Information Overload

by Lorrie Faith Cranor
Aside from many complaints about unwanted junk mail and a few problems with Web sites that tempt kids to disclose personal information that can be used to target them for marketing campaigns, there have been few allegations to date of actual online privacy violations. This may be because many online data collectors actually do have policies and procedures in place to protect privacy. However, I suspect that part of the reason online privacy problems have been so rare is that most of the organizations that have collected vast amounts of data online do not have the resources to sort through it all. They save this data in case they need it later, but the data collectors have little or no idea what they will do with it or how they will process it -- the information just seems too valuable to throw away.

As better tools are developed for processing huge quantities of data, and as better data-mining applications come to the market, chances are that new businesses will be built around data mining and people will start finding uses for all the data they have been stashing away. And even if the organization that owns the data doesn't make use of it, the data may be subpoenaed in lawsuits or accessed in unauthorized ways by employees or hackers.

Although much of the information being collected online appears to be going unused, some of it is being used actively, often to the benefit of the individual to whom it pertains. Individuals frequently reveal personal information to gain benefits such as home delivery of products, customized services, and the ability to buy items on credit. I enjoy the convenience of ordering books online; with just a few clicks of the mouse they can be billed to my credit card and delivered to my door. But I often wonder whether online stores are using my information for purposes other than processing my order. Which leads me to what I think is the root of the privacy problem: >Consumers have little knowledge about or control over the use of their personal information. This problem is exacerbated on the Internet due to the ease with which information can be collected, processed and combined with other information.

Although commercial Web sites are evolving toward more privacy-friendly practices, many still collect information without providing any explanation about what they will do with it. When people find out that their data might be used in ways they didn't expect, or that information they did not know about is being silently collected, they get worried. There is nothing inherently evil about HTTP cookies, although they can potentially be used in undesirable ways. But most people don't understand what cookies are used for, and most Web sites that use them fail to provide any explanatory information.

In a recent article about online privacy, Esther Dyson summed up the problem: "The biggest challenge right now is ignorance: People aren't worried enough, and are careless. Other people are worried too much, and are paranoid. No one knows what is known and what isn't. It's the one-way mirror effect that makes people so uneasy".

Personal Comment: Commercial web's developer should clearly explain the purpose of collect information from user to make sure user understand why they should provide the particular information to the website.Under Personal Data Protection Act 2010, Principle 2:Purposes of Collection of Personal Data, Personal data shall be held only for one or more specified and lawful purposes (necessary for that purpose, adequate and relevant and not excessive).