What The Internet Knows About You

How technology gathers a surprising amount of personal information


Various websites and social media platforms collect a surprising amount of data on users; they often share this data with third parties and use it to improve targeted advertising.

In the 27 years since the invention of the World Wide Web, the internet has grown exponentially. With targeted advertising everywhere, and social media quantifying our life moments in likes and comments, it’s easy to wonder: how much does the internet know about me?

Social media is perhaps the greatest source of personal information– often, social media sites know more information than their users willingly provide. Most popular types of social media, especially Facebook, track metrics on users. For example, Facebook has confirmed that it tracks likes and links that a user clicks. Facebook does this to determine the type of advertising that would be most relevant to a specific user, but has been reluctant to specify the extent to which they track user interests.

Email is another source of targeted advertising. Eighty percent of all U.S. emails are used by Rapleaf (a marketing data and software company) for marketing. Many people that use gmail already know how easy it is to notice ads based on the content of your emails (for example, if you exchanged multiple emails featuring the word “skiing” through a gmail account, you’d likely see advertising in your browser for a ski resort).

If the internet collects so much data, why are so many people so unaware of it? One reason could be the length of terms and conditions agreements. Carnegie Mellon researchers determined that it would take the average American 76 work days to read the privacy policies that they encounter in a typical year.

Above all, it seems that typical use of the internet requires a major sacrifice of privacy. So next time you browse the internet, consider taking some simple precautions. As suggested by BVSD IT Security Engineer Ed King in the Q&A below, you can block cookies, clear private data on exit, and sign out of websites once finished with using them. You can also check privacy and location settings, and browse anonymously. Though these steps are not an absolute necessity, you may end up feeling more secure in the long run.


Q&A With Edward King, BVSD IT Security Engineer

Q: What can typical internet users do to protect their privacy?

A: While the only way to be sure what applications or websites will collect, or what is done with collected data, is to read through the agreement, the reality is that the vast majority of users do not read through end user license agreements. There are a few user friendly steps that can be taken to help reduce the amount of data websites are able to collect regarding browser history.
Almost all browsers have options to send do not track requests, block 3rd party cookies, and clear private data on exit.
Additionally, there are also some 3rd party extensions that can help with this behavior as well. Users should use caution when installing extensions to ensure they are reputable and transparent in their functionality.
It is also always recommended to sign out of websites after you are completed using them rather than leaving a tab open while still logged in to the site.
Users should take the same caution as mentioned above regarding browser extensions while deciding whether to install an application. Mobile device manufacturers are making efforts in transparency on the mobile application side of things by making it a bit easier to spot applications that request extraneous permissions. If a user is not going to read through a user agreement when installing an application, they should, at a minimum, pay close attention to the permissions that the application requests (e.g. use of microphone or camera, reading contact lists, etc.) on install and consider whether they are relevant to the functionality of the app.

Q: Most people don’t read terms of service agreements for apps- is there anything in these agreements that people are missing?

A: I would say one of the biggest factors concerning end user license agreements, not recognized by many end users, is that submitting acceptance to the agreement constitutes a legal contract. This means there is very little to no recourse an end user can take if the developer decides to exercise a less than amenable course of action with user data based on something which was buried in the license agreement.
The second consideration of note would be that many users assume that they are agreeing only to extend the data rights to the developer that the use agreement is for. It is very common for developers to include clauses in the agreement that allow them to sell or provide your data third parties. The third parties are often undefined, which allows the vendor to freely distribute your data as they see fit.