When Web surfers sign up for a new online service or download a Web application for their smartphone or tablet, the service typically requires them to click a seemingly innocuous box and accept the company’s terms of service and privacy policy.
But agreeing to terms without reading them beforehand can adversely affect a user’s legal rights, says a new paper by a University of Illinois expert in technology and legal issues.
Law professor Jay P. Kesan says the current “non-negotiable approach” to user privacy is in need of serious revision, especially with the increased popularity of Web-based software that shares information through cloud computing.
In a recently published paper in the Washington and Lee Law Review, Kesan and co-authors Carol M. Hayes, a research associate in the College of Law, and Masooda N. Bashir, the assistant director of the Social Trust Initiatives at the U. of I.’s Information Trust Institute, propose creating a legal framework that would require companies to provide baseline protections for personal information while also taking steps to enhance users’ control over their own data.
“Our goal with this piece is to raise awareness of the privacy of online information, which is something that people seem to care about a lot more once they actually know what companies are doing with their personal information and data,” said Kesan, the H. Ross & Helen Workman Research Scholar in the College of Law.
With so many of our daily activities now taking place “in the cloud,” Kesan cautions it’s still perfectly acceptable for users to give away personal information to online services – so long as they’re comfortable with allowing companies to snoop, aggregate and data mine their online habits.
“If you think it’s a fair trade to receive an email service in exchange for letting a company track what Web pages you visit and show you relevant advertisements, by all means, you should continue to do so,” Kesan said. “But there are always security risks involved when information is stored, electronically or not. Users must weigh the advantages and disadvantages of the available options.”
In the article, the scholars analyzed and categorized terms-of-service agreements and privacy policies of several major cloud-based services to assess the state of user privacy. Their analysis shows that providers all take similar approaches to user privacy, in that providers were consistently more detailed when describing the user’s obligations to the provider than when describing the provider’s obligations to the user.
“It’s the provider who sets the terms, knows the terms inside and out, and ultimately benefits from the terms,” Kesan said. “But because these obligations are usually in the form of an ‘adhesion contract,’ and only one party has bargaining power, the consumer does not have the ability to counter with new terms, ones that could increase their benefits.”
In the article, the authors describe personal information as being akin to online currency.
“You’re essentially bartering with a lot of these online service providers,” Kesan said. “You give them access to your information, and they aggregate this information to create a profile of you as a consumer. Most of these companies do not outright sell your information unless you tell them that it’s OK to do so. But by giving them your information in exchange for the service, you have essentially engaged in bartering. And what we want is for people to recognize that this is a business exchange.”
And while the user gives the service what they want, the service also imposes additional terms that the user probably doesn’t read.
“So not only are these one-sided agreements that are designed to benefit the provider of the service, the consumer who clicks ‘I agree’ also is woefully under-informed about what it is that they just agreed to,” Kesan said.
“It’s very difficult to weigh the advantages and disadvantages and then make an informed decision, if you don’t know what’s actually going on. All of this additional information means that their advertising space is more valuable. But when consumers are not informed, they’re bartering their goods in exchange for one identified item and one box with unknown contents.”
That asymmetry, combined with these terms’ non-negotiable nature, led the authors to conclude that there’s a real need for “data control” in the cloud, Kesan said.
According to the authors, they define data control as consisting of two parts: data withdrawal, which is the ability to withdraw data and require a service provider to stop using or storing the user’s information; and data mobility, which is the ability to move data to a new location without being locked into a particular provider.
The Latest Bing News on:
Cloud privacy
- Does AI increase cloud computing risks?on May 9, 2024 at 12:26 pm
What if one of these providers has an outage? What if hackers get in? What stops the cloud giants from arbitrarily raising prices? Are these vendors meeting data privacy regulations properly? And are ...
- Navigating the Future of Cloud Computing with Don Delvy's Vision for a Sustainable and Ethical Digital Ageon May 7, 2024 at 9:39 pm
As the digital age accelerates, privacy concerns and sustainability have become as critical as the technologies driving them. At the forefront of this conversation is Don Delvy, an inventor and ...
- Cloud Mining Simplified with MAR Mining’s Approach to Cryptocurrency Wealthon May 7, 2024 at 5:46 am
Cloud mining is a pivotal innovation in the crypto world. This technology allows individuals to mine cryptocurrencies without bearing the complexities of traditional methods. Investors earn passive ...
- BigID launches new hybrid scanning technology for enhance cloud data managementon May 6, 2024 at 9:00 am
The new BigID dual, or “hybrid,” scanning technology combines side-scanning and direct scanning techniques to discover, manage and protect cloud data with speed, efficiency and flexibility, according ...
