At least 5 mornings per week I wake up and want to talk about privacy, or things related to privacy, like trust or identity. I think it’s an endlessly interesting and layered topic, and I have a lot of energy to share this conversation.
As I type this, my wife pops her head into my office to ask a random question about breakfast, and after I answer her, I can’t help but tell her how excited I am to write this article about privacy! However, before I can even begin to explain to her that I’m going to write an article that openly acknowledges how my passion for privacy can be boring to others, she’s already in Stage 1 of what I would call “privacy-induced narcolepsy.” She was wide awake a moment ago, and as soon as I mention privacy, her eyelids begin to close. *sighs* Even though privacy is my passion and I love reading all of the terms and conditions I encounter, I can’t blame her or anyone else for simply saying “no thank you” to this topic.
Protecting one’s privacy has become a huge hill to climb, especially for consumers, and it’s not easy to discuss. It is a topic that has become mired in misappropriated vocabulary, opaque technology, and differences of opinion regarding a person’s ability to exercise their privacy values and rights. That all makes this conversation complicated to approach and tough to understand. What’s more, people have a natural tendency to avoid or say no to what they don’t understand. It’s no wonder that taking a nap might just feel more pleasant than a meaningful conversation about privacy.
So, we don’t understand privacy because we don’t talk about it very much. But, we all think about it a lot and technology companies know this is on our minds because they use the word “privacy” all the time, especially in ads. So why do we think about it but not talk about it much? We ultimately don’t talk about it because:
- It’s not a topic that’s really taught in schools, so we don’t have a shared vocabulary or much guaranteed shared knowledge on the topic.
- When privacy is implicated in current events or news, it’s usually wrapped up in a whole story that involves lots of other things (e.g. celebrity gossip and opinions of the characters involved) that obscure the privacy issues.
- We each have our own independent sense of what privacy is, and since it means different things to different people, we can often end up debating or arguing about the differences instead of focusing on what is the same.
- Today’s most common counterpart to any privacy conversation is technology, which introduces another variety pack of issues to obscure and complicate the conversation.
Statistically, this is all reflected in some stark numbers and research. According to Pew Research, about two-thirds of Americans say they understand very little or nothing at all about the laws and regulations that are currently in place to protect their data privacy. Roughly eight-in-ten American adults say they have very little or no control over the data that the government (84%) or companies (81%) collect about them. As such, we feel disconnected from our data (i.e. the thing our sense of privacy is trying to protect in the digital world), and helpless to stop the collection of our data. Many end up feeling like it’s inevitable that a person can’t both have privacy and enjoy technology.
Even if a person wakes up one day and wants to both have privacy and enjoy technology, and is willing to climb the hill of privacy via lengthy privacy policies and terms and conditions documents, that hill quickly turns into Mount Everest. PC Magazine did some of this reading for us, and reported that it would take about 2.5 hours just to read the terms for Microsoft Teams, not to mention the endless extra hours it would take to demystify the attendant legalese. Microsoft Teams may have one of the longer document stacks beneath it, but it’s not an outlier. Games like Candy Crush have two hours’ worth of terms and conditions to read, and pretty much every social media platform’s terms would take at least an hour to read. Facing these walls of text, well over 90% of us just click “I agree,” and our concerns about privacy quickly fade away as we go about our days enjoying the benefits of technology while our concerns evaporate.
This behavior of just clicking “I agree” is therefore both common and understandable. But what is not well-understood by most people is what they are giving up with that swift keystroke. Yes, a lot of people may know the headline that they’re trading some data for a free service, but they do not think about all the deeper layers of that onion that use such data to manipulate our buying habits, who we speak to, and what news stories we have access to.
As if that weren’t dystopian enough, we’re also bringing these habits into our workplaces, which are now often just steps from our own bed. There are many great things about the workplace revolution that allows many more people to work from home—but the merging of bad personal habits with workplace-wide consequences puts a new lens on the importance of actually reading the fine print. As we’ve already acknowledged what a fool’s errand it can be to sit and read all of the terms and conditions like I have, here are some tips to improve and protect your privacy at home and at work, whether your commute is a few steps to your desk or an hour in the car.
- Spend five minutes (but not all day) reading the terms, conditions, and policies before you click “I agree” on any new products, so you can gain knowledge incrementally without climbing the whole mountain at once. A good place to start is when you are connecting one application to another (for example, an add-on to Zoom or Slack) and it asks you to review the permissions that the application is requesting. Take time to read these carefully and consider what private corporate data you might be giving up to another company.
- Discuss what privacy means to you with family and friends, knowing that the goal of the conversation is to share perspectives and not force anyone to agree with any particular view of privacy.
- Explore the privacy settings of a device or app and discuss your thoughts and impressions with co-workers, especially folks that work in software or data security. (Chances are, they'll be shocked and elated to have this conversation with a colleague outside of the security bubble.)
- Bonus tip for software or data security professionals: consider the analogy that seatbelts constitute vehicle security and tinted windows constitute vehicle privacy, and how the design or loss of one impacts the other. For example, is a vehicle less secure without privacy-tinted glass? What about the occupants?
Finally, to make sure that none of us continue falling asleep on this conversation, we have to start by acknowledging that this is a tough topic. We won’t make any progress without building our awareness and knowledge in this space. Awareness and knowledge, then, become our two major lines of defense against our privacy being ignored or used improperly. As web3 approaches and we all get stars in our eyes about cool new technology, let’s remember that sacrificing our privacy is not an inevitability. However boring the reading might seem, our sense of privacy is essential to who we are, and we all benefit from actively discussing our views on privacy both at home and at work.