How Personal Data Really Works

Keeping up with an online world

As many technology users in the 21st century now know, our online whereabouts are constantly monitored and recorded. A brief online search can suddenly prompt a never-ending wave of targeted digital advertisements. Though we understand that our online information shapes the advertisements that we see, the process that records, collects, and finally uses this information to construct targeted ads remains unexplained. Exploring the strategy behind these systems is crucial to better understand the problem of personal data sharing and its potential solutions.

What constitutes personal data?

Personal data is information that relates to an identifiable individual. It can range from highly sensitive information such as health records and banking details to simple items such as social media posts or search-engine queries. Regardless of the type, it’s important to understand personal data as more than basic online information: personal data is a highly monetized commodity that users unknowingly provide for individuals, corporations and other organizations.

How is personal data collected?

Personal data is captured from a number of online platforms beginning with your web browser, which reports basic data (like your location-specific IP address) to the websites that you visit. Sites can even track mouse movements and clicks in order to refine users’ online profiles. “Cookies,” which are small data files that store identifiable information within web browsers, also act as personal data collectors. Though they can make users’ online experiences more convenient by doing things like saving our online shopping carts when we return to sites, more invasive personal material can also be collected. Third-party cookies track personal information which is often used to fuel targeted advertisements. Other information like online searches or website visits similarly work in tandem to create consumer profiles of web users.

What about privacy policies?

Many corporations which use cookies or other forms of personal data collection must abide by privacy policies. Though these policies have become widely available to online users, the agreement contracts often use broad language and confusing terms to broaden the limits of personal data collection. Third-party cookies, however, are not connected to specific websites or companies, and therefore are not bound to the same privacy policies, making this form of data collection largely unregulated.

Who can access my personal data?

Beyond the websites themselves, personal information is also collected by data brokers. Data brokers compile identifiable online information which they sell to corporations, marketers, investors, and individuals. Data brokers can focus on information specific to marketing, risk mitigation, or people’s searches depending on who they sell to.

Now that I’m sufficiently alarmed… What regulations are in place to limit the extent of personal information collection?

Legal action has lagged behind this recent technological trend, so most of these practices are perfectly legal. Some states such as Vermont and California have begun to place more restrictions on data brokers. However, federal privacy regulation does not yet exist.

What should we expect in the future?

As new technology continues to make personal data collection easier, it becomes imperative to understand and navigate the personalized online environment. Many tech companies have begun to recognize the need for more regulation when it comes to personal data- Apple CEO Tim Cook proposed that the FTC should create an organization which all data brokers must register through to promote more regulation on the uses of personal data. Other large tech companies are pushing for privacy legislation, but these proposals are less stringent than other current state plans, suggesting that such “proactive” steps may ultimately continue to benefit the tech companies themselves.

What steps can I take to better monitor the personal information I share?

There are many measures users can take to protect their personal data. Browser plugins like ScriptSafe for Chrome and NoScript Security Suite for Firefox allow for increased privacy while searching the web. Ghostery is another extension which blocks intrusive third-party tracking cookies while still enabling useful cookies.

Utilizing incognito mode is another way to ensure more privacy online, as cookies can only be kept for the current browsing period and are erased once you close the window. Though this is beneficial, websites still can detect that you’re online and can still acquire personal information such as your location.

Lastly, look into privacy settings on the sites you frequent the most. Check out Facebook’s ad preferences page to limit ad targeting while you’re on and off the social network.

At the end of the day, it’s crucial that we continue to uncover the truth behind personal data collection. Privacy scandals like the Cambridge Analytica-Facebook privacy breach have shocked the public and highlight the lack of transparency regarding this issue. Despite the recent publicity, the ways that our personal data is collected, sold, and shared remains largely unknown. It is crucial for governments, academics, and most importantly, online users themselves to consider ethical approaches to navigating our new technological reality.

~~~

Signup for our Newsletter

Enter your email to get updates on Free the Facts events, D.C. internship opportunities, up-to-date policy information, and more! (We don’t want to spam you, so you’ll have the opportunity to select what kinds of emails you’d like to receive from us)

Thanks for signing up!
Oops! Something went wrong while submitting the form.