1/12/23, 3:48 PM Digital privacy - Wikipedia

Digital privacy  is often used in contexts that promote advocacy on behalf of individual
and consumer privacy rights in e-services and is typically used in opposition to the business practices
of many e-marketers, businesses, and companies to collect and use such  information and
data.[1][2]  Digital privacy can be defined under three sub-related categories:  information
privacy, communication privacy, and individual privacy.[3]

Digital privacy has increasingly become a topic of interest as information and data shared over
the  social web  have continued to become more and more commodified; social-media users are now
considered unpaid 'digital labors', as one pays for 'free' e-services through the loss of their
privacy.[4] For example, between 2005 and 2011, the change in levels of disclosure for different profile
items on  Facebook  show that, over the years, people want to keep more information
private.[5] However, observing the seven-year span, Facebook gained a profit of $100 billion through
the collection and sharing of their users' data to third-party advertisers.[4]

The more a user shares over social networks, the more privacy is lost. All of the information and data
one shares is connected to clusters of similar information. As the user continues to share their
productive expression, it gets matched with the respective cluster and their speech and expression are
no longer only in the possession of them or of their social circle. This can be seen as a consequence of
bridging social capital. As people create new and diverse ties on social networks, data becomes linked.
This decrease of privacy continues until bundling appears (when the ties become strong and the
network more homogeneous).[6]

Some laws allow filing a case against breach of digital privacy. In 2007, for instance, a  class-action
lawsuit  was lodged on behalf of all Facebook users that led Facebook to close its advertising system
"Beacon." In a similar case in 2010, the users sued Facebook once again for sharing personal user
information to advertisers through their gaming application.[7] Laws are based on consumers' consent
and assume that the consumers are already empowered to know their own best interest. Therefore, for
the past few years, people have been focusing on self-management of digital privacy through rational
and educated decision-making.[8]

Contents
Types of privacy
Information privacy
Communication privacy
Individual privacy
Individual privacy
Information anonymity
Communication anonymity
Additional services
The (no) harm principle
The economic value of data
Privacy and information breaches
Phishing
Development and controversy
See also

https://en.wikipedia.org/wiki/Digital_privacy 1/7
1/12/23, 3:48 PM Digital privacy - Wikipedia

Further reading
References

Types of privacy

Information privacy

In the context of digital privacy,  information privacy  is the idea that individuals should have the
freedom to determine how their digital information is collected and used. This is particularly relevant
for personally identifiable information.

The concept of information privacy has evolved in parallel to the evolution of the field of Information
Technology  (IT). The rise of networking and computing led to the dramatic change in the ways of
information exchange. The baseline for this concept was put forward in the late 1940s, and the third
era of privacy development began in the 1990s.[9]

The European Union has various privacy laws that dictate how information may be collected and used
by companies. Some of those laws are written to give agency to the preferences of
individuals/consumers in how their data is used. The General Data Protection Regulation (GDPR) is
an example of this. In other places, like in the United States, privacy law is argued by some to be less
developed in this regard.[10]  By example, some legislation, or lack thereof, allow companies to self-
regulate their collection and dissemination practices of consumer information.

Communication privacy

In the context of digital privacy, communication privacy is the notion that individuals should have
the freedom, or right, to communicate information digitally with the expectation that their
communications are secure—meaning that messages and communications will only be accessible to
the sender's original intended recipient.[3]

However, communications can be  intercepted  or delivered to other recipients without the sender's
knowledge, in a multitude of ways. Communications can be intercepted directly through various
hacking methods, such as the  man-in-the-middle attack  (MITM).[11]  Communications can also be
delivered to recipients unbeknown to the sender due to false assumptions made regarding the
platform or medium that was used to send information. For example, the failure to read a company's
privacy policy regarding communications on their platform could lead one to assume that their
communication is protected when it is in fact not.[12]  Additionally, companies frequently have been
known to lack transparency in how they use information, which can be both intentional and
unintentional.[13]  Discussion of communication privacy necessarily requires consideration of

https://en.wikipedia.org/wiki/Digital_privacy 2/7
1/12/23, 3:48 PM Digital privacy - Wikipedia

technological methods of protecting information/communication in digital mediums, the effectiveness

and ineffectiveness of such methods/systems, and the development/advancement of new and current
technologies.

Individual privacy

In the context of digital privacy, individual privacy is the notion that individuals have a right to exist
freely on the internet, in that they can choose what type of information they are exposed to, and more
importantly, that unwanted information should not interrupt them.[3] An example of a digital breach
of individual privacy would be an internet user receiving unwanted ads and emails/spam, or a
computer virus that forces the user to take actions, which otherwise they would not. In such cases, the
individual does not exist digitally without interruption from unwanted information; thus their
individual privacy has been infringed upon.

Individual privacy
Some internet users proactively work to ensure information can not be collected, this is the practice of
attempting to remain anonymous. There are many ways for a user to stay anonymous on the internet,
including  onion routing, anonymous  VPN  services, probabilistic anonymity, and deterministic
anonymity.[14] Some companies are trying to create an all-in-one solution, In an interview with  Tom
Okman, co-founder of NordVPN he mentioned they're currently exploring a technology that will block
trackers, cookies, detect malware before it lands on the user's device and more.[15]

Information anonymity

For a user to keep their information anonymous when accessing the web, onion routing can be used to
ensure the protection of their personally identifiable information.

