Hard as it may be to believe in today’s internet-obsessed world — one in which hackers, companies and even the government feast on a smorgasbord of data about almost everybody — there was a time when privacy in America was king. One of many examples was a national brouhaha in the mid-1960s that attracted an avalanche of attention.
Back then, as part of his “Great Society” program, President Lyndon Johnson wanted to implement a network of social programs to combat poverty and other social ills. He knew he needed socioeconomic statistics to spotlight these problems and help determine how to address them, so he proposed a National Data Bank to collect and process this data efficiently.
The response was enormous backlash. A prominent University of Michigan law professor warned that a computerized national data bank could become a monstrous “Big Brother” with a non-stop appetite for snooping. The New York Times called it “an Orwellian threat to privacy,” and other newspapers said much the same thing.
Ultimately, the Great Society program came to be, but it was run without the help of the National Data Bank. That was deep-sixed.
Today, things are completely different. Everything is online, and privacy virtually no longer exists on the internet. Supporters of the National Data Bank decades ago would have been dumbfounded today by the explosion of personal data that rests with 21st century technology giants.
Sad to say, the American public knows that personal data is no longer secure and that, in fact, data collection probably poses more risks than benefits. A survey by Pew Research has found that a majority of Americans believe their online activities, in particular, are often being tracked and monitored by companies and the government. Six in 10 American adults told Pew they don’t think it’s possible not to have data collected about them.
The survey also noted that more than 80% of the public says that the potential risks they face because of data collection by companies outweigh the benefits.
The COVID-19 pandemic has made things even worse, initially encouraging most Americans to stay at home and adding tens of millions of remote workers. Almost every need relied on internet access. Food came from supermarket and restaurant delivery services. Purchases of almost everything else occurred on online shopping platforms. Zoom replaced in-person discussions and even attendance at weddings and funerals.
While online attacks soared, attempts to enact federal legislation to protect digital privacy were derailed, initially because of the pandemic itself and today because of politicization over how the internet should be regulated.
In fairness, it’s important to note that the internet was born as an open research tool — one never designed to provide security or privacy. Although it still has a long way to go, security has substantially improved over the years.
Privacy, however, has gotten worse. Most companies understood that users wanted their data to remain private. The meaning of privacy, however, became murky and divergent.
The lack of privacy on the internet has been a problem for a long time, but it likely became worse after two breaches of Yahoo in 2013 and 2014 were unearthed in 2016. The privacy of all 3 billion Yahoo users at the time was compromised. Fueling the privacy fire a couple of years thereafter was another large privacy breach of Marriott Corporation, impacting 500 million hotel guests. There have subsequently been a number of other sizable privacy breaches, including several at T-Mobile.
Those offended by the dearth of online privacy no doubt applaud Apple for an operating software update requiring that app developers explicitly ask for permission to track user behavior. This has particularly hurt Facebook, which heretofore relied on technology that expressly tracked users.
Unfortunately, however, this development has been more the exception than the rule. In just one example, ubiquitous cookies — small text files that websites store on computers to uniquely identify their users — remain a substantial headache. They do make the workings of websites more proficient. But there has also been an explosion of “tracking” cookies that collect personal data on behalf of a site.
Fortunately, prospects on the privacy front aren’t altogether bleak. One bright spot is the growth of so-called privacy-enhancing technologies (PETs) — a broad range of hardware and software solutions designed to extract the value of data without risking its privacy and security. One PET example is the budding growth of homomorphic encryption, which secures data while it is being processed or used. Gartner, the prominent information technology research firm, highlighted PETs as one of its top strategic technology trends in 2021 and again in 2022. It says half of large organizations will implement PETs by 2025.
Another mildly upbeat development lies on the legal front. Most states haven’t addressed the federal government’s limited adoption of privacy laws, but at least three have done just that in recent years — California, Virginia and Colorado. Companies operating in these states must inform customers if they’re selling their data and give users the right to delete it. In California, in addition, users can sue a company against certain types of data breaches.
Much obviously remains to be accomplished, and users need to play a role. When apps and websites often ask them for multiple privacy permissions the first time around, most passively provide them to avoid complications. If would be much better for all internet users, not just them, if they were far more selective.