the internet and track us from site to site, gathering data from us. Using this information, advertisers are able to generate ads relating to your interests or sites you often go on. For example, we can see this if we let's say visit a site about kitchenware. If we go to another site, there is a high possibility where there will be ads related to kitchenware.
Marketers buy advertising rights on thousands of popular websites in order to collect the information through cookies. With the knowledge of our preferences, the sites we frequently visit, and or the purchases me make, they can widen their customer base to maximize their business to its full potential. They can advertise themselves in other websites we visit that aren't even related to themselves hoping to lure us back in the site or to make us purchase similar items. When people click on these ads, it feeds them even more information about it thus having their advertisements would pop up more frequently.
The placement of ads and promotions on social media has become more common than ever due to more people going on social media every day. Cookies and algorithms are constantly being used to track your information such as mentioned before, see where you are from, what your interests are and what type of content you often look at. In doing so, they can generate certain groups containing certain posts based on that data such as current popular trends. Popular trends are based on the amount of comments, shares and likes from people and if enough people do either of those things, you will most likely see them. Businesses can take advantage of this and use to generate ads related to whatever is trending and most like by customers to promote themselves. The more users that are targeted, the higher the chance of purchases will be made.
The main use of the information being collected by companies is to profile us and then selling it. These companies are known as data brokers. By tracking our activity on the internet, they start to build a profile of who we are, where we are from and what our interests are. The information obtained by data brokers aren't just limited to what we do online. They able to obtain it in a large number of sources such as government and public records, social media, self-reported information from consumers, other companies that provide information about their customers in exchange for new customers, and/or from other data brokers.2 Data brokers then use this information and sell it to other advertisers, other companies or even the government. This is no doubt an invasion of our privacy. They are making profit of our personal information and giving our it away to third parties without our consent or full knowledge.
One of the largest data brokers in the world is Acxiom. They are one of the hundreds of companies that peer into our personal life and collecting data generated from whatever we do line and even in the real world.3 In 2011, the company recorded $1.1 billion in sales offerings analytical services on 144 million households and that's just a fraction of the evolving big-data industry.3 In 2017, they claimed to hold data on all but a small percentage of US households and their data is said to be sued to make 12% of the nation's direct marketing sales. 4 Many critics about data brokers is that fact that the average consumer has no idea that their intimate personal details are up for sale on these sites. 3 Personal data are being used and sold without our knowledge. Acxiom was also criticized in particular from reports of people having difficulty to prevent Acxiom from using their data or to remove their own data from the systems. The company later responded by offering a global opt-out and giving consumers some visibility about what information on them is held. According to an FTC privacy survey, although 57% of the busiest sites allow third-party cookie placement, only 22% disclose that fact in their privacy policies. 5 Since not all information is given visibility to consumers, part of it is still hidden from us.
Different types of personal information can raise different types of privacy concerns. A common issue is the use of consumer preferences information leading to price discrimination. Price discrimination is the action in which companies would sell the same product at different prices to different buyers in order to maximize their sales and profits. They are able to do this from gathering our consumer identification such as our background and our online purchasing behavior. This is quite incompatible with our privacy protection because consumers want privacy, implying freedom from being tracked 6 yet merchants would snoop around personal information to gain the ability to charge different prices to improve their profits.
The Federal Trade Commission (FTC) has recommended legislation to regulate online profiling but current American privacy law barely contain any general prohibitions against the collection of consumer data. Since the government doesn't regulate these data brokers, it is unclear how secure they are from hackers. 7 Security risks can arise due to this since data such as consumer's credit-card number or personal address can lead to financial fraud or spam from hackers or any unauthorized users using that information. Many users fear the loss of their financial and personal data. There are many technologies including cryptography and encryption that can settle but it depends on how secure and perfect they are performed in certain companies.
Not a lot of consumers are aware that their web activities is constantly being collected. Some may have no problem since some of their information that they're receiving matches their presumed interests, but many do not realize that they might not be getting the full range of options available because of the salary data, and more crucially, records of previously visited internet sites are already in the hands of some companies. 8 Consumers don't have control where their data is going because many aren't even aware of the collection of their own data and even if they were to address it, they would not know who to go to exercise their rights under the relevant Data Protection Laws.