Onion routing was originally developed by the  U.S. Naval Research Lab  and was intended to
anonymize web traffic.[16]  The system created a path to any  TCP/IP  server by creating a pathway of
onion routers. Once a pathway has been established, all information that is sent through it is
anonymously delivered.[17] When the user has finished utilizing the pathway it was essentially deleted
which freed the resources to be used for a new pathway within onion routing. The  Onion Routing
Project  developed into what is today known as  Tor, a completely  open-sourced  and free software.
Unlike its predecessor, Tor is able to protect both the anonymity of individuals as well as web
providers. This allows people to set up anonymous web servers that in effect provide a censorship-
resistant publishing service.[16]

Communication anonymity

While the previously mentioned information anonymity system can also potentially protect the
contents of communications between two people, there are other systems that directly function to
guarantee that communication remains between its intended recipients.[18]

One of these systems,  Pretty Good Privacy  (PGP), has existed in various forms for many years. It
functions to protect email messages by encrypting and decrypting them. It originally existed as
a command-line-only program, but it has evolved in recent years to have its own full interface, and a

https://en.wikipedia.org/wiki/Digital_privacy 3/7
1/12/23, 3:48 PM Digital privacy - Wikipedia

multitude of  email providers  now offer built-in PGP support. Users can also install PGP-compatible
software and manually configure it to encrypt emails on nearly any platform.[19]

Secure Sockets Layer  (SSL) and  Transport Layer Security  (TLS) are measures to secure payments
online. While these systems are not immune from breaches or failure, many users benefit greatly from
their use as every major browser program has built-in support for it.[16]

Additional services

There are additional methods that work to provide anonymity and, by extension, protect the user's
data.

As  IP addresses  can frequently be traced back to a specific physical location,[20]  and likewise can
identify someone as well, changing one's IP address can help users remain anonymous by providing
access to a multitude of servers in various geographic locations around the world, allowing them to
appear as if they are physically located in a selected area, even when they are not. This is an example of
a method/service that works to allow for information and communication anonymity.[21]  IP-address
changers are one such service, which an internet user typically pays a fee to use.

The Virtual Private Network (VPN) is a technology that provides users secured connection over a non-
secure public network such as the Internet through several  tunneling protocols, handling, and
encapsulating traffic at different levels to ensure communication security.[22] VPN is also effective in
securing data and privacy over the cloud and data-center environments because it is capable of
protecting IPs from exposure to different kinds of attacks. This technology can be categorized
into SSL VPN and IPSec VPN, which are methods of data communication from a user device to a VPN
gateway using a secure tunnel.[23] There is also the case of the VHSP mechanism, which protects the
exposure of an IP address by assigning a temporal IP for the VPN gateway and its services.[23]

The use of  network address translation  (NAT) allows users to hide connections passing through a
gateway behind the gateway through the use of a sensible hiding IP address that is routable to the
issuing gateway.[24]

The (no) harm principle

Following the (no) harm principle of John Stuart Mill, private references must be respected: one can
do whatever they want as long as others do not suffer from the consequences of it. In one's private
space, alone, a person is free to do whatever they desire.

With the advent of  photojournalism, the invasion of celebrities' private lives arose along with the
notion of right-to-privacy—or what Samuel D. Warren II and Louis Brandeis branded in 1890 as "the
right to be left alone."[25]  Today's "privacy incidents" do not exclusively concern celebrities and
politicians, as most people are connected and share data: people are not online to be left alone.

The economic value of data

According to Alessandro Acquisti, Curtis Taylor and Liad Wagman in  The Economics of
Privacy (2015),[26] individual data can be seen as having two types of value: a commercial value and a
private value. The fact that data is collected can have both positive and negative effects, and can cause

https://en.wikipedia.org/wiki/Digital_privacy 4/7
1/12/23, 3:48 PM Digital privacy - Wikipedia

a violation of privacy and a monetary cost. As per Acquisti, Taylor, and Wagman, there are further and
further concerns about the progress of collecting data as  data analysis  becomes increasingly more
efficient.

Regulations such as the EU Data Protection Directive, the U.S. Children's Online Privacy Protection
Act, and many more are being put in place; however, the IT industry is always evolving and requires
the users to be empowered and focus on self-management of the online privacy. As such, it is very
important for the lawmakers to continue focusing on the right balance between the use of the internet
and the economics of privacy.

