Data protection: don’t give everything away!
In the space of just a few years, complete transparency in online services has become an expectation, to the extent that personal data protection has become a real social issue. Although there are positives to sharing our information, we must not give out our personal details blindly. When it comes to privacy protection, the quest for simplicity, and private interests, it is important to make well-informed decisions.
Taking services digital has given consumers unprecedented access to online shopping. This is particularly true of payment service digitisation, thanks to efforts made by banks to improve their clients’ shopping experience. It’s easy to check out in just a few clicks and it has never been easier or quicker to make online payments. Consumers can check their recent transactions and the state of their accounts wherever they are and whenever they like.
There is an unavoidable caveat to all this however: to ensure the service runs quickly and smoothly, consumers must agree to provide their personal and financial details in advance. There is nothing unusual about your bank having this information, but should numerous other private organisations also be asking for it?
In the age of Big Data, when data is bought and sold for astronomical sums, knowing who has access to our personal details and why they are being processed, and even stored, is paramount. With new financial challenges also come new types of fraud. These types of fraud can be complicated at times, and even involve digital identity theft. You can protect yourself, however, by resisting the urge to bare all in exchange for a few, often token perks.
When the urge to share is too great
There is a legal framework in place in Europe to help users better control their data and data processing: the General Data Protection Regulation (GDPR). Thanks to this regulation, consumers are regularly asked to agree to or reject the use of their personal data when they interact with retail websites in ways other than actually making purchases. Despite that, many consumers do not protect themselves as well as they could in case it negatively impacts their user experience, or simply through a lack of understanding of the matter and the possible alternatives.
Most of us therefore face an endless dilemma. On the one hand, we of course want to protect our data. On the other, we are unsure whether refusing access to our data will make our future shopping experience more difficult. We are all for protection, but not at the expense of our shopping experience.
Behavioural economics tell us that we like ease and prefer the status quo, simplicity and speed. This is particularly true when it comes to shopping, which must above all give us an immediate sense of satisfaction. Rather than taking the time to think about the personal data we are sharing and how it will be used, our default reaction is most often to tick every box we come across.
Most consumers are incapable of assessing the value of their personal data.
How do you react when asked for consent to share your data in order to receive information from a retail website you regularly visit or to facilitate paying in future? A number of studies and experiments have shown that most of us click on the oh-so familiar “I agree” box, which is often displayed as the first choice. Worse yet, most consumers are incapable of assessing the value of their personal data and they simply need the promise of a trivial discount or a voucher on a future purchase to give unbridled access to their personal information.
Surprising? Not really! While the GDPR is obviously a move in the right direction, it can also be overwhelming: too many consent forms to read, too much information to consider, too many choices to make. Of course, this is all with the aim of protecting consumers and ensuring that their right to information is respected. But the reality is that, although this information is required to be able to monitor this data, it is a source of stress.
The privacy paradox
Ironically, the more information we receive about how our details are used, the less we are able to process it. In addition, we fall too easily for the “privacy paradox”, as first described by Barry Brown, an employee of HP in 2001. In a study into online shopping behaviour, Brown observed that even though people expressed an interest in protecting their privacy, many of them were easily persuaded to share access to their data and their purchasing behaviour if that gave them access to a loyalty card.
Beyond the promise of a reward and our inability to give absolute value to our privacy, this paradox can also be explained by our unwillingness to manually enable advanced security settings to protect our data. Especially as it is difficult for us to imagine the tangible consequences of data theft, which remain hypothetical possibilities until it actually happens. And yet, scandals involving data fraud are on the rise. The case of Cambridge Analytica revealed how the behaviour of Facebook users could be influenced by analysing their data. The theft of bank details belonging to players connected through online gaming platforms also highlighted the vulnerability of certain data storage systems.
Good habits when it comes to protecting your data
It is true that many of us neither have the time nor the expertise to ensure watertight protection of our data. Fortunately, by taking a few simple steps and with common sense, our personal data can be properly protected. Here are a few of them:
Check your accounts regularly so any anomalies can be identified. Most banks have mobile apps, meaning that you can check your transaction history quickly and easily. Be careful when communicating with your bank about security. If you are unsure, change your passwords and contact your bank immediately. Consider activating alerts for when you use your bank card or make transfers or transactions.
Secret passwords should remain exactly that: secret
The different levels of security and passwords chosen to access your online services must be complex and specific. This means that you must not use them for other websites. Never give your login details – especially for your bank account – to a third party. Never write them down so they are accessible either, whether on paper or in a note on your computer or smartphone. Avoid using anyone else’s computer to log in. If you have to, consider disabling the option that allows your browser to save passwords. Finally, change your passwords and security keys regularly.
Your bank will never contact you by email or text message asking you to click on a link to change or confirm your personal details.
Beware of emails and text messages
Your bank will never contact you by email or text message asking you to click on a link to change or confirm your personal details. Phishing has now become highly sophisticated and you may at one time or another come across an email of this type, perfectly replicating your bank’s style. If you are unsure, do not click on the link and flag any correspondence that seems strange to your bank.
Having a secure connection is paramount
Only log in to your online banking services when using your secure internet connection at home. If you use an unsecure Wi-Fi network, other people can easily access your information. Wired connections are best, but if you have to connect when you are away from home, use your mobile network, as it is much harder to hack than Wi-Fi networks.
Only shop on secure websites
Only shop on secure websites: check there is an “s” after “http” in the web address. This means that the website is protected by SSL (secure sockets layer) encryption. You can also check whether there is a confidence icon (a padlock symbol) on the website, which contains the words “secure” or “verified”. Click on the icon to see whether it takes you to a verification page. If not, this means it is a fraudulent website.
Don’t save your payment details
Never save or store your online payment details or passwords for your online payment methods. Although these services seem useful, they also make it easier for potential hackers to get their hands on your information.
Switch your profile to private mode
Change the security settings of your social networks and opt for maximum security by switching your accounts to “private” mode. The various social networks regularly change their security policies; be mindful of that too!
Give vague answers
Be wary of online surveys and in-store questionnaires. Whether you are asked to answer a fun quiz, or fill in a form to sign up to a loyalty scheme, you should always give as little personal information as possible.
Make yourself invisible
Check your internet browser settings and enable functions that prevent you from being tracked or profiled through the various traces that you leave when you visit websites.