5 surprising truths about online privacy protection
Online privacy protection is a growing concern. According to a 2019 survey from RSA, 45% of U.S. respondents said their personal information was compromised in a breach sometime in the last five years. It’s not enough to exercise caution about what you post or share online. You also need to familiarize yourself with the various privacy policies and data tracking practices of the websites you visit.
That’s because internet privacy is neither universal nor comprehensive. Not only does every website offer a different degree of privacy protection, but every website also promotes its privacy practices differently. Some websites go to great lengths to protect their users’ privacy and involve them in the process, while other sites consider online privacy less important and don’t disclose their practices to visitors.
Like all things internet-adjacent, the issue of online privacy is complicated and constantly changing. Here are five surprising truths about online privacy protection you might not know:
Improved privacy protection starts with awareness. If you want more control over your personal information, consider the websites you visit and how they either protect or limit your privacy.
Which types of PII are collected
How PII is collected
Where PII is stored and for how long
Who has access to PII
Other laws, like the Gramm-Leach-Bliley Act and Health Insurance Portability and Accountability Act, require financial institutions and health care providers respectively to disclose what they do with users’ personal information.
These laws don’t necessarily impose restrictions on how companies use consumer information, though. Privacy policies may promote transparency and help foster a sense of trust between companies and consumers, but they don’t increase your privacy protection. They simply tell you what level of privacy to expect when using a particular site, whether it’s minimal or comprehensive.
Every website uses one of two URLs: HTTP or HTTPS. The difference between the two may seem minor, but that one little letter makes a big impact on the amount of privacy you experience when browsing a site.
HTTP, which stands for hypertext transfer protocol, presents online information in plaintext, while HTTPS encrypts your personal information. Encryption is the process of coding information so only authorized parties can access it. Websites that use HTTPS essentially offer an extra layer of privacy protection to visitors. If, for example, you’re inputting your credit card number on an HTTPS site, the site will encode your credit card details so hackers can’t see them.
Keep in mind, though, that using sites with HTTPS may reduce your chances of experiencing a breach, but it doesn’t protect you from data tracking. Websites using HTTPS can still gather your personal information, so it’s crucial to consider how comfortable you feel sharing certain details.
Most websites use a variation of cookies called tracking cookies, or third-party cookies, which gather information about how users interact with a site. Using the information collected by cookies, companies can figure out how often you visit a website, how long you stay on certain web pages, and which advertisements you click on.
The majority of companies that rely on tracking cookies use the information they collect to create digital personas of consumers and send them targeted ads. Thanks to an update to the U.K. Privacy and Electronic Communications Regulations, however, there are now restrictions on how companies can use tracking cookies. “Cookie Law,” a stipulation that aims to protect user privacy, says websites can’t track visitors without their consent.
Unfortunately, the law only applies to websites that collect information from U.K. residents, which means U.S. companies can still gather your information without your permission.
Different websites rely on different methods of storing and accessing the information they gather from users. Many websites anonymize their information, either by encrypting PII or removing it from their databases. This approach helps improve user privacy protection because it ensures that no piece of information can be tied directly to an individual.
Unfortunately, not every website uses anonymization. Not only does this mean your personal information and online behavior can be linked directly to you, but it also makes you more vulnerable to targeted advertising and data breaches.
Most websites today use opt-out policies for information collection and privacy settings. Unlike opt-in policies, which require users to actively consent to sharing information like their email address or preferences, opt-out policies assume users’ compliance. That means that unless you find and un-check a pre-checked box, you’re agreeing to having your information shared.
Not only do opt-out policies reduce your internet privacy, they also limit your autonomy by removing your choices or else forcing you to comply with an existing option.
How to take privacy protection into your own hands
Without guaranteed privacy protection from websites, browsing the internet is like walking through a minefield. It’s difficult to trust that your information will be protected and that you’ll have a say in the process.
Quitting the internet isn’t an option, though, so you have to get resourceful. Whether you want to boost your privacy or just exercise more control over your personal information, FigLeaf is here to help. Our all-in-one privacy tool lets you choose the level of visibility you want on each website you visit, so you feel protected in every corner of the internet.