To protect user privacy online, governments need to reconsider their use of opt-in policies
Consumers are not too happy with these requests and some even look for ways to avoid them.
- Consumers are not too happy with these requests and some even look for ways to avoid them.
- These pop-ups are in response to recent data protection and privacy regulations, such as the European Union’s General Data Protection Regulation and California’s Consumer Privacy Act.
Commodification of user data
- Almost every website — both for-profit and not-for-profit — commodifies user data.
- Within the first three seconds of opening a web page, over 80 third parties on average have accessed your information.
- The usage of user data by third parties can be helpful, as it is an easy way for companies to earn money and it can easily connect consumers to any resources they are looking for.
The impact of privacy policies
- Previously, we analyzed the privacy implications of website monetization strategies and the prediction of website trustworthiness by observing their third-party usage.
- Recently, our focus has shifted to studying the impact of data regulation on consumers and websites to understand the impact of new privacy policies.
- We collected third-party utilization of the most popular 100,000 websites globally when California’s Consumer Privacy Act (CCPA) went into effect.
Learning from past mistakes
- In Canada, where privacy regulation is not yet finalized, there is an opportunity to learn from the mistakes of other regulators.
- As our research has found, opt-in policies are counterproductive in addressing third-party data-sharing concerns and can harm competition.
- Instead, we recommend using a mix of policies that are used in a more precise manner, rather than the currently preferred one-size-fits-all policies.
- Hooman Hidaji receives funding from the Social Sciences and Humanities Research Council of Canada.
- Ram Gopal receives funding from The Gillmore Centre for Financial Technology at the Warwick Business School.