Respect your data privacy, because others won't

Young woman with phone, using face recognition.

Image: denisismagilov/Adobe Stock

Image: denisismagilov/Adobe Stock

Opinion

Did you know that up to 90 per cent of all data to have ever existed has been created over the past 2 years, and that people under 30 consume and broadcast more digital content than any other age group? Even if you weren't one of the 9 million Australian's caught up in the recent Optus data leak, Dr Brendan Walker-Munro and Professor Ryan Ko explain why you should be more vigilant than ever before.

If you’ve been caught up in the Optus data breach, perhaps your biggest issue has been standing in line for hours at the Department of Transport and Main Roads, hoping to get a new licence photo that isn’t as bleak as the last one.

If you’re not an Optus customer, you don’t have that worry (yet). So, you could be forgiven for looking at all the news stories and wondering what’s this got to do with me?

That’s a great question: it’s because you are the people who define what privacy actually means.

The front of Optus store with Optus signage.

Image: Jackie Davies / Adobe Stock

Image: Jackie Davies / Adobe Stock

What are the consequences if others have my data?

It should come as no surprise that as a demographic, people under 30 consume and broadcast more digital content than any other age group. Between Snapchat, Instagram, Facebook, Google, TikTok, YouTube and a host of other apps and functions, humans in the last 2 years have created 90 per cent of all data to have ever existed.

Let that sink in for a minute – that’s 527,760 Snaps, 456,000 tweets and 46,740 Instagram posts every minute.

But there are downsides to all that data floating around in cyberspace.

First – and you have probably heard this from your teachers or parents – what you record now is literally available forever. Once an image or statement is made public, there’s no way to take it down without a lot of effort. And, given how easily people can get screen grabs or photographs, once one person has seen it you can pretty much bank on everyone seeing it. In fact, you may even be alarmed at how easily someone can search your web footprint just from an image of your face.

Second, this huge amount of data makes you really easy to predict. Ever been talking about cheeseburgers and, suddenly, Facebook starts suggesting you buy a Big Mac meal? Yep, that’s how powerful their technology is. Your personal information is worth billions to companies around the world because they can use it to sell you stuff you like. There is a saying, 'If you are not paying for the service, you are not the customer but the product'. A good example is Google Maps. How does Google Maps know there is a traffic jam at a certain road? It's because we feed it with our location information and movement speeds every second.

Third, it makes you prey for scammers and criminals. Just posted a video about how you’re really enjoying your holiday in Bali for the next week? Well, now criminals know that your house or apartment is unoccupied for 7 whole days. Put up a picture of your new apartment keys to show off to friends and family? Check YouTube for how many ways you can 3D print a key from a photo.

People walking on the street with face recognition and personal identification technologies in street surveillance cameras.

Image: Alexander/Adobe Stock

Image: Alexander/Adobe Stock

What is privacy to me anyway?

Well, you might say, that’s just the price you pay for being connected in the moment to family and friends, right?

Not exactly. Think of it like this:

  • Would you go the beach on a hot day and wear swimmers?
    Absolutely.
  • But what if you go to the beach and some random person starts taking photos of you?
    Errr, not so much.
  • Then, what if they offered to sell those photos to other people at the beach?
    Yeah, that’s totally not on.

You should have the right to tell companies what they can and can’t do with all this information. You should have the right to tell them to delete stuff they don’t need. And you should have the legal power to make these companies listen when they don’t want to.

Unfortunately, that’s not how our privacy laws work online. Remember the ‘I agree’ button you clicked on without reading through the terms and conditions? In almost every case, you consent for companies to use your information however THEY want. They can record what you are doing, store it, keep it for as long as they need, and own the copyright to your content. And they don’t even have to tell you what they are doing with your information, or who they give it to.

They can even bundle it up and sell it to 'data brokers' – people who earn a living looking for insights into how we consume everything, from TV shows to cheeseburgers to perfume.

Ever received a weird email from a mailing list you don’t remember joining? Yep, that’s probably a 'data broker' hard at work with your personal data.

And when you post stuff publicly, they can take that and do pretty much whatever they like with it. As long as they don’t embarrass or ridicule you, your personal information is free to use.

Yes, that means they can put your face on a billboard without asking.

Hands typing and entering username and password of social media.

Image: Bussarin / Adobe Stock

Image: Bussarin / Adobe Stock

Who owns your personal information?

This is the critical part, and a lesson that a lot of companies don’t want you to know.

YOU own your personal information, not them.

Try some of these tips:

  • You should be on the front foot with companies, asking them what they are doing with your data. Why does a hairdresser need your email address? If they don’t answer, or you don’t like their response, take your business elsewhere.
  • Don’t like how a company is using your information? Tell them. Make complaints. Get loud. Make them be more open in their policies.
  • Use strong passwords to keep your digital subscriptions and apps secure. Get a password manager app if you have to.
  • Be savvy about your digital footprint and think before you share or post. Ask yourself, “will I still want to see this when I’m 60?” Then stop and think, “if I was a criminal, what could I use this for?”
  • Use privacy preserving ad-blocking browsers, such as DuckDuckGo’s browser, and even switch between browsers for different aspects of your lives so that 'they' will not have a complete life history of your habits and likes.
  • Turn off ‘Location Services’, or similar location tracking features, on your mobile phone.
  • Check your credit report every year – it’s free! See if there are any credit checks you don’t remember authorising.
  • Want your privacy laws to be stronger to stop this from happening? Get involved, write to your local Member of Parliament, and put this on the agenda.

Remember, you have to be lucky all the time; the bad guys only have to be lucky once.

About the authors

Dr Brendan Walker-Munro is a Senior Research Fellow with UQ's Law and the Future of War research group. Dr Walker-Munro's research focus is examining the frameworks for establishing civil and criminal liability for the use of autonomous weapon systems, both in Australia and internationally. He also has a keen interest in national security law, and the role played by intelligence agencies, law enforcement and the military in investigating and responding to critical incidents.

Professor Ryan Ko is the Chair and Director of UQ Cyber Security. Professor Ko has successfully established several university-wide, multidisciplinary academic research and education programs, including UQ's interdisciplinary cyber security research and postgraduate program involving 4 faculties.

Did you know UQ is helping to address global cyber security challenges and is educating top cyber security leaders?

Find out how
TopBuilt with Shorthand