The Internet will likely go down in history as one of those inventions that fundamentally changed life, similar to the creation of the wheel and the combustion engine, as well as radar and the printing press. However, the Internet came to a paradigm shift about whether people’s privacy now needs to be protected or not. And most notably, people themselves make the decision every day about how privacy is made available online.
When the Internet was first created, it was rather a military system and then an academic research network. Users could engage with it freely without providing much more than a login through their particular ISP entry point. However, decades later, particularly after the World Wide Web and broadband access became commonplace, the Internet has asked for much more information from users. Users have been giving that data willingly in exchange for access.
The first big step in tracking people and their behavior online was the creation of cookies. A cookie is a small text file deposited on the user’s computer when connected to the Web. As the user’s web browser travels from site to site, those websites can call on the local file and look at its information. Ideally, this is to help users see their preferences faster, but it also becomes a library of information users make available to websites with their interaction. Today, just about every primary website tries to plant a cookie or interact with it on a user’s computer. Those who are aware block cookies, but it can also mean some websites won’t work.
The next big step started in the late 1990s with the explosion of social media. Sites like MySpace, then Facebook, then Twitter, and many more offered accessible channels for self-promotion. Still, they also leveraged and data-mined user information and re-sold it to other users. Search engines did the same, which also became powerful marketing research tools. In every case, the user had the power to choose to use the device or not, but when they used it, the user’s identity and preferences were tracked. Today, the great majority of search and social tools trade powerful access for personal information and behavior data online automatically and have to be manually locked or turned off.
The following big tool became mobile devices, which also became widespread in the 2000s. These tools tracked both data use and user’s locations, expanding the value of the data captured even more. Again, users can, in many cases, turn off the data capture, but not always. And many times, apps and even phone providers track users’ data automatically anyways. Now, in 2021, the biggest problem is the loss of privacy for cybercrime. Multiple attacks are made daily to grab users’ data for identity theft. It’s big business and growing. And more devices, such as the Internet of Things or IOT devices, are increasing the risks.
Legally, most Internet privacy laws have only come into being in the last few years. There is no comprehensive law about data capture, including private information, and privacy grabs happen with everything from cookies to adware to digital profile farming. The 1986 Electronic Communications Act provided the first digital privacy protection rule. Still, it was not until 1999 that the Financial Services Modernization act started to protect personal data like financial records and tax IDs.
Another decade later, 2012 saw the Children’s Online Privacy Protection Act, specific to minors’ data, and the 2016 General Data Protection Regulation in Europe forced the severe first privacy protections online. However, California leads the world so far with its 2018 California Consumer Privacy Act, the first natural law passed to actively hold companies accountable for privacy loss. This law, however, only applies in that state. What comes next depends on Congress, other states, and the rest of the world.