Online Privacy: YOU Are The Product

A lot of people do not take “privacy” seriously enough. There is a general failure to comprehend that by clicking through an online agreement or EULA’s (End-User License Agreements) without reading or understanding, you have in fact agreed by proxy to have your data collected and mined. Surprised? Some may be shocked by what is being done with their personal data, but others, many who should know better, seem to be carefree with what they share online. I’ve worked in the tech field for years and I’ve been absolutely floored by all of the people, even acquaintances and family members who laughed as they expressed jokingly that they have nothing to hide from the government and even assert that Amazon, Google and Facebook probably know all about their life already.

Look at the excerpt from the following article titled “Facebook Privacy Options Ignored by Millions of Users.”  Facebook’s Manager of Public Policy Communications, Andrew Noyes, stated: “We believe more than 900 million consumers have voluntarily decided to share and connect on Facebook……” This article is nearly six years old, but it really couldn’t be more relevant. Fast forward to the present and Facebook users alone exceed two billion. That’s only Facebook! Instagram is one of the top ways young people share and communicate, and the number of users on the platform are predicted to exceed one billion later this year! With a potential captive audience, big data has become big money and the users have become the product.

It’s little wonder how we arrived at this point and it shows no signs of stopping anytime soon. People click their rights away to play “free games”, share online chain letters and take online quizzes, sharing links about Microsoft giving away billions of dollars to users. Social media has become a “lobster trap” in the sense that once that data is captured it is near impossible to get that data back. It’s not that the data is floating around in cyberspace, it’s just the way that it has been used to build a digital marketing footprint of “You”- the user. Users have little say in how data is manipulated, shared or used once it has been collected.

How your data is being used

Are you seeing ads for products, news stories about the topic you were just chatting on with a co-worker, or apps and games that seem all too personally crafted? It really is eerie how much your online persona tells about you. So those who say they have nothing to hide may be surprised to learn the following about Facebook, Instagram and other social media platforms:

  • Biometric face data is collected without specific consent. You really opted in when you signed up.
  • Data gleaning can take place with automation. If you are an Android phone user, it’s likely the contents on your phone are sitting on a server at Facebook as well as some other social media companies.
  • Some similar methods of data collection are used for nefarious purposes. With AI and bots it is possible to make accurate guesses at user passwords, especially if the same password is used on multiple accounts. Remember all of your online quizzes and questionnaires about the model of your first car or your favorite rock star? Well, those are eerily similar to verification questions meant to help authenticate an online user account. We all hope there isn’t anyone that would try to break in to a user account, but it does happen, and sadly it happens a lot. Are all quizzes bad? No, but the publishers certainly share the data users give freely.
  • Because unscrupulous individuals can hijack your identity with information gathered or leaked about you online, it is easier for someone to steal your identity and financial information. The damage varies from someone using your name to sign up for health services, obtain car loans, open credit cards or steal your tax return, all without many people aware it is even happening until a bill collector calls.
  • Facebook and other social media platform’s user tracking extends to other sites and uses the equivalent of “digital breadcrumbs” to do so.
  • Historically, health and wellness data was peeled around the edges and, when combined with AI produced profiles that allowed marketers to target certain users. Here are some examples:
    • Likely to have HIV or AIDS
    • Likely to have eating disorders
    • Likely to have an addiction to video games
    • Likely to be addicted to gambling

Facebook said it stopped using this practice in 2015 after several lawsuits. That is a staggering number of years that this data was collected, unchallenged and unimpeded, and it is clear after recent congressional testimony that this data may still exist and may not have been purged. What other platforms are maintaining profiles about their users? Well, probably most of them…

Protecting your personal data

So what can you do? While it can be unsettling to read about all of the bad things that can happen with your information, it may hearten you to realize that you do have some control. The first thing you need to do is show skepticism and realize that you have valuable data that someone else wants. There are scams, there are fake profiles, and there are bad people online.

  1. It is a best practice to list all of the online sites and platforms you are subscribed to, ranging from social media, banking, business and games, etc. and make a plan to use complex passwords and change them regularly.
  2. Make a practice of using a password manager so you don’t use all of the same passwords.
  3. Read through the settings available to you on your particular platform and decide what to share and what to restrict. If you just click through and leave the default settings in place, you have made a choice to let the platform (such as Facebook, Twitter or Instagram) make decisions for you, and ultimately make decisions about how your data is shared.
  4. Review account settings on a periodic basis; chances are that you may be inadvertently giving permission to share something you didn’t want shared when you first set up your account.
  5. Use automation to help protect your privacy. SecureMySocial and Reputation Defender are subscription services to protect you and your organization from social media fallout like improper, detrimental, and unauthorized posts and help you remove potentially damaging information about your company. Other programs like Privacy Badger are focused on the individual, created by the Electronic Frontier Foundation, a not-for-profit organization set up to represent things often taken for granted in the digital world, namely civil liberties, legislative representation and lobbying, privacy and policy analysis.
  6. Read and keep up with the changing technology that supports the platforms you use. Awareness is your best defense. This isn’t a one-time occurrence, it requires being proactive, and it takes maintenance and upkeep – just like changing the oil in your car.
  7. Keep track of your credit profile/score with programs like Credit Karma, Credit Sesame or Quizzle. They are a good way to track what is happening in your financial world and alert you to changes in status, account changes, new accounts opened, credit inquiries, etc. There are also a number of paid subscription services that are more comprehensive and help protect your digital identity, like LifeLock.
  8. Avoid oversharing – a lot of people do this and they do it significantly. Choose what you share and how you share your information on your terms. Too much of a good thing is really and truly too much sometimes.


The decision about whether to protect your privacy or participate in social media doesn’t have to be a binary one, but it does take some consideration and deep thinking from each user on how you control what you share.