- How Cloud Providers Can Foster Security, Trust And Collaborationon May 6, 2024 at 5:30 am
• Launch and maintain a trust page on your company website that lists values and security principles to drive transparency. • Research geographical security and compliance requirements and develop ...
- Save $130 on 500GB of flexible cloud storageon May 5, 2024 at 1:07 am
Take care of your cloud storage needs with a one-time payment. Right now, you can get 500GB of Amaryllo cloud storage for 51% off $249 at just $119.99.
- Private AI launches Cloud API to streamline data privacyon May 2, 2024 at 8:32 am
Private AI, a leading provider of data privacy solutions, has introduced a Cloud API for its cutting-edge PII detection, redaction, and data minimization solution. Private AI’s AI-powered solution is ...
- Revolutionizing Cloud Infrastructure for Financial Institutionson May 1, 2024 at 9:23 am
In the financial sector, one of the most transformative trends has been the rise of cloud computing. This technological leap is not just about storing data or running applications off-site; it’s about ...
- How Cloud-Based AI Infrastructure is Shaping Tomorrow’s Businesseson April 30, 2024 at 9:31 am
Powerful graphics processing units (GPUs) are crucial for building, training, and deploying LLMs. Traditional central processing unit (CPU)-based systems alone cannot meet the sheer computational ...
- Best cloud storage of 2024on April 29, 2024 at 2:46 am
However, you might have reservations about opting for a Big Tech company's cloud offering. That could be down to data privacy concerns, not wanting to put all of your eggs in one basket ...
The Latest Google Headlines on:
Cloud privacy
[google_news title=”” keyword=”cloud privacy” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
The Latest Bing News on:
User privacy
- Supply-side provider Colossus accused of misrepresenting user IDs in ad auctionson May 10, 2024 at 4:13 am
New findings published by Adalytics suggest that Colossus stood out in a field of 16 SSPs for consistently declaring user IDs in ad exchanges that did not match actual IDs.
- EXPLAINER: USER PRIVACY Vs NATIONAL SECURITYon May 10, 2024 at 1:55 am
According to Rizvi, it is not a matter of cost but privacy, security principles, and technological feasibility, with the likes of Apple, WhatsApp, and Signal framing policies emphasising user privacy ...
- Samsung Issues Critical Update For Millions Of Galaxy Userson May 10, 2024 at 12:56 am
Samsung has just released an update for its flagship devices—this includes two ‘critical’ security fixes, one of which is late and should be installed urgently.... 5/10 update below; article ...
- Reddit's new policy bans companies from mining its valuable user dataon May 9, 2024 at 8:03 pm
Reddit bans AI firms from scraping its data for free, and demands licensing agreements for access. Google was the first major tech company to sign a $60 million data license agreement with Reddit.
- ChatGPT got a big privacy upgrade – here’s what’s newon May 9, 2024 at 5:52 pm
Fast-forward to late April 2024, and OpenAI made a big upgrade to ChatGPT privacy that we all nearly missed. The company now gives users the feature I always wanted. I can keep my chat history and ...
- Why Reddit's new content policy is a big win for your privacyon May 9, 2024 at 12:59 pm
Reddit will continue to sell user data, but it's enacting restrictions on companies that want to commercialize that data for free. Here's what's changing.
- Large-language models demand huge amounts of data. Lawmakers want to know what that means for user privacyon May 9, 2024 at 12:24 pm
A bipartisan effort is underway in the House and Senate to pass national data privacy standards, but Sen. John Hickenlooper, D-Colo., and others are concerned that companies are pushing back on data ...
- IPVanish Review 2024: Great for Beginners, But Privacy-Critical Users Should Avoidon May 9, 2024 at 6:15 am
IPVanish has made a few small strides since my previous review, but I’m hopeful for its planned improvements in 2024.
- Building Ethical AI: How To Take A User-Centered Approachon May 8, 2024 at 7:16 am
However, AI can come with serious drawbacks—including biases and user privacy concerns—if teams don’t follow responsible development practices. It’s crucial for tech companies to prioritize user ...
- User Agents Or Double Agents?; Agencies, The Agents Of Arbitrageon May 7, 2024 at 9:03 pm
That notion of a user agent is a “holdover from a more civilized age,” when technology was developed to serve individual users and customers.
The Latest Google Headlines on:
User privacy
[google_news title=”” keyword=”user privacy” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]