Control over our data

Anybody who uses the Internet uses, creates and leaves data behind. While in the past site visits were recorded in the depths of server log files rarely to surface again, these and related data are now the currency of the 21st century. Services are exchanged for data, this is the business model shared by Google, Amazon and many others. But people are becoming more aware that the uninhibited acquisition of their personal data may have negative consequences and no longer trust that their data is protected on the Internet. This is the result of a representative survey for digital self-determination, which was conducted by the Cologne Center for Ethics, Rights, Economics, and Social Sciences of Health (CERES) on behalf of Deutsche Telekom. The survey found that 91 percent of users that believe that their personal data is accessed on the Internet without their knowledge and 82 percent are convinced that most companies pass on personal data to other companies. Prof. Dr. Christiane Woopen, director of Ceres and chairperson of the German Ethics Council until April states: "We are noticing a great distrust of Internet users with regard to the protection of their data."

At the same time, users want more control over their data: 91 percent want to know what personal information is available about them on the Internet, and 88 percent would like a say in how their data is used and shared online. The best solution is to leave no or very little personal data behind This can already be achieved with relatively simple means. Users surfing openly without protection on the Internet understandably leave the widest data trail. Although complete anonymity is very difficult to achieve and even perhaps excessive for the average user, a few simple precautions can leave far less data behind online. One important form of protection is a virtual private network. If a VPN is used to access services that do not require registration, the user’s identity can remain hidden. Even if a user has registered their Internet account in their own name, at least the route from their device to the end of the VPN tunnel is encrypted and hidden from the ISP.

It seems that Internet-savvy users are taking notice of the benefits of VPNs for daily surfing and online shopping. Netflix has been trying to block users from accessing its streaming service by VPN for some time. Whether this is acceptable in its terms and conditions is uncertain, however since the decision was made the streaming provider has reported significantly lower numbers of new customers. Commercial VPNs are also not a cure-all for data security as the VPN operator is aware of the user’s identity and may reveal this at the request of government agencies. Nevertheless, data profiling can be limited by using a commercial VPN provider.

Of course it would be nicer if companies were not so greedy in harvesting personal data, or would at least make their practices more transparent by informing the user which data are being tracked. Reality seems to be a different story as new data privacy incidents in which extensive records of customers have emerged on the black market happen regularly. Yahoo is just the latest example. Efforts that buck this trend should therefore be given due attention. For example, Deutsche Telekom wants to summarize its privacy policy on a single page in future. It is also working on a solution that allows customers to see what information DeutscheTelekom stores about them and how this data is used. But the 21st century business model – services for data− continues to be valid. If people want to get control back over their data, they need to help themselves.