All of us have encountered the annoying process of agreeing to contract terms on websites. We do it almost automatically, whether using apps, products, or social networks. But what are we actually agreeing on? That is what we will be diving into today – the terms and conditions, as well as user privacy.
Social networks collect all kinds of information about us. That is a pretty well-known fact. They know our gender, age, interests, location, or who our closest friends are - this is just a fraction of the information they collect about us. They may know more about us than our family, friends, or even ourselves. Austrian student Max Schrems has requested Facebook to send him everything the network has collected about him since he started using it. He received a 1200-page document. In this document, there was recorded every like, every conversation, every comment, and much more. No doubt, there is a book about every Facebook user, not to mention the fact that this social network has a "book" right in its name.
It is more like a barter trade. We use social networks for "free", and in return, they gather all sorts of information about us. So, the word "free" is better used in quotation marks as we are essentially paying with our data.
Social networks primarily use our data to enhance their content for us and to assist advertisers in creating targeted ads to capture our attention. Yet, there are more creative ways social networks can utilize our data, as demonstrated in the 2018 Cambridge Analytica case.
The company obtained user data via a quiz, which Facebook had allowed at the time. Cambridge Analytica subsequently utilized this data to sway the election. How did this happen? With only basic information about an individual, predicting their behavior in various situations is challenging. However, when armed with hundreds or even thousands of such data points, predicting behavior becomes considerably more feasible. Consequently, they crafted and disseminated tailored advertising messages to potential voters during the political campaign.
One of the most widely discussed cases of data abuse at present revolves around the social network TikTok, with the additional challenge posed by Chinese legal regulations. You can find further information on this topic in our warning "TikTok application - installation and use warning for users of IT at MU".
Besides social networks, other companies, including supermarkets, are also interested in our data. Many supermarkets have switched from physical customer cards to mobile apps. So now, along with social network apps, we have apps from stores like Lidl, Tesco, and others on our phones.
The problem is that when a user grants such an app permission, it starts collecting data on their shopping habits. Sadly, there is no guarantee that this data will not be sold to search engines and advertising agencies. As a result, you might start seeing Lidl products on your social media and the internet, even if you have not shopped at Lidl for a while.
If you are curious about the information companies, collect about you and what you are giving consent to, check the Clario website.
We use these applications to enjoy various benefits. After all, who would not want to collect points and receive discounts on their purchases? Nonetheless, the issue lies in the fact that only those customers willing to share their data receive discounts on specific products. This raises the question of just how voluntary this data sharing really is...
Would you like to save a few crowns on cucumbers, yogurt, or sausages? Just accept the app's terms and conditions, provide your data, and the discount is yours.
FaceApp worked similarly to Bairbie.me. For example, by altering photos to make people appear older.
It gained significant popularity in 2019, resulting in the widespread sharing of these transformed images on social media. However, similar to Bairbie.me, users were required to grant the app access to their phone's data and upload their photos.
Suspicions have arisen that the data collected by the app may have been utilized to train artificial intelligence algorithms designed for facial recognition and analyze connections among contacts in the user's phone. This potential issue becomes especially concerning in regions with authoritarian governments that possess the means to closely surveil their citizens.
However, danger can sometimes lurk where we least expect it. You might recall the Barbie movie and the emerging trends on social media. Nowadays, sharing images of what ourselves or our friends would look like as Barbie or Ken, is pretty trendy. This new trend is made possible by the platform Bairbie.me. All it takes is to upload a photo and enter your email, and artificial intelligence quickly generates an image that looks like it belongs in a movie.
Do you have any idea what the issue is? When you use this or a similar app, the company behind it obtains your photo and email address. Those are valuable assets that can be monetized very well. Furthermore, some of these apps, particularly on your mobile phone, may request access to your camera, payment history, GPS location history, and other sensitive information about your life.
Some of you may have noticed the problem already. When you read the terms and conditions, usually in tiny font, it often says they can use your photo however they want, and you will not get paid for it.
The Barbie.me website also failed to meet the data protection requirements outlined in the General Data Protection Regulation (GDPR) set by the European Parliament and the Council. Lastly, it did not explicitly guarantee protection against viruses or malicious malware that could harm your device.
In today's digital age, we encounter new opportunities, which, among other things, are closely linked to the pressing concerns about the protection of our personal data. While many of us recognize the value of privacy and data, we often find ourselves automatically agreeing to terms and conditions without fully contemplating the implications. However, prioritizing personal privacy and security should remain our top priority.
Our concluding advice is not to rush into deleting your social networks and supermarket apps. Instead, we would like to emphasize the significance of carefully considering the apps and social networks you use, the content you share, the permissions you grant, and whether the ultimate outcome aligns with your priorities.
The Cybersecurity Team of Masaryk University found a higher threat of phishing attacks, which aim to trick and manipulate users into behaving as the attacker demands. Therefore, we urge all Masaryk University users to be vigilant and cautious.
Masaryk University's cyber security team warns against repeated phishing attacks using fictitious senders to send malware files.
