Security and Protection of Privacy and Digital Rights on the Internet

Introduction

In recent years, consumers have enjoyed a variety of online and offline services through mobile Apps with the high-speed development of online consumption, the rapid popularization of information services, continuous innovation of Internet business models, rapid integration of online and offline services, and the rapid popularization of network communication, especially the development of mobile Internet (Terry, 2021). However, situations of personal privacy information leakage, theft, and trafficking incidents often occur, and harassment, fraudulent phone calls, and junk emails are also becoming a common concern of modern society and the majority of consumers when users enjoy the benefits brought by the high-speed development of the mobile Internet.

The importance of privacy and digital rights

In the era of digital development, the importance of personal information privacy and security cannot be ignored. With the advancement of technology and the mass collection of data, personal and corporate data has become increasingly leakage or misused. The individual’s privacy right is a fundamental right, and everyone has the right to decide whether their personal information is collected, used, or shared (Nicolas, 2019). The protection of data privacy ensures that personal information is not abused, and personal information is not used for harassment, fraud, or other illegal activities. Additionally, companies have important business interests in the collection and processing of data, while if data is leaked or misused, it will seriously damage the credibility of the company. Protecting data privacy and security can enhance a company’s reputation and build a good brand image. With the enactment and improvement of data protection laws, social media platforms should also protect users’ personal information privacy. The leakage and misuse of data also lead to significant financial losses, and protecting privacy and security can mitigate these risks and reduce potential financial losses. Thus, with the increasing number of users and the growing interest in information and communication technology (ICT), protecting users’ information has become critical to ensure the security of personal privacy on the Internet.

Case study

According to some research, the overall situation of personal information leakage is relatively serious, the number of people who have encountered the situation accounted for 85.2%, and the number of people who have not encountered the situation only accounted for 14.8% (Pengpai, 2022). Some social media platforms have emerged a number of leaking users’ information events. Little Red Book is a social media APP in China, especially popular among young people. Its followers have substantially increased in a relatively short time. Users can create various posts with pictures and publish their posts to share their lives on this social media platform. Little Red Book is a lifestyle platform for young people. Little Red Book’s mission is ‘Inspire Lives to share and discover the wonders of the world’. Users can record life through short videos, pictures, and other forms to share lifestyles and interact based on their interests. However, Little Red Book has brought a certain threat to user privacy since 2022. Users’ data of Little Red Book leak. Because the security measures of Little Red Book are not improved, hackers or criminals may invade the system to obtain users’ personal information, such as mobile phone numbers, account passwords, and self-portraits etc (Nanfang Urban Daily, 2023). Once the personal information is leaked, it may be used for unauthorized advertising, fraud, and other illegal activities. In the Little Red Book, users share some personal lives, consumption habits, and other private information. If users’ privacy information is exposed, such as for targeted advertising or other commercial purposes, users may feel an invasion of privacy. Little Red Book as a social e-commerce platform, comments, evaluations, and other information left by users on the platform may be ‘brushed’ or used by merchants to increase the influence of fake purchases or posts. This will mislead users’ consumption decisions and damage users’ rights and interests.

Since 2022, the user information of Little Red Book has been leaked on a large scale. There have been 50 victims of fraud because of the online shopping experience in the Little Red Book, and finally received a call claiming to be a ‘Little Red Book customer service’, in order to buy goods with quality problems refund on the grounds of being cheated. According to statistics, the total amount of fraud was 900,000 approximately (Pengpai, 2022). A number of Little Red Book users exposed the news on social media, indicating that they received a phone fraud claiming to be Little Red Book customer service, and the amount of fraud ranged from a few thousand to tens of thousands of yuan. Fraudsters first obtain the trust of customers by accurately providing detailed personal information and shopping information. Then they use the quality problems of the goods purchased by customers in the Little Red Book, and the Little Red Book will refund several times the original price on the grounds that they will lure customers into a trap. Little Red Book fraud events are often reported by the media, and Little Red Book has been exposed due to user information leakage led to fraud. Fraudsters accurately master the user’s personal information and transaction information which is an important reason for the success of fraud.

According to statistics, the victims are mostly young women and college students. The products they buy on Little Red Book are mostly cosmetics and clothing. Zheng Ye, a college student, received a call from claiming to be a customer service officer of Little Red Book on July 30, 2022. In the beginning, the staff accurately told Zheng Ye’s name and her purchase record of buying a facial cleanser in a store, which made she has no doubt about the identity of the customer service. Then, the staff said that the facial cleanser was complained by many customers because of quality problems, and Little Red Book decided to recall these products and pay three times the compensation to the customers who bought them. In order to ‘improve the credit score’, the staff asked Zheng Ye to download some loan Apps, but they were not successful. Finally, the staff sent a two-dimensional code, and Zheng Ye scanned it and jumped to the page that needed to fill in the bank card number and password. After she operated according to the guidance of customer service, she found that the user’s balance did increase by 1000 yuan. The staff falsely claimed that the money was for her, but it was actually borrowed in the name of Zheng Ye on the loan instalment. In this way, Zheng Ye was cheated of more than 40,000 yuan.

Some news reports mentioned that fraudsters accurately mastered the purchase records of the deceived users in Little Red Book, claiming to be the customer service of Little Red Book to implement frauds (Nanfang Urban Daily, 2023). Little Red Book has responded that it has not found the phenomenon of mass account-sensitive data leakage. In the process of online shopping, all links that come into contact with user information have the possibility of information leakage from third-party merchants, and mobile Apps to logistics and express delivery. In November last year, the Personal Information Protection Research Centre consulted the latest privacy policy of Little Red Book and found that the provisions were still relatively simple and did not mention the responsibilities and obligations that platforms and third-parties should assume after user information leaks.

