The Supreme Court says our right to privacy is enshrined in the Constitution, yet in today’s electronic age the right to be left alone is swiftly disappearing.
You and your smartphone, computer and tablets are letting that happen whenever you quickly click on that pop-up user agreement required to access a website, app, social media or video service.
Many of these apps and sites track your location when you ask for directions to a destination, search for nearby stores, connect with friends, or even check the location of your children. Approaching storm alerts must first know your location.
But these apps track much more than that, and, in the process, smartphone users cede, often unknowingly, much of their private information to companies seeking to profit on that knowledge.
Many smartphone apps are all-seeing, all-knowing
You create personal data each time you use your computer, your phone, perform online searches, send an email, buy something online, post on social media or register on websites.
“The Internet never forgets all that data we freely give away. But once you give it up you can never get it back,” said Dr. Jon Padfield, assistant professor of management at IUPUC, a joint educational institution formed by Indiana and Purdue universities.
Padfield, speaking during an IUPUC Timely Topics seminar, says you should not just shrug and think giving up personal data doesn’t affect you.
Padfield, who pays more than $100 a year to a company that finds and erases his personal information from data aggregating websites, became a victim of identity theft when his accountant was hacked. Someone used his data to file a fraudulent tax return with the IRS in an attempt to get a refund.
He stresses that no data repository is safe, pointing to the theft of personal information of 41 million consumers at Target, 147 million Equifax consumers, 500 million Marriott customers, and 3 billion Yahoo user accounts.
“Even the National Security Agency has been hacked by shadow brokers,” he said.
But hacking is far from the only problem. Personal information collected when you use mobile apps or buy products online is constantly sold and used.
“Potential employers can find out how much you drink on weekends. Insurance companies use your data to decide how much to charge in premiums. Banks search your information when making loans,” Padfield said.
Some 2.5 quintillion (that’s 18 zeros!) bytes of data are produced daily by electronic device users, according to Dr. Kevin Jones, IUPUC associate professor of management who also spoke at the seminar.
“You can’t go through daily life without being tracked … (your data) is held in the cloud, on servers, hard drives, flash drives, the dark web … if you touch the Internet, they touch you,” Jones said.
Food delivery app businesses growing exponentially
Food delivery apps have become increasingly popular during the pandemic shutdown. These apps use mapping functions embedded in all smart phones and have access to other information on our phones as well.
Even before the coronavirus, nearly 58 percent of U.S. restaurant deliveries in 2019 were requested by people who used mobile food delivery apps, according to CBRE research. Many apps share customer’s data with third-party delivery services.
DoorDash, GrubHub, Uber Eats, Postmates, Instacart and Drizly are just a few of the most popular food delivery apps. In 2019, DoorDash’s market value reached more than $12 billion, followed by GrubHub at $6.3 billion. Yahoo Finance reported Uber’s food delivery service grew 113 percent during the same period.
“Our delivery business alone is now as big as our rides business was when I joined the company in 2017,” said Uber CEO Dara Khosrowshahi in an interview with The Food Institute. “We’ve essentially built a second Uber in under three years.”
According to NPD Group research, restaurant digital orders have grown 23 percent worldwide since 2013 and will triple this year. Sixty percent of these online orders are done through smart phone apps.
In North America, the online food delivery market is valued at a whopping $18.8 billion and is expected to grow to $37.7 billion by 2024, according to ResearchAndMarkets.com.
Worldwide, that market reached $107.4 billion in 2019 and is expected to grow to $182.3 billion by 2024.
More than 50 percent of food delivery users are between the ages of 18 and 34, according to a 2019 Statista Global Consumer Survey report.
And as the coronavirus increasingly restricted much of our personal lives, many people, fearful of mingling with crowds, use mobile apps to shop for groceries, medicine and even wine and beer.
So what does this growth of mobile delivery app usage mean for our privacy?
Legislatures and the courts attempt to protect privacy
The Fourth Amendment states “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated…”
However, this right to privacy does not apply when we willingly give up access and information. In 1979, the Court upheld a lower court ruling that people have no right to an expectation of privacy when they utilize services based outside the home – in this case a telephone company’s lines and equipment.
