Research Paper about Data Privacy

If I were to tell you based on which part of the United States you live in, determines how much information corporations are able to collect, sell, and hold on you. Information then gets used for profit to show an individual personalized products, services, and advertisements targeted towards one's interests which stretches the boundaries of basic privacy. Many users on the internet aren’t aware of the existence of privacy laws, nor the business idea of companies taking your personal data and selling it to other 3rd party companies. While this does sound like an invasion of privacy and the practice should be outlawed, existing privacy laws are set up for companies to undergo legal privacy infringement. 

The first fight against data privacy is educating those whose privacy is already getting exposed on the internet, a majority of social media users. Apps like TikTok, Instagram, and Facebook are all social media platforms that are free for anyone to download, which means the only way to generate revenue is to sell the only product they have, which is the user. The majority of people who discover this information don’t like the fact that companies are profiting off of them, “The survey showed that four in five (79%) do not approve of companies profiting from their data. Respondents under 25 years of age were less likely to disapprove (74%) compared to older respondents (85% to 87%).”(Zdnet) However, not only the people who are using the platforms think that a change should be made, take for example an article furthermore explaining the corruption of the laws, “U.S. companies engage in rampant data profiling, from established giants like Google, to shadowy data brokers like Axciom, to headline-grabbing startups like Clearview AI. Edward Snowden’s 2013 revelations about the scope of U.S. national security surveillance showed the extensive cooperation, and sometimes even active involvement, of private companies.”.(Kaminski) Using Ed Snowden’s 2013 whistleblower incident, exposure of the United States pressuring private companies we can see it's not a matter of national security, but rather used to spy on the general public.

Laws governing and regulating privacy laws in the United States, are one of the most confusing and complex laws currently in place. The first problem with the current privacy laws is a lack of privacy for the entire United States, as privacy laws are set up in local & state regulation meaning different states protect their citizens differently from big companies. An article explains this confusing setup “Laws governing online privacy in the US vary widely from state to state. To find out how each US state ranks from least to most private, we evaluated each and every one of them based on 22 key criteria. The results reveal a wide range of varying privacy protections, which we’ve visualized in the map below. Scores are displayed as percentages, with a score of 22 out of 22 being 100 percent”(Comparitech). So while privacy laws vary state to state depending on rectified legislation, an Ohio governor wants to amend something to unify all privacy laws under one. “In Ohio law, consumers have very few protections, or there's very little definition about what of your data is yours and how you can have control of it," Husted said. For a lot of consumers, that's a big concern…”(Palmer) He furthermore builds on the idea of flawed current legislation, but also on the idea that many users aren’t even aware of the issues these laws are trying to solve.

While one could say companies who are abiding by the law technically aren’t breaking any data privacy infringements, and therefore not violating users privacy. The reality is many companies who think they are abiding by the law simply aren't, with some company owners not even knowing they exist. An article regarding this puts the problem into perspective, “The data revealed that many businesses are still struggling to understand and comply with local data protection laws and regulations. This also translates to vulnerable consumers. The responses of 1,000 professionals revealed that 62.4% of companies are still not ‘completely compliant’ with the data regulations it is subject to, including GDPR, CCPA, and the Virginia CDPA. More than 61% of respondents said they handled data from the EU, which requires GDPR compliance. A smaller number of respondents handled data from the UK (21.9%), California (21.1%), and Virginia (17.2%)”. (Dolan) Using this information, we can see that the problem underlies both the people whose data is getting collected, but also the corporation who is collecting such data and passing it to the 3rd party company. Furthermore, we can dismiss the idea that most companies are following such laws and circle back to the idea that the laws are too complex to follow via the following statement in the same article, “Somewhat troublesome is that nearly a quarter (24.4%) of respondents didn’t know which data regulations apply to the company, indicating a lack of understanding for laws that apply to the location where the business operates, and also which laws its customers may be subject to” (Dolan). Using the past evidence, we can conclude that wrongful assumption that big companies are following privacy laws and lack of knowledge from the companies whose taking data from users can be responsible for the invasion of privacy from their users, even if legally they aren’t held accountable.

Many users on the internet aren’t aware of the existence of privacy laws, nor the business idea of companies taking your personal data and selling it to other 3rd party companies. While this does sound like an invasion of privacy and the practice should be outlawed, existing privacy laws are set up for companies to undergro legal privacy infringement. Some potential solutions to fix this problem is to educate both the users, and the company owners regarding invasion of privacy and the subsequent laws they must follow. But also to push congress for universal privacy protection, despite your geographic location in the United States, which in turn can actually enforce, and protect users from the invasion of privacy on the internet.