A few months ago, my young son wanted to watch videos on YouTube. I let him use my phone, and he started watching one video after another. As he continued scrolling, YouTube populated recommendations based on his viewing history. While I watched him, I was telling myself, “I’m a privacy advocate, but look at what I’m letting my son do.” I realized many of us experience this phenomenon daily.
Coined the “privacy paradox” in 2001, this phenomenon is the contradiction between individuals’ intentions to protect their privacy and how they actually behave in the online landscape. It’s the discrepancy between what we intend to do and what we actually do – they’re usually not the same.
Our online community can be divided into three groups:
- Privacy advocates: Those who are highly concerned about privacy.
- Privacy unconcerned: Those who seemingly don’t care about privacy at all.
- Privacy pragmatists: Those who are sometimes concerned, but other times are not. The majority of our community belong to this category. This group shapes the privacy paradox at large.
According to Pew Research, 72% of users feel all or most of what they do online is tracked, and 81% feel the risks of their data being collected exceeds the benefits. If that’s the case, then why aren’t more of us privacy advocates?
There is no definite explanation for this phenomenon, but suggested reasons include:
- Difficulty in associating privacy with a specific value.
- Lack of ownership: people may not consider their personal information to be their own.
- Lack of awareness and understanding: taking action may be easier said than done.
- Lack of choices: users must agree to get optimized experience.
- Lack of user-friendly techniques
- Trust: users simply trusted the organization or the application.
Most likely, it’s a combination of all these reasons.
Online behavior is usually driven by two factors: risk and trust. We usually assess the risk of the situation and the extent to which we trust the organization.
Extortion, identity theft, data brokers – these are just a few examples of privacy risks we are vulnerable to when sharing information online. So, how can we resolve the privacy paradox? We have to look at this through a few different lenses:
Individual Lens
As an individual, you need to define your personal risk appetite and acknowledge your rights. Break your privacy-compromising habits online. Give yourself more time to read privacy policies – people have a tendency to over-report their understanding of privacy terms and conditions, which may be due to their length.
Conduct a privacy cost-benefit analysis to figure out who you trust. Find areas where you can reduce data collection and disable some features. This is a starting point.
Organization Lens
Organizations must find ways to offer a more personalized experience while still ensuring trust and transparency. Ensure customers’ information is secure and protected. Adopt privacy by design and focus on value-driven services.
Utilize more user-friendly techniques to promote transparency and give users real control over their data. A few months ago, Apple released an App Tracking Transparency feature which gives users control over what apps are allowed to track them. Interestingly, according to Deloitte, US users chose to opt-out of tracking 96% of the time. When given easy and user-friendly solutions, consumers will take measures to secure their privacy.
Regulator Lens
We need to look at how we design device regulations to promote digital trust. Focus on regulating the architecture that structures the way information is used, maintained and transferred. Monitor organizational practices and market trends.
Society Lens
Society-wide efforts are the ultimate answer, starting with regulations and new technology standards. We need to acknowledge privacy as a fundamental human right. Let’s have serious discussions on how to break monopolies, promote digital trust and empower a more transparent ecosystem.