The Gap between User Expectations and Reality in the World of Privacy
Online privacy is a largely discussed and debated topic today. There is a common belief that with the advent of social and mobile computing, user privacy is at stake—and the growth in big data has made it worse. Some even say that, with the arrival of the mobile ecosystem, privacy is endangered.
In any product development effort, organizations are striving to meet and exceed user expectations. They are taking on-field studies, conducting competitive analysis, and reviewing markets to not only understand what features they need, but also what their overall expectations are for a given product. This could mean the product’s performance, security, privacy, accessibility, usability, and so on.
The real question is, “How much of this expectation in truly met?” According to a recent study, 90 percent of Americans want privacy, but only 10 percent actually believe they are in full control of their information. Of this group, only 6 percent trust their information is safe in the hands of the government. Similarly, a number of members of this group also have strong opinions on how long their data should be saved and retained by a certain source.
How is there this large of a disconnect? Is there a single entity that can take on responsibility for this large gap? These users fail to realize that they are equally responsible in safeguarding their own privacy and that there needs to be a collective effort to bridge this gap – from the organizations that collect the information and the users that provide it.
Companies are certainly taking this issue seriously and working hard on improving their data collection and privacy practices. To add to this complexity, international rules and regulations also play a key role—not just with global users, but also international data centers and the compliances they have to adhere with.
While privacy needs to be worked through all the way from a strategy level, organizations need to understand ethical hacking practices will continue to be used to enhance overall security and privacy. For example, a security researcher, who pointed out a flaw in the Starbucks gift card money transfer system , was pointed out as fraudulent for transactions that he performed to demonstrate the issue rather than accounting for it as a test to further enhance the system’s security. Such practices should be welcomed to expose vulnerabilities and create an overall transparent system.
Similarly, there are a number of things, including some very simple measures the end-user can take to safeguard his privacy. Besides following a standard checklist, an end-user should also accept that this is a growing space. Researchers and organizations are learning about newer vulnerabilities and how to address them by the day. Users should also be open to newer strategies to safeguard their privacy, buying into the fact that together they all have a collective responsibility to bridge this gap between expectations and reality in order to build a more secure online world.