Advertise on ITWeb         Sat, 22 Jul, 12:53:41 PM

Industry Insight

Is privacy becoming passé?

In a world of shares, likes and selfies, is it unfashionable to ask for more discretion?

Instagram has more than 200 million active users every month. WhatsApp has more than 500 million active users every month. But, even these are far exceeded by Facebook, which has more than 1.79 billion active users every month.

It is an often-overlooked fact that the overwhelming majority of applications and social media platforms (apps) require some form of personal information to identify the user and associate the correct profile with the user. Is this personal information protected? If so, how and to what extent?

Apps and social media platforms, just like any other service provider, have policies in place which dictate if or when personal information will be accessed and how this information will be used. Instead of users familiarising themselves with these policies and learning how their personal information will be used, many merely accept the terms and conditions of a new app when installing it, without reading and fully understanding it. In this manner, people often unknowingly provide their personal information to dubious sources.

Apps and social media platforms have become an ingrained part of our day-to-day lives. Their use ranges from communication, reading the news and uploading or liking a status or picture online, to gaming, clicking on advertisements or online shopping, etc. Users are exposed to possible privacy threats every day, while not always consciously being aware of them.

Getting personal

That being said, in order to protect personal information and address potential privacy threats, legal frameworks are continuously being developed and enforced to try and directly address these privacy concerns.

The South African Constitution, the supreme law of the country, enshrines one of the most fundamental rights in Section 14: the right to privacy. The right to privacy includes the right to protection against the unlawful collection, retention, dissemination and use of personal information. "Personal information" is defined in the Protection of Personal Information Act 2013 (POPI Act) as: "Information relating to an identifiable, living, natural person, and where it is applicable, an identifiable, existing juristic person…"

People often unknowingly provide their personal information to dubious sources.

Facebook provides a detailed explanation of the policies it has in place in respect of the use of personal information of its users. It would seem that Facebook does recognise the importance of privacy. It actively encourages users to read its policies in order to make informed decisions. Facebook unequivocally states that users are the owners of all the content and information they post on Facebook and any intellectual property rights in respect thereto. The manner in which the content and information is shared is controlled by the user's privacy and application settings.

However, the user automatically provides Facebook with a non-exclusive licence to use any intellectual property associated with the content posted by the user (subject to the privacy and application settings of the particular user). A non-exclusive licence grants the licensee (Facebook) the right to use the intellectual property, while the licensor (the Facebook user) remains free to exploit the same intellectual property. The policy further states the licence will end once the user deletes the content or his/her Facebook account.

Handle with care

Users should be cautious when posting statuses and pictures on social media platforms, as a person's intellectual property rights in these pictures or videos become affected. But even more so, some users "tell their life story" on social media, which makes third parties aware of users' family and friends, their locations, and when they might be away from home – on holiday – thereby exposing themselves to unnecessary risks.

The wildly popular Pokémon Go game took the number one spot on most of the online application stores a mere 24 hours after its release. There were just under 21 million daily active users playing this game in the US. However, players of the game should note the Pokémon Go app can easily access the location of the device, as well as gain access to the camera on the mobile device in question. The app can also gain access to a user's contacts and photos, and even his/her Google account, seeing that many users log in via their Google accounts. A user's Google account includes Gmail, Google Maps, Google Drive and more.

The app's privacy agreement describes how general and personally identifiable information may be shared with other parties. It also states the data is collected as a business asset. Niantic, the app's developer, may therefore share non-identifying information "for research and analysis, demographic profiling and other similar purposes".

Niantic released commentary on the app's access to information and stated the Pokémon Go account on iOS erroneously requested full access permission of a user's Google account. Once Niantic became aware of the error, it began working on a fix to request permission for only basic Google profile information.

Pokémon Go was banned at voting stations in SA and internationally last year, as it was said it may compromise the secrecy of the ballot. Similarly, taking photos was also banned at voting stations.

The potential invasiveness of an app emphasises the importance of reading the policies and becoming familiar with the contents. It also encourages users to be more aware of what they are posting online and sharing on social media. And it raises awareness around the necessity of updating apps, as this provides a mechanism to attend to fixes and glitches that may otherwise compromise on privacy.

Enjoyed this story? Subscribe to ITWeb's Security News newsletter.

Our comments policy does not allow anonymous postings. Read the policy here




 

 

 

Sponsors Message