According to the survey from Blue Fountain Media, it is revealed that 90% of its respondents are very concerned about their internet privacy and 48% wished that more was being done about it. 9 A poll in a Business Week discovered that over 40% of online shoppers were very concerned over the use of personal information and 57% of them wanted some sort of laws regulating how personal information is handled. 10 There is low confidence when it comes to giving the trust of personal data online. Even though many people are concerned about how their privacy and personal information are being handled online, they don't feel empowered to do anything about it. They have very little control over how their information being shared, revealed, used, or sold by businesses.
On May 25, 2018, European Union's new General Data Protection Regulation (GDPR) takes into effect. It contains a wider scope and stronger enforcement compared to the past Data Protection Directive. With this regulation, it imposes strict new rules on controlling and processing personally identifiable information as well as extends the protection of personal data and protection rights by giving control back to EU residents. 11 The rules for protection of personal data affects both inside and outside of the EU. Essential items that are included in this regulation contain the increase of fines, breach notifications, opt-in consent and responsibility for data transfer outside the EU. This becomes a huge impact to businesses and change the way in how customer data will be collected, stored and used. Consumers will have more rights about their personal information being collected.
People have all been confronted with the terms of service agreements and privacy policies when they visit sites. A lot of times it's required to click on agree before having access to a site or application. These regulations aim to ensure that consumers can make informed decisions, but current privacy policies are missing the mark and in fact, they are surprisingly ineffective at informing customers according to researchers. 12 Privacy policies are usually tens of pages long and because of that, no one really reads them. A study in 2008 was estimated that it would take 244 hours a year for the typical American internet user to read all websites they visit. Privacy policies are also difficult to understand, often requiring college-level reading skills. They mostly cover multiple services that are offered by a company which results in vague statements that make it difficult to find concrete information on how personal information is handled and being shared to. 12 It is suggested it's better to have mini notices such as alert boxes to notify users what they're doing with their data when visiting a site or using an app. Some sites and apps like Google are already doing so. When searching something on Google, usually an alert box pops up asking users if they allow it to access their location while using the app. These short and simple friendly notices not only let users know their location can be recorded, it also lets them decide whether they want their location shared or not.
Most online consumer privacy groups now contain this new default standard for cookies named Opt-Out, which means consumers are notified via an alert, or a window when they load onto the site. Users will have to give consent by clicking accept before they are able to navigate the site and any cookies are planted into their browsers. This helps give the users the sense of knowing that the site is gathering their information for the uses and policies for processing and disposing of that data. It's essential for users to gain the right to know if the information is being gathered contains any personal identifying data, the right to get a copy of the data collected at an affordable price and in a form that the consumer can readily understand, the right to request corrections of the data and the right to have the data on browsing behavior within the website destroyed. 13 Having an opt-out cookie can be effective regarding the safeguard of users' information. Simple notices are clean, easy and understandable compared to long texts that are difficult to read.
Consumers can't completely prevent companies from creating profiles of them using cookies but there are still some ways users can still protect their privacy. There are several free programs available for download that you can utilize to identify companies that are trying to store cookies on your browsers, delete cookies on your system, or prevent minimize the work of cookies. Ghostery is an example of a free add-on that you can install onto your browser. It can detect cookies from companies trying to spy on you, gives you background information about them and lets you block those cookies whenever you want. You can also go to your settings in your browsers to choose whether you allow third-party cookies and/or block sites from setting any data.
There are several ways people can do to enhance their own security to protect some of their data. Login credentials are crucial to be able to access certain sites where people store their information. It's highly recommended that people reset their passwords once in a while and as well as to not use the same password for every site. Because some websites often save or cache browsing history, it keeps you logged in unless you manually log out. When using a public computer, it's important to log out or else another use might be able to access your account and take whatever information is stored in that account. The chosen ecommerce platform should be secured as well as the connection being used for online check out. Be cautious about the activities performed on sites to make sure they're not suspicious. With the internet and technology being more advanced than ever, it's best to be safe.
In order for consumers to have better protection of their data privacy, governments and stakeholders should work together. Businesses should protect consumer privacy by ensuring that their practices relating to the collection and use of consumer data are lawful, transparent and fair. It's also important for consumers to be aware about their data collection being used and given a choice whether they allow that or not. Privacy rights are important and personal data should be carefully secured. If companies want to be trusted in business, they should earn that trust by providing those rights to their consumers.
Cite this page