The Continuing Problem of Online Privacy

The erosion of privacy online

The erosion, or loss, of privacy has become a hotly-debated issue in IT security. The internet pervades our lives and many people routinely bank, shop and socialise online. Every time we sign up for an online account, we are required to disclose information about ourselves as companies around the world actively gather information about their customers. The threat to privacy takes two forms: first, personal data is put at risk if the provider of goods and services we do business with is compromised. Hardly a week goes by without a news story about a company that has fallen victim to hackers, exposing the personal data of its customers. Second, companies aggregate and use the information they hold about us for advertising and promotional purposes, sometimes without us even knowing about it, and it’s not always clear how to opt out of this process.

The value of personal data will only grow in the future, and with it the potential threat to our privacy increases. We all need to realise that our personal data has value – to cybercriminals and legitimate businesses alike. It’s also important to understand that the risk of over-sharing extends to the organisation we work for: cybercriminals actively gather public data in order to frame targeted attacks against businesses.

The use of cookies

Cookies are small text files, stored by a web browser, that hold information to enhance navigation of a web site.  For example, they may hold preference data, so that a visitor to the site doesn’t have to navigate the site from scratch every time they visit the site, or they may be used to deliver content based on your previous browsing habits. Sometimes cookies are set, not just by the owner of the site, but by third parties who have, for example, positioned context sensitive advertisements on the site you visit.

Most browsers provide settings that let you limit the scope of any cookies – for example, allowing you to block third-party cookies not directly related to the page you’re on, or clearing cookies automatically at the end of each browser session (you can, at the same time, ask your browser to clear other information on exit, such as the history of sites you’ve visited, your download history, the browser cache, etc.).

Under the EU e-Privacy Directive site owners should make visitors aware that cookies are being set. Most browsers now also support the ‘Do not track’ feature, which – if selected – sends a request to a site owner asking them not to gather tracking information from you. However, the provider is not obliged to take notice of the settings – it’s purely voluntary.

Other challenges in online privacy

It’s not only businesses that are affected by online privacy issues. Another aspect facing the privacy debate is the wide use of social networks, by both adults and children. There has been a lot of debate recently about how much information we should give away online – some suggest that we should use fake details online in order to protect our security. But is this really the right approach to staying safe online?

To suggest that we should provide fake information across all online sites and services is unrealistic. Many providers of online services - not just the government - insist that you use your real details when creating an account; and in the case of an online payment site, you will be required to enter accurate information at some point anyway. However, on the other hand, it's important to realise that there is a risk when sharing information online. Think about all the information you have ever shared on social networks or other websites. To you it may seem like harmless information, but when aggregated, this information becomes a lucrative goldmine for today's cybercriminal.

We all know that the world can be a dangerous place, but we don't stay at home for fear of these things - we take sensible precautions to mitigate the risk. The same should apply online. By thinking twice about what information you are sharing online and the use of the right technology, there's no reason why you can't bank, shop or socialise online without compromising your identity.


David Emm is Senior Security Researcher at Kaspersky Lab


« Box CEO Aaron Levie: Disrupting the Enterprise


Net Censorship: Indonesia Battling Online Pornography »

Recommended for You

Future-proofing the Middle East

Keri Allan looks at the latest trends and technologies

FinancialForce profits from PSA investment

Martin Veitch's inside track on today’s tech trends

Amazon Cloud looms over China: Bezos enters Alibaba home ground

Lewis Page gets down to business across global tech


Do you think your smartphone is making you a workaholic?