Privacy and information breaches

Methods can be purposely crafted to obtain one's personal information illegally. These directed attacks
are commonly referred to as  hacking, though that term refers to the general practice and does not
address specific hacking methods and implementation. Various hacking methods as it pertains to the
invasion of one's digital privacy are outlined below. As it pertains to intent, within hacking, there are
two categories of invasion:

1. Directed attacks against someone individually, and

2. Directed attacks against groups.[27]

With the latter category, however, a hacker could effectively obtain a specified/particular individual's
information through first targeting a larger group.[28]  An example of this possibility could be as
follows: if a hacker, named individual-A, wishes to obtain a particular person's information,
individual-B, they could first target a platform or group that has individual-B's information already,
such as a credit agency, or they could likewise target a group that individual-B has previously
relinquished/provided their data to, like a social media network or a cloud based data service.
Through targeting one of those groups, individual-A could effectively obtain individual-B's
information by first hacking all data the group has, including the data of other individuals. Once
obtained, the hacker could simply identify individual-B's information within the data and disregard
the rest. Digital tools are available online to help thwart personal data theft.[29]

Phishing

Phishing is a common method of obtaining someone's private information.[30] This generally consists

of an individual (often referred in this context as a hacker), developing a website that looks similar to
other major websites that a target person commonly uses. The phishing website may look identical to
the legitimate site, but its  URL  could have a variation in spelling or a different domain such
as .org instead of .com.[31] The target person can be directed to the site through a link in a "fake" email
that is designed to look like it came from the website they commonly use. The user then clicks on the
URL, proceeds to sign in, or provide other personal information, and as opposed to the information
being submitted to the website that the user thought they were on, it is actually sent directly to the
hacker.[32]  Phishing attacks commonly obtain bank and financial data as well as social networking
website information.[31]

https://en.wikipedia.org/wiki/Digital_privacy 5/7
1/12/23, 3:48 PM Digital privacy - Wikipedia

Online tools can help users protect their information from phishing attacks, including Web browser
extensions, which are capable of flagging suspicious websites and links.[33]

Development and controversy

Digital privacy is a trending social concern. For example, over the past decade, the usage of the
phrase digital privacy has increased by more than fivefold in published books.[34] A TED talk by Eric
Berlow  and Sean Gourley following the  2013 mass surveillance disclosures  cast a shadow over the
privacy of  cloud storage  and  social media.[35]  While digital privacy is concerned with the privacy of
digital information in general, in many contexts it specifically refers to information
concerning personal identity shared over public networks.[36]

As the secrecy of the American  Foreign Intelligence Surveillance Act  becomes widely
disclosed,[37] digital privacy is increasingly recognized as an issue in the context of mass surveillance.
Prior to the  Edward Snowden  disclosures concerning the extent of the  NSA  PRISM  program were
revealed in 2013, the public debate on digital privacy mainly centered on privacy concerns with social-
networking services, as viewed from within these services. Even after 2013, scandals related to social-
media privacy issues have continued to attract public attention. The most notable of these is the
coverage of the Facebook–Cambridge Analytica data scandal in 2018, which led to a 66% decrease in
public trust of Facebook.[38]

The use of cryptographic software to evade prosecution and harassment while sending and receiving

information over computer networks is associated with  crypto-anarchism, a movement intending to
protect individuals from mass surveillance by the government.

See also
Internet privacy
Tor (network)

Further reading
"Privacy and Information Technology" (Summer 2020 edition), Edward N. Zalta, Editor by Jeroen
van den Hoven; Martijn Blaauw; Wolter Pieters; and Martijn Warnier, The Stanford Encyclopedia of
Philosophy, October 30, 2019 (version). Retrieved October 6, 2022.
Digital Data Collection and Information Privacy Law by Mark Burdon, Cambridge University Press,
2020.
"Data Is Different, So Policymakers Should Pay Close Attention to Its Governance", by Susan Ariel
Aaronson, Mira Burri. Editor, Part IV - Global Perspectives on Digital Trade Governance.
Cambridge University Press, July 9, 2021. Retrieved October 6, 2022.
"Data is disruptive: How data sovereignty is challenging data governance" Susan Ariel Aaronson,
Hinrich Foundation August 3, 2021. Retrieved October 6, 2022.

References
1. TEDx Talks (2016-01-21), Privacy in the Digital Age | Nicholas Martino | TEDxFSCJ,
retrieved 2018-11-28
https://en.wikipedia.org/wiki/Digital_privacy 6/7
1/12/23, 3:48 PM Digital privacy - Wikipedia

2. Rice, James C.; Sussan, Fiona (2016-10-01). "Digital privacy: A conceptual framework for
business". Journal of Payments Strategy & Systems. 10 (3): 260–266.
3. Hung, Humphry; Wong, Y.H. (2009-05-22). "Information transparency and digital privacy
protection: are they mutually exclusive in the provision of e‐services?". Journal of Services
Marketing. 23 (3): 154–164. doi:10.1108/08876040910955161. hdl:10397/20138. ISSN 0887-
6045.
4. Scholz, Trebor (2012-10-12). Digital Labor: The Internet as Playground and Factory.
Routledge. ISBN 978-1-136-50669-7.
5. Stutzman, Fred; Gross, Ralph; Acquisti, Alessandro (2013-03-01). "Silent Listeners: The Evolution
of Privacy and Disclosure on Facebook". Journal of Privacy and
Confidentiality. 4 (2). doi:10.29012/jpc.v4i2.620. ISSN 2575-8527.

https://en.wikipedia.org/wiki/Digital_privacy 7/7