That ruling also applies to the information we give up daily when using our smartphones and computers to access the internet or use mobile applications.
Recently, states have begun enacting new laws to extend privacy protections to our personal electronic data. In 2018, Vermont required data brokers to inform individuals about the data they are collecting and to allow individuals to deny such collections.
In 2019, dozens of states considered more than 100 bills related to privacy and restricting online data collection. Here are just a few that passed:
- In 2019, a new California law went into effect that requires data brokers to register with the state.
- An Illinois law bars genetic testing companies from sharing their data without a consumer’s written consent.
- A similar Maine law requires specific consumer consent before any internet provider can use, disclose or sell consumer data, while barring service refusal if such consent is not given.
- A Louisiana task force is investigating the effect of the sale of consumer information by internet service providers, social media companies and search engines.
This year, California is considering a bill that would require data brokers to seek permission from restaurants before offering delivery services. However, such agreements would also allow restaurants to receive customer information from those brokers.
According to the non-profit Electronic Frontier Foundation, “New technologies are radically advancing our freedoms, but they are also enabling unparalleled invasions of privacy. … Your cell phone helps you keep in touch with friends and family, but it also makes it easier for the government to track your location.”
In 2014, the EFF campaigned against Verizon’s tracking of its customer’s activities on non-Verizon websites through “supercookies” that remained on devices even when device users tried to block such tracking activities.
Two years later, the Federal Communications Commission and Verizon reached an agreement that forced Verizon to obtain user consent before initiating such tracking.
In January, The Washington Post reported that Facebook agreed to a $550 million settlement in a class-action lawsuit that alleged the company had violated Illinois law in collecting data for its facial-recognition tools.
A proposed $5 billion class-action lawsuit filed in June against Google in California alleges the company secretly collected information about users’ online browsing history, violating the U.S. Constitution’s Fourth Amendment, the federal Wiretap Act, the California Invasion of Privacy Act, and the “privacy rights of hundreds of millions of Americans.”
“Google’s intentional intrusion into their internet communications and their computing devices and web-browsers was highly offensive to a reasonable person in that they violated federal and state criminal and civil laws designed to protect individual privacy and against theft,” according to the lawsuit.
This data collection enabled Google to learn about users’ hobbies, favorite foods, shopping habits, friends identities, as well as the “most intimate and potentially embarrassing things” revealed by online searches, according to the lawsuit.
The privacy issue also extends beyond U.S. borders. Canada-based Tim Hortons faces a class-action lawsuit in Quebec over allegations that it is sharing user location information with a third party. According to a Financial Post article, Radar Labs,, an American company used location data to determine where consumers live and work and logged a person’s visits to Tim Horton competitors.
A number of federal lawsuits against China’s TikTok app over the past year have been merged and may become a class-action. The suits claim the controversial company collects facial recognition, location and contact information on Americans and stores on Chinese servers.
What you can do to protect your personal information
The good news is that there is a lot you can do. The bad news is that none of these efforts are a permanent fix.
If you have an iPhone, Apple’s latest software update visually will notify you when one of your apps attempts to access your phone’s camera, microphone, clipboard, or other data. The update also allows users to limit others’ access to your entire photo portfolio when sharing a photo.
The Android 10 operating system has reorganized and expanded its settings to allow users to decide which apps can access your location and opt out of targeted advertising, choose the types of data that is stored on your mobile phone.
Padfield and Jones urge you to constantly update your mobile phone and computer operating system and application software to ensure your devices have the latest protections against hackers, to frequently change your passwords, to encrypt your data, to use ad blockers, to engage your device’s privacy settings, and to read those end user agreements.
“You need to understand what you are giving up and resist where it is possible,” Jones said.
Padfield stresses that you should be careful what information you share on social media, warning that applications often can capture information you have copied to your clipboard. You should also regularly clear your browser cache and history, and unplug your devices when you are not using them, he says.
Both Padfield and Jones also suggest you consider purchasing a privacy service that will remove your personal information from data aggregator sites and access the internet through a VPN (virtual private network) that can obscure your personal information.
“We always have this push and pull of free enterprise … but contact tracing apps send a chill down my spine,” Jones said.