24 Apr

We tend to forget the internet – and the technology with which we access it – is relatively new. The nature of the internet also means that it is undergoing constant and rapid change. As a result, lawmakers are faced with a problem unlike anything they’ve ever encountered before – how to legislate for something so unique and continuously developing as the online world.

This is further complicated by the fact that lawmakers need to weigh the need for government surveillance in crime prevention with citizens’ rights to privacy. The balance between the two is not clear cut – as we’ve seen in recent years when confidential documents on governmental surveillance practises have leaked.

Here is what you can know for certain about your rights to privacy online, with information on how to protect yourself against unlawful tracking and collection of personal data.

What privacies are protected under law?

If you are an EU citizen, you have the “right to be forgotten” providing you meet certain criterion. This primarily concerns search engines, where somebody could search on your name and find photos or information that you rather were not public. In extreme circumstances, the availability of certain information or photos of an individual online could jeopardise their career opportunities or personal life. It is in these instances that a case can be made for the search engine in question to remove such information or photos.

This right to be forgotten, however, does not exist in the US. The closest thing to the right to be forgotten would be US laws concerning the so-called act of “revenge porn”, in which an individual’s personal photos (usually intimate in nature) are put online without their consent. Since ‘revenge porn’ became a major issue in the US, certain states have passed legislation which makes it a punishable crime.

If a website seeks to track your user behaviour and collect information on you, it is required by law to show a ‘Privacy Policy’ disclosure and ‘Cookies’ disclosure. If you accept these terms, the website is allowed to track your online behaviour on the site, and even information on which search term brought you to the website.

What can businesses lawfully track?

Websites are allowed to collect data that will help them safeguard themselves against accusations of deliberately breaking laws. For example, online poker is only legal in three US states (although the number of states is looking to grow soon) so a poker company will look at your location, usually by noting your IP address, to ensure it is in fact lawful for you to deposit money on their site.

Whilst it is illegal for a site to steal your credit card or PayPal log-ins when you make a purchase, details on purchases you make can be stored as data and then even sold as marketing information to third parties. In fact, a whole range of personal data can be stored and sold to companies by so-called ‘data brokers’. Usually this information is sold for marketing purposes, to better customize ads for each individual user.

Google Earth has also been the subject of controversy amongst those concerned with online privacy. The program uses drones, satellite imagery and cars to produce street and aerial views. Individuals are unable to prevent their own property from appearing on Google Earth, thus creating a perceived invasion of privacy for some. As of yet, no lawsuit has been successfully filed against Google Earth.

What can the government lawfully track?

In 2011, Edward Snowden leaked classified information from the NSA which revealed that government surveillance was more widespread than what citizens may have previously thought. The leaks have had a big impact on the opinions of the public, businesses (a famous example being Apple) and foreign governments, with regards to the NSA and general US security agencies. It was regarded by many as an abuse of authority.

In later years, the Stop Online Piracy Act (SOPA) bill was supposed to fight copyright infringement, amongst other things. The bill got struck down thanks to powerful opposition that argued such a bill would put both people’s privacy and right to free speech at risk.

In general, it is widely understood that the government does have the right to monitor those individuals who raise red flags in their online behaviour. For example, owning a website that promotes illegal behaviour could justify government surveillance.

If you want to fight for greater privacy and anonymity online, you can join an initiative such as Save the Internet which advocates for ‘net neutrality’ amongst other things.

What risks do criminals pose to my online privacy?

If you do not have adequate safety measures in place, it is possible (and often shockingly easy) for criminals to steal sensitive information, hack into your computer or infect it with harmful malware.

How do I better protect my privacy online?

There are many steps you can take to decrease the risk of falling victim to unlawful tracking or online theft. Avoid public WiFis, regularly clear your cookies and download trusted anti-spyware programs. You can also choose to use messaging programs that offer end-to-end encryption (meaning any messages sent over its network will be visible only to the person with whom you are speaking, and not any third parties).

Two-code or multi-code authentication is advisable for email and bank log-ins. When you have such an authentication system enabled, you can only gain digital access to your device, social media account or online bank if you provide a second type of log-in following the initial password. The second password will be different each time, and can be sent to you as an email or as a text message. This makes it more difficult for criminals to access your private accounts, as they will require more than just one single password.

How might online privacy change in the future?

The future of online privacy laws is unclear. The only thing that can be said for certain is that online privacy is going to become an increasingly important issue – an unavoidable topic of debate amongst future politicians, who will need to start taking stances on where they fall in the clash between business interest, government agencies and citizens’ rights to privacy.