No information is private online — the phrase is hardly news to anybody who actively uses the Web for work, play and in between. Here's a CNN headline dating back to 2013 that minces no words: "Online privacy is dead."
That particular CNN article focused on the revelations about the scope of Web data available to the federal government. The ensuing pushback still ripples out as privacy advocates and many tech companies try to rein in government access to what Americans say and do online.
This week the American Civil Liberties Union and others marked a big victory when California Gov. Jerry Brown signed into law the most stringent digital privacy protections in the country, raising the hurdle for law enforcement and other officials who want to access private digital data.
But consider that news in the context of a few other stories developing this week.
Data has long been a prized commodity and its value is only increasing, driving in many cases the competitiveness of a given company. This week's events offer an interesting contrast of government versus corporate use of data.
"The concerns that individuals have raised, and rightly so, are not necessarily about the companies, even big companies that collect a lot of data, but about when their data ends in the places they didn't anticipate, and particularly in the hands of the government," says Nuala O'Connor, president and CEO of the Center for Democracy & Technology.
"Only your government can deprive you of life or liberty," she says.
That's not to say that people take corporate sleuthing lightly. A Pew study earlier this year recorded very strong views held by Americans about the importance of the ability to maintain their privacy and confidentiality. But do Uber's plans for its data use give you pause before signing up for the car service? What about Facebook? Would you give a life insurance company access to some health information in exchange for financial rewards? What if it was Adidas and a 3-D-printed running shoe? What if it's an app that "everyone" is using?
For nearly a decade now, researchers have tracked this concept known as the "privacy paradox. At its heart is the fact that Web users routinely say that privacy is a big and serious concern, but then don't actually behave accordingly.
"There's a bit of a disconnect between what people say and what they do," says Ryan Calo, a law professor at the University of Washington who has studied digital market manipulation. He says the paradox is complex and theories that explain it vary. "Maybe they don't really care? Maybe they just don't know?" Calo adds.
A 2014 study by EMC Corp. offers a new angle. The "Privacy Index" survey measured consumers' willingness to trade privacy for greater convenience in 15 countries — but also through the prism of the different "personae" users take on when the go online: citizen, consumer, employee, financial, medical and social. Each had a different level of privacy and trust expectations. But overall, the study reaffirmed the privacy paradox nonetheless.
O'Connor says people are becoming more sophisticated; they challenge companies and know when things go too far, like the recent controversy over the proposed Peeple app that wanted to let people review each other.
To Calo, corporate data use presents clear threats: "In a marketplace, there's cooperation and there's definitely an effort to compete by giving people what they want. But there's also the prospect of extracting as much rent as you can." But ultimately, he said Web users' primary concern comes down to this: "People are worried about getting taken advantage of."