Data Privacy Day: Will you ever have control of your personal info?

Experts at a summit in San Francisco say today's hottest tech can violate your privacy. The surprise: They think it will get better.

Laura Hautala
Laura Hautala
Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce, Amazon, earned wage access, online marketplaces, direct to consumer, unions, labor and employment, supply chain, cybersecurity, privacy, stalkerware, hacking. Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
4 min read

Your private data: Is it safe and secure?

Amanda Kooser/CNET

What do fitness trackers, cars, televisions and children's toys all have in common? When equipped with miniature computers, each can collect incredibly private data about you and your loved ones.

In fact, experts from tech companies, watchdog organizations and universities agree that these devices also open up more avenues for companies, hackers and governments to violate your privacy .

Yes, it's easy to get worried about the future being discussed on the 10th floor of Twitter headquarters in downtown San Francisco, where Data Privacy Day took place Thursday. But the 150 people who gathered for this event, put on by the National Cyber Security Alliance, were largely optimistic about how our data will be stored and used in the future. As they discussed issues ranging from hackable cars to privacy under the administration of President Donald Trump , they agreed technology doesn't have to be this way.

It's been a scary few years for anyone who's thinking about privacy and data. There have been massive hacks leading to the theft of data tied to millions of people. We've learned that the NSA stores and analyzes all sorts of information about us as well. And sophisticated ad technology has led to the creepy feeling you get when, for example, the baby monitor you were shopping for online suddenly shows up in your Facebook feed.

Additionally, the event itself took place at the headquarters of Twitter. The company sponsored the event by donating the meeting space, and Patricia Cartes, Twitter's head of global trust and safety outreach, gave opening remarks. It seemed incongruous listening to experts discuss privacy in the meeting room of a company whose platform is used to harass and violate the privacy of celebrities, activists and women from nearly all walks of life.

The privacy implications of social media weren't a major topic at the event, during which organizers encouraged participants to tweet. Panelists, guests and reporters drank coffee from paper cups marked "#cup" and took in a sunny view of the dome of San Francisco's City Hall.

Twitter declined to comment beyond sharing the National Cyber Security Alliance website about the event.

This will get better

With all that in mind, it's a surprise that the attendees were broadly optimistic about how companies will treat our privacy in the future.

Over time, people will likely have more choice in the ads that follow them around the internet , said Denelle Dixon-Thayer, chief business and legal officer at Mozilla. Even crazier, you'll eventually be able to remove all your data from one internet service -- Twitter, an ad network, or any company at all -- and give it to another service you like better, she said. And these changes can come without stopping companies from making money off the internet.

"Everyone can still make a profit from it," said Dixon-Thayer said.

Change is hard, though, and experts here aren't shy about highlighting what's going badly right now.

Everything wrong with this picture

For example, sports teams and universities routinely issue fitness trackers to athletes. This raises questions about who owns the personal data generated by these devices and whether the sports teams or universities could sell that data for profit. (Imagine an ad for shoes that claims they helped the star quarterback run a quicker 40-yard dash.)

"Players don't have the power to resist, to say, 'I will not use this,'" said Stanford bioethics researcher Katrina Karkazis. "And universities have an incentive to monetize this data."

Cars, too, have their vulnerabilities as they get hooked up to the cloud. If hackers stole all the information generated by your internet-connected car, they could know a great deal about you. They could even make a good guess at your credit score, said Tony Aquila, CEO of Solera Holdings, a company that works as a clearinghouse for information about cars and drivers.

And toys have become one of the biggest security scares in years. Hello Barbie, a doll designed to have cute conversations with kids via voice-recognition technology similar to what's in our phones , turned out to be a privacy disaster when hackers showed they could access location data about children from the doll and steal voice recordings of children through the app that connects to Barbie.

Toys that can be accessed remotely? "None of us are going to buy an item like that," said Jules Polonetsky, CEO of the Future of Privacy Forum, a nonprofit that promotes privacy in new technology. Perhaps more worrisome, there are already tough regulations on the books regarding how companies handle children's data, but toymakers are still making mistakes.

The internet was built on standards

So what will it take to bring us from the current state of affairs to the privacy utopia Dixon-Thayer imagines? The answer is pretty nerdy.

Technologists need to create standards -- rules for encoding data -- that make it easy for users to reclaim their information. Lots of things on the internet are coded according to universally shared standards. It's how things like auto-complete work on your browser, no matter what website you're visiting. In fact, the internet itself was built on standards, Dixon-Thayer said.

But what will make internet services want to adopt these standards, giving up the near-complete ownership of user data they currently enjoy? That will require a shift in attitude, as companies attract users by showing how trustworthy they are.

"Getting users engaged in the experience of controlling their data -- it creates this trust circle," Dixon-Thayer urged tech companies. "Try it."

Correction, Jan. 27 at 12:05 p.m. PT: This story has been updated to reflect that Twitter representatives participated in the Data Privacy Day event.

CNET Magazine: Check out a sampling of the stories you'll find in CNET's newsstand edition.

Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.