User, beware: Privacy-washing online is real
People look at data on their mobiles as background with internet wire cables on switch hub is projected in this picture illustration taken May 30, 2018. REUTERS/Kacper Pempel
Many companies are adapting “green washing” tactics from decades ago, affixing a veneer of privacy to their products but still scooping up, sharing, and selling our intimate data.
By Jen Caltrider, Mozilla Foundation
Online privacy is one of the biggest issues that galvanizes consumers. In a world where everything from fitness trackers to therapy apps to even toilets are connected, consumers need to worry about what exactly these apps and gadgets do with all that personal information they collect.
“I have nothing to hide,” was once a popular rebuttal, but that’s no longer the case. There are too many examples of our online privacy and offline lives intersecting in terrible ways. Like the gay priest who was outed by Grindr data, or the mother and daughter facing criminal charges over an abortion procedure in the U.S. state of Nebraska, with Facebook messages as key evidence.
Online privacy is also a topic for lawmakers, with U.S. bills such as the American Data Privacy and Protection Act (ADPPA) seeking to better protect consumers.
Yet, U.S. consumers are still awash in a sea of untrustworthy apps and gadgets. Worse, many of the companies behind them are adapting the “green washing” tactics from decades ago, affixing a veneer of privacy to their products but still scooping up, sharing, and selling our intimate data. Call it “privacy washing.”
At Mozilla, I build *Privacy Not Included: a buyer’s guide that consumers can use to learn the privacy features and flaws of everything from dating apps to smart doorbells. I spend my days poring over privacy policies, testing products, and emailing companies with privacy questions. And what I see doesn’t match up with what consumers deserve.
In our recent research, 28 out of 32 mental health and prayer apps received Mozilla’s *Privacy Not Included warning label. Too many of these apps share highly personal data with third parties. They target vulnerable users with invasive ads, and they feature hard-to-read privacy policies. The result? The most vulnerable among us are put at even higher risk.
The same is true for other types of tech: When Mozilla researched dating apps, we found that apps geared toward vulnerable populations, like the LGBTQ+ community, had some of the worst privacy practices. Once again, the most vulnerable become even more so.
Oftentimes, some of the worst privacy offenders are the biggest names, like Facebook and Amazon. While they may use encryption, require strong passwords, and more, that’s not the same as privacy — they still collect your data, and share it with advertisers.
But privacy isn’t a lost cause. There are good guys. And consumers’ voices are being heard.
In each *Privacy Not Included edition, we feature a “Best Of” category. There are companies out there who genuinely care about users’ privacy, and are pushing the needle in the right direction. Like Euki, a reproductive health app for women that’s built by a nonprofit. And Wysa, a mental health app and chat bot that doesn’t monetize user data.
Meanwhile, consumers' voices are growing louder. After the repeal of Roe vs Wade, consumers objected to unfettered access of law enforcement to their data. In response, Apple made sure the fertility tracking data collected by its Apple Watch 8 is only stored locally on a user’s device. So Apple collects no reproductive health data to give to law enforcement.
For another example, look at the case of the disappearing Facebook buttons: Aware of consumer ire with Facebook’s poor privacy practices, other companies — like Nike and Best Buy — no longer allow customers to sign in using Facebook credentials.
All this is welcome — and sorely needed. We’re learning that everything is now connected: toilets, bathtubs, bikes, scooters, washers and dryers, and even dehumidifiers. So user, beware: make sure your next purchase has real privacy, and not just a veneer.
Any views expressed in this opinion piece are those of the author and not of Context or the Thomson Reuters Foundation.