With more people becoming wary of how big tech companies may be handling our data, concern over privacy online is understandably growing more widespread. However, are online habits reflecting the concern that so many of us have about where our data is being held, and what kind of data we are handing over?
Economist Michael Strain believes that if we are so concerned about our privacy online, then we need to prove it. Are we really so worried about our online data that we are changing how we do things online, and change what kind of information we hand out? According to one study at MIT, maybe not.
As part of an experimental study, economists Susan Athey, Christian Catalini and Catherine Tucker looked into the mismatch between stated preferences about privacy and actual privacy-related behavior among undergraduate students at the Massachusetts Institute of Technology. Students were asked to provide the email addresses of their friends to the researchers. To entice them to do so, some were offered free pizza.
The researchers were interested in whether the students would protect the privacy of their friends by handing over invalid email addresses. (The economists were able to verify whether the addresses were valid.) It turns out that if you offer the students free pizza, the likelihood that they will protect the privacy of their friends is cut in half.
The results were largely the same for students who reported both high and low levels of concern about their privacy online. So what's amiss here?
It seems that small factors like even free pizza are enough to get some people to give up not just their own information, but someone else's. That also appears to be translating in users' behavior online, especially with Facebook.
Indeed, despite all the headlines about Facebook’s use of individual data in recent weeks, the company reports that users haven’t been making significant changes to their privacy settings. Speaking last month in London shortly after Facebook CEO Mark Zuckerberg testified before Congress, a vice president with the company, Carolyn Everson, reported “not anticipating major changes to our overall revenue and business model.”
Strain believes this could be because we don't believe there is a lot of sensitive information on our Facebook or Twitter accounts. He received a notification that some employees at Twitter may have been able to see account passwords, but he didn't change his password because he does not believe it to be worth his time.
On the other hand, email accounts may be a place where there is a lot of sensitive information. Strain even has two-factor authentication for every time he logs on to his Gmail as an added layer of security. Only 10% of Gmail users have this enabled (do you?).
Strain concludes by stating that if we care about our information, we will alter our online habits to better protect what we have online (things like two-factor authentication). We can also know not to put certain sensitive information, like our bank account numbers, on social media sites, but even by using Google so search for a product, we are creating information that private companies can use to market to us.
Ultimately, it's up to us to make the choices that will really help protect our data. But there's a tradeoff to be made: convenience for privacy. Which do we prioritize?