Risk potential and data misuse are everywhere

Information is submitted, distributed, and utilized in many different ways on the Internet. Control over who has access to what information is available only in rudimentary form, if at all. Concerns are especially relevant with respect to social networks. The operators of these networks acknowledge the necessity of data protection – but there are a number of grave problems in practice, and effective measures for the protection of privacy simply do not exist.

Some of the violations are of such serious nature that the Electronic Frontier Foundation (EFF) has demanded that Google in the USA shut down some of its services. In Germany, the Verbraucherzentrale Bundesverband is working to tighten the data protection regulations of StudiVZ, Facebook, MySpace, and some other social networks.

Even though many Web surfers are extremely cautious about the data they make available on the Internet, there are ­highly ­sophisticated methods which make it possible to draw ­conclusions about users’ private data from seemingly unrelated information such as surfing habits, interaction with friends, or data published by institutions. Years ago, IBM presented ­algorithms for the efficient collection and correlation of data with the aim of making people more transparent. According to evidence in the book The Numerati, a large part of population is already under surveillance by powerful institutions.

Use of the mobile Internet on sophisticated end devices is now generating a new quality of data. These devices ­offer many ­supplemental services such as GPS localization, ­camera, ­compass, or orientation sensors which provide new and ­additional information about usage habits. The collected data reveal much more about a user than the data from stationary devices. Hobby software developers can frequently take advantage of available SDKs³ which enable them to program these mobile ­devices ­easily. The initial quality control and distribution of the ­applications implemented by such means on the mobile end ­devices worldwide are carried out by the hardware ­manufacturers or ­network ­operators so that the programs become widely ­distributed ­without any further action by the ­developer. Apple’s AppStore and Google’s Android Marketplace are currently the most ­successful distribution channels. Once an application has been installed, it has access to the cell phone functions ­mentioned above as well as to other unique user identification features. This information can now be exchanged ­between the application and dedicated servers on the Web. As a result, an application ­provider knows where the device is, its ID number, and user behavior with ­respect to this program. A newly offered service from the data aggregator “Pinch Media” collects exactly this information, which ­developers can use to create an exact picture of users. While it improves performance of the application, this practice naturally gives rise to a number of questions about privacy.