Generally, the e-commerce platform is the first collector of user information, and users agree to the privacy policy set by Little Red Book when registering. The platform can share users’ personal information with merchants, and the privacy policy generally belongs to the contract between the platform and users (Goggin et al., 2017). If the platform fails to implement the privacy policy and leads to the disclosure of user information, or shares information with merchants without the consent of users, the platform should assume the corresponding responsibility for the disclosure of user information. Article 8.6 of the national standard ‘Personal Information Security Technical Specifications’ stipulates that when the platform and a third-party are common personal information controllers, the platform should jointly determine the personal information security requirements to be met with the third-party through contracts and other forms (Pengpai, 2022). The e-commerce platform can clarify the user information protection responsibility with third-party stores from the collection, use, sharing, and disclosure of personal information. Both platforms and merchants should be responsible for the protection of personal information involved. If platforms and merchants jointly provide services to users in a certain link, they should be jointly responsible.

Protect online personal information

With the rapid development of mobile Internet, the leakage of consumers’ personal information is not optimistic, and the excessive collection of personal information by mobile Apps shows a general trend that causes consumers to have many concerns. The reasonable respect and protection of consumers’ personal information and privacy are inseparable from the broad participation and joint governance of all sectors of society.

Improving relevant laws and regulations can provide a sound foundation for the long-term development of the industry. At present, some normative documents and recommended standards have been issued to regulate and guide the collection of personal information by Apps (Nissenbaum, 2018). It is suggested to further clarify the rights and obligations of both parties in the network information service so that the digital industry can develop within the scope of the rule of law in the network era.

Strengthening the dynamic supervision of enterprises can provide a solid guarantee for the orderly development of the industry. The supervision of mobile Apps and the protection of personal information require the cooperation and dynamic supervision of relevant departments, such as information technology, market supervision, public security, and network security section (Tumber & Waisbord, 2017).

Encouraging the participation of the public to strengthen the popularization of network knowledge and security education norms and enhance consumers’ awareness of personal information security protection and rights protection. It is necessary to improve the channels of complaint and rights protection so that consumers actively participate in the action of maintaining personal information security to enhance the willingness of consumers to protect their rights and the effect of rights protection (Marwick & Boyd, 2019).

Consumers should develop good information security awareness and use habits. Users should pay attention to the selection of safety-compliant App products and services and choose formal and effective channels to download and install mobile Apps. Pay attention to carefully read the application permission and user agreement or privacy policy of Apps to understand the operation precautions. Pay attention to developing good habits of use, do not freely open and agree to non-essential read permissions, do not freely expose personal privacy information, and regularly maintain and clean up relevant data. It is necessary to seriously deal with the problem of personal privacy information being leaked. When personal information is found to be leaked, it is necessary to take the initiative to defend their rights in a timely manner through effective means.

Conclusion

According to some statistical results, the personal information leakage situations are quite serious, and the information leakage ways and manifestations are various. Consumers in the case of personal privacy information being leaked, the most common situation is to receive fraud calls, sales calls, SMS harassment, spam, and so on. Excessive collection of personal information by mobile Apps is a common trend. Mobile Apps often obtain location information and user privacy permissions that increase the risk of personal information leakage. The frequency and depth of users to read mobile Apps’ permissions and user agreements or privacy policies need to be improved. Users are improving strong awareness of personal information security, but they lack effective means of protection. Moreover, weak personal security awareness and inadequate supervision are the main reasons for personal information security problems in mobile Apps. Therefore, the government and all sectors of society should collaborate to implement effective measures to protect users’ personal information and privacy.

References

Goggin, G., Vroman, A., Weatherall, K., Martin, F., Webb, A., Sunman, L., & Bailo, F.

(2017). Executive Summary and Digital Rights: What are they and why do they matter

now? Sydney: University of Sydney.

https://ses.library.usyd.edu.au/handle/2123/17587

Marwick, A., & Boyd, D. (2019). ‘Understanding Privacy at the Margins: Introduction’.

International Journal of Communication, 78(3), 1157-1165.

Nanfang Urban Daily. (2023, August 3). Little Red Book after a year again exposed user

information leakage fraud, platform and third parties should be responsible? Security

Internal Parameter Section.

https://www.secrss.com/articles/4355

Nicolas, S. P. (2019). Lawless: the secret rules that govern our lives. Cambridge, UK:

Cambridge University Press.

Nissenbaum, H. (2018). Respecting context to protect privacy: Why meaning matters.

Science and Engineering Ethics, 24(3), 831-852.

Pengpai. (2022, August 29). The China Consumers Association released an App personal

information leakage report. Pengpai News.

https://m.thepaper.cn/kuaibao_detail.jsp?contid=2390057&from=kuaibao

Terry, F. (2021). Regulating Platforms. Cambridge: Polity.

Tumber, H., & Waisbord, S. (2017). Routledge Companion to Media and Human Rights.

Abingdon, Oxon: Routledge.

Images

Nanfang Urban Daily. (2023, August 3). Little Red Book after a year again exposed user

information leakage fraud, platform and third parties should be responsible [Image].

Security Internal Parameter Section.

https://www.secrss.com/articles/4355

Nwankwo, E. C. (2023, November 26). Unveiling the Truth: Digital Privacy and Security in

the Modern World [Photo]. Medium.

https://ericnwankwo.medium.com/unveiling-the-truth-digital-privacy-and-security