Introduction
With the rapid development of the digital age, the internet has become an essential part of our lives. People shopping online, socializing, sharing personal information and enjoying the convenience of digital technology for life. However, have you ever considered this kind of behaviour that people take for granted has allowed us into Truman’s World voluntarily?
In the classic 1998 film, Truman’s World, the protagonist Truman’s life becomes a 24-hour live reality show broadcast to the world, and he is completely unaware of this situation. His every behaviour is being manipulated and surveilled. But what is the difference between our situation with Truman’s In today’s digital society? Unconsciously liking, commenting, and searching, every action we take online is recorded and analyzed and finally becomes the new oil of the digital age which is a valuable business resource. Meanwhile, data is non-excludable, the same data could be reused by multiple organizations (Clavora Braulin, 2021). These features allow data’s value to constantly improve and also intensify the risk to users’ privacy.
When you are surprised why social media knows your preferences better than your family. Do you realize that this is not a coincidence? Instead, it is because your personal information continues to be collected and used, then through algorithms to accurately recommend content. The platform handles a lot of user data, but the operating mechanism is not transparent and allows users difficulty in understanding how their information is being used (Suzor, 2019). Nowadays, people desire to protect personal privacy on the one hand, but on the other hand, they are unknowingly leaking personal data. What is the hidden reason behind this kind of contradictory behaviour?
Theoretical explanation
Privacy Paradox
Privacy Paradox means that the consumers’ willingness to protect privacy and actual information disclosure behaviour have significant differences (Norberg et al., 2007). Although consumers hope their privacy is protected, they often provide their personal information when using digital platforms. This situation is very common in the digital era, and the main reasons include information asymmetry, privacy imbalance and social norms.
The first reason is information asymmetry. Nowadays, users are usually required to agree with the platform’s online service policy before using a digital platform. However, these policies are often complex, vague and frequently changing (Flew, 2021). This makes it difficult for users to understand the terms of the policy about data collection and use. Most of the users will directly choose “agree” when they have not read the policy adequately. According to an Australian government survey, only 20% of Australians indicate that they will read and understand the Privacy Policy, and 44% of them consider the policy to be too long and too complicated (Oaic, 2023). This means that most of the users will not read the privacy policy of the platform attentively, and this neglect is largely because of the complexity of the policy. The information asymmetry allows users to disclose personal data passively when they lack an understanding of the platform’s operational mechanisms and further increases the risk of privacy leaks.
The second is privacy imbalance. Although many users are aware of the privacy risk, they often lack real choice which leads to forced acceptance of the platform using their data. For example, social media platforms usually regulate if users do not accept their rules, they can stop at any time or without reason to access the platform (Suzor, 2019). It seems like the users have the choice to make the decision. However, the real power is controlled by the platform. If users want to use the platforms, they have to accept the rules of the platform. Otherwise, they will lose access to the service. This kind of power imbalance also strengthens the privacy risk of users.
The last reason is social norms. Currently, there are 5,241 million social media users in the world, accounting for 63.9% of the global population(Global Social Media Statistics — DataReportal – Global Digital Insights, n.d.). If users do not use social media because of privacy concerns, it may cause the risk of social isolation. People are easily affected by other’s behaviour in the digital era and change their attitudes and behaviour towards the disclosure of personal information (Masur et al., 2021). Thus, some users realize they are active disclosure of their personal information. But they’ll still keep doing it, in order to follow the social norms.
Thus, the existence of the Privacy Paradox means users worry about their privacy security issues on the one hand. On the other hand, they will proactively provide personal data on social media which further reinforces privacy risk.
Data Colonialism
Data Colonialism means that technology companies through the possession and exploitation of user data, make personal privacy become a tradable commodity, thus constructing a new power structure and obtaining economic benefits (Couldry & Mejias, 2019). This process is similar to the traditional colonialist grabs of land and resources. However, at present predators are these tech giants and the resources being taken are user data. In this system, users unknowingly lose their right to privacy and have to become ‘digital labourers’. Research shows that the personal data value of Meta platform users is about $147/year, and that of Google is worth about $263/year (Global Social Media Statistics — DataReportal – Global Digital Insights, n.d.). It shows that the high value of personal data has brought huge commercial benefits to the technology companies and it also consolidates its dominant position in society.
However, the current regulations and supervisory systems still lag when facing the problem of privacy exploitation and power imbalances from data colonialism. This makes this issue hard to effectively solve. Although laws such as the General Data Protection Regulation(GDPR)emphasise concerns about data use, they do not fully cover the problems of data collection or data processing (Flew, 2021). The situation of data colonialism will be more serious in the context of the laws are not yet fully developed.
Surveillant or the Surveilled?
The German philosopher Friedrich Nietzsche (2001) has said “When you gaze long into the abyss, the abyss gazes also into you.” This sentence reveals a profound paradox. When a person is obsessed with a certain desire for a long time, maybe he will suffer its backlash unknowingly. And it is the same for the privacy security. When we try to surveil other people’s movements and information, maybe we will put our privacy security exposure at risk in fact.
The data breach of Spyzie takes place in 2024. Spyzie is a phone surveillance application. Although this application is controversial in its legality and morality, it is still broadly used by many people for monitoring others’ private information such as location, call history and text messages. This application is mostly used by parents to surveil their children or couples to surveil partners. However, the usage of this kind of application potentially poses a huge security risk. Not only may the data privacy of a person under surveillance potentially suffer from serious breaches, but also the monitors’ personal data security faces the threat. According to the research, this application already hacked the sensitive data of 500,000 Android users and 4,900 iOS users, and the data included text, photos and location data (Whittaker, 2025b). Besides this application shared source code with other surveillance applications and finally led to the private data of more than 2 million people being exposed.
The serious information breach exposed deeper privacy and legal issues. The usage of tracking applications in most countries is illegal. And even if parents are using such applications to supervise their children, the legality of this is still unclear (Millions of Stalkerware Users Exposed Again | Malwarebytes, n.d.) Additionally, this situation also reflects the issue of privacy paradox. Users worry about their data breach on the one hand, but on the other hand, they will surveil others because of their personal benefit. This kind of application reinforces the risk of data breach and also may cause legal disputes. It makes us rethink, how people to correctly understand and respect the right of others’ privacy.
Is your medical data still safe?
Have you ever thought the information be insecure when you provide your health information to a well-known and trusted medical group? I think most people will not doubt its safety. Because these medical groups have the responsibility to protect millions of patients’ sensitive data under the regulation by law. As the industry giants, the protection and handling of data securely is the basic requirement of their operation. However, the true reality is even large and well-known healthcare enterprises cannot ensure the