For more than a decade we've been hearing that privacy is dead, especially when it comes to online privacy. It's hard to argue with the evidence.
Law enforcement agencies routinely obtain location and call data from wireless carriers -- some 1.3 million times in 2011 alone, according to documents obtained by a U.S. Senate committee. Thanks to laws written when fax machines were considered high-tech, government agencies can access data from cloud storage with minimal judicial oversight. And with potential laws like the Cyber Intelligence Sharing and Protection Act (CISPA), Congress wants to enable private companies to share even more customer data with Uncle Sam.
[ Secure your privacy through obscurity by following these tips for covering your tracks online. | Verse yourself in 9 popular IT security practices that just don't work and 10 crazy security tricks that do. | Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from expert contributors in InfoWorld's PDF guide. | Keep up with key security issues with InfoWorld's Security Central newsletter. ]
The government is not alone. Virtually every commercial website (including the one you are now reading) deposits cookies that track your movements online. The number of trackers has more than doubled in a year, while advertisers and advocates continue to argue over the definition of terms like "tracking" and "choice." When consumers try to block tracking, companies like Google manage to find ways around it.
Moreover, many of us share data promiscuously on Facebook, Twitter, Google Plus, and other social sites, only dimly aware our personal information is also being collected by both marketers and the government. There's an entire industry devoted to mining that data, matching it to real-life activities, and using it to decide whether you're likely to vote Democrat or Republican, if you're in the market for a car, if you're pregnant, and whether you're a good candidate for credit or a bad insurance risk.
Little wonder then that security expert Bruce Schneier recently authored an essay declaring that we're done:
Welcome to a world where Google knows exactly what sort of porn you all like, and more about your interests than your spouse does. Welcome to a world where your cellphone company knows exactly where you are all the time. Welcome to the end of private conversations, because increasingly your conversations are conducted by email, text, or social networking sites.
And welcome to a world where all of this, and everything else that you do or is done on a computer, is saved, correlated, studied, passed around from company to company without your knowledge or consent; and where the government accesses it at will without a warrant.
Welcome to an Internet without privacy, and we've ended up here with hardly a fight.
Despite this gloomy assessment, all hope is not lost. While threats to our personal privacy expand daily, so do potential solutions -- whether it's new privacy legislation, enhanced regulation, stealth computing technology, or the emergence of a consumer-driven data economy.
Legislation: A powerful tool for online privacy, mired by politics
Most Americans would be surprised to learn how little privacy legislation exists at the national level. Aside from limited protections on the sharing of health and financial information (as well as video rental records), most privacy law is based on interpretations of the Fourth Amendment -- which only regulates intrusions by the government, not commercial entities -- and FTC Act provisions against unfair or deceptive practices.