We have more privacy controls yet less privacy than ever

6 days ago

ShareSave

Zoe KleinmanTechnology editor

ShareSave

Getty Images

Do we simply have to accept giving away our data in return for free online services?

“In 2026 online privacy is a luxury, not a right,” says Thomas Bunting, an analyst at the UK innovation think tank Nesta.

He was talking about advertising, and he described a dystopian potential future in which the smart fridges in our kitchens could share information about their owners’ dietary choices with health insurers.

It’s not an inevitable reality but for some it is a very scary thought.

However Thomas, who is 25, says he doesn’t believe he ever actually had any online privacy in the first place.

Instead, he says: “We’ve been taught how to deal with it.”

By that he means understanding privacy controls, and accepting the use of his data as currency in return for services like social media.

He recalls at the age of around 15, his teacher asking the class who believed privacy was an important principle to protect. “Not one person put their hand up,” he says.

“When I chat to people now who are coming off social media they say it’s because of screentime, or they’re worried about addiction – privacy never comes up.”

Thomas Bunting

Thomas Bunting thinks young adults like him have never had online privacy

Experiences like this trouble veteran advocates for online privacy, like cybersecurity expert Prof Alan Woodward from Surrey University.

“People should care about online privacy because it shapes who has power over their lives,” he says. “When I hear people say they don’t care about it, I ask why they have curtains in their bedrooms.”

Woodward argues that while caring about privacy is often framed as “having something to hide”, it is in his view “about having something to protect: freedom of thought, experimentation, dissent and personal development without permanent surveillance”.

What are VPNs and are they legal?

Google told to pay $425m in privacy lawsuit

I’m reminded of a young influencer I had dinner with once, who told me that many of her friends don’t dance when they go to clubs because they are afraid of someone filming it and using the footage to shame them.

“When people assume they are constantly tracked, they self-censor,” says Woodward. He argues that this goes much deeper than dancing - that it harms free speech, which in turn weakens democracy.

Way back in 1999, Scott McNealy, who co-founded US computer firm Sun Microsystems, famously told a group of analysts and reporters: “You have zero privacy anyway. Get over it.”

Was he right?

The tech sector has a long history of breaking through privacy boundaries, but it has also created the fences meant to protect us. Firms have churned out hundreds, if not thousands, of online privacy tools and settings, launched with the apparent aim to help us secure our human right to privacy, in our digital lives.

They include private web browsers, encrypted messaging apps, password managers, tracker blockers and Virtual Private Networks.

Yet according to the data analysis firm Statista, in 2024 more than 1.35 billion people were affected by data compromised through a breach, hack or exposure - that’s around one in eight on the planet.

Alan Woodward

Prof Alan Woodward says people should care more about their online privacy

Spend any time with the cybersecurity community and you will almost certainly hear someone tell you we may have more privacy controls than ever, but we also have less privacy.

There is an ocean of privacy-focused regulation: around 160 countries have their own privacy laws, according to the tech firm Cisco. It is for this reason that in the UK and Europe you have to choose to accept cookies whenever you visit a website, little programmes which gather bits of information about you.

The permission pop-up is ever-present. “Yes, you can have my damn cookie! should be a browser setting,” Elon Musk once posted on X in apparent frustration at having to click “yes” all the time.

Many people’s annoyance at having to accept cookies when they visit a new website is an illustration of what is sometimes called the “privacy paradox”. This is the seeming inconsistency between someone’s stated high level of concern for their data privacy and their actual behaviour online.

Cisco’s 2024 Consumer Privacy Survey, the most recent to date, found that while 89% of those surveyed said they cared about their data privacy, only 38% were what it termed “privacy active”. The latter were the people who had taken action to protect their data or chosen to shop elsewhere if they didn’t like a firm’s policies.

And if you do read the small print before you agree to privacy settings - which 56% of Americans don’t, according to one 2023 study - some websites are asking to share information about your visit.

They can do this with hundreds, sometimes thousands of “partners”, also known as other vendors.

Critics argue that this policy clearly isn’t working, if the terms and conditions are unreadable, and cookie choices are an irritation rather than a valued defence.

Dr Carissa Veliz, author of Privacy is Power, argues that “we need regulators to do a better job” at both framing the right laws and also enforcing them.

Meta, which owns Instagram, WhatsApp and Facebook among others, offers account users a “privacy check up” designed for users to check their settings. But in order to not receive targeted advertising based on what the company learns about you from your activity, you have to pay a subscription.

Apple says privacy is at the heart of all its products: but they too have a premium price tag.

Following its sale in the US, TikTok updated its terms for American users last month, and has increased the amount of data the platform gathers there. Users can choose to opt out of some of it, such as precise location sharing, although this can also be established via the device itself.

Getty Images

How many of us just always click “accept”?

Veliz says that people haven’t turned their backs on privacy; but they can feel helpless about it.

“Mostly, people don’t feel like they have control,” she says.

“It’s partly because we are being surveyed in ways that are beyond our control, and also partly because tech companies have an interest in selling us this narrative that it’s too late.”

But she doesn’t think all lost.

Veliz says a “multi-pronged approach” towards privacy is required, from regulators, from tech companies, and from people voting with their feet and choosing to use companies which collect less data about them. And that may require a bit of culture change.

Veliz has chosen to communicate with me via Signal, a secure messaging app that collects far less data on its users than its much larger rival WhatsApp. Around 70 million people use Signal every month, while WhatsApp averages three billion.

“That goes back to culture,” she says. “It’s about having [access to] the right tech, but also using it.”

Social media

World of Business

Internet privacy

Social media regulation debate

Internet

Privacy

International business