Security and privacy are two the main concerns for both providers and end-users of digital services. Service providers claim that citizens’ privacy, the security and services of their infrastructure are top priorities. At the same time, end-users adopt an IT service, only when they are convinced that their valuable data are not at risk. In this landscape, policy makers are trying to regulate the provision of IT services in order to ensure that some minimum security, privacy and data protection standards are met. As a prominent example, as of May 2018 the European Union (EU) has put into force its General Data Protection Regulation (GDPR), which foresees extremely strict penalties for service providers that fail to comply with the mandates of the regulation. In this context, major on-line service providers advertise their strong privacy and data protection features. This is for example the case with Facebook, which promotes its strong and versatile privacy control functionalities, which however come after the famous Cambridge Analytica data breach that caused significant brand damage to the company.
Contrary to what IT giants want us to think, the nature of most mainstream on-line services contradicts the provision of strong security and privacy guarantees to the end users. This is because, these guarantees are always provided after the end-users have given away personal data, as the latter are practically used to provide most of the popular on-line services. For instance, Google provides strong security features to all users that it surveils and exploits as data providers for its services. The company processes users’ data as a means of selling ads and other targeted services to its clients. Likewise, Facebook is securing its social network, which is however able to collect and maintain large amounts of personal data by surveilling its users.
Google and Facebook are only two out of numerous examples of on-line services that hinge on collecting data from end-users. A wide array of such services are offered in similar ways, including:
These services have emerged since more than a decade and appear intensified ever since. In particular, on-line service providers are expected to increase the rate of the data they collect from their users in the years to come. This is driven by the following factors:
The above trends indicate that we are experiencing an entirely new model for the growth of the on-line economy. This involves users exchanging their data for added-value added services that are offered to them based on the data they provide. This model enables on-line service providers to accrue large amounts of data at virtually no cost, which makes them very wealthy and powerful. In some of her recent works,business theorist and social scientist Shoshana Zuboff refers to this model as “Surveillance Capitalism”. In these works she also analyzes the implications of this novel market model. Specifically, Zuboff states that surveillance capitalism commodifies ‘reality’ through transforming behavioral data for analysis and sales. Likewise, she introduces the terms ‘surveillance assets’ and ‘surveillance capital’, which she considers as the cornerstone of IT giants’ power.
One of the main implications of surveillance capitalism is that on-line service providers that democratized access to information and knowledge, are gradually becoming so powerful that they can control our lives in a way that threatens core values such as freedom, democracy, and privacy. It may sound ironic, but it seems that large networks that aim at decentralizing control of information and safeguarding individuals’ privacy against the power of large corporate and governmental bureaucracies, could become bureaucratic structures themselves that could jeopardize citizens’ privacy. It looks like that IT giants pretend that they want a secure and privacy friendly internet, yet in practice their interests contradict the existence of 100% privacy-proof platforms.
In this landscape, policy makers are confronted with a serious dilemma about the way they regulate the operation of on-line services. On the one hand, they are thinking of imposing strict regulations (like the GDPR) as a means of obliging service providers to respect fair information practices, while at the same time offer strong security and data protection. On the other, they also realize that regulation can be a set-back to innovation and to the graceful growth of the information economy. Several organizations have been raising concerns about free speech and privacy rights in the era of surveillance capitalism, while most governments are trying to create and enact privacy laws that balance the above trade-offs.
Nevertheless, participation in surveillance capitalism is largely voluntary. Regardless of the regulations that are in place, end-users opt to participate or abstain from on-line services depending on their perception about the value that they get from using such services. In the medium term we expect to see giant IT providers to devise and implement measures that balance regulation with the value given to their users. One way or the other the show of mass-surveillance will most likely go on.
 ‘Big Other: Surveillance Capitalism and the Prospects of an Information Civilization.’ Journal of Information Technology 30, no. 1 (March 2015): 75–89.
Zero Trust Security: Growing relevance in hybrid work environments
DDoS (Distributed-Denial-of-Service) Attacks and their different types explained
Advantages of Data Tokenization for enterprises
The benefits of cybersecurity mesh for distributed enterprises
The Rising Cybersecurity Threats CIOs cannot afford to ignore
Next-Gen Resilience: Can companies deal with large-scale disruptions?
Technology Enablers of Manufacturing-as-a-Service
The Art & Science of Estimating User Stories Cost
Embedded Finance: The basics you need to know
Five Tips for a Successful ChatGPT Strategy
We're here to help!
No obligation quotes in 48 hours. Teams setup within 2 weeks.
If you are a Service Provider looking to register, please fill out this Information Request and someone will get in touch.
Outsource with Confidence to high quality Service Providers.
If you are a Service Provider looking to register, please fill out
this Information Request and someone will get in
Enter your email id and we'll send a link to reset your password to the address
we have for your account.
The IT Exchange service provider network is exclusive and by-invite. There is
no cost to get on-board;
if you are competent in your areas of focus, then you are welcome. As a part of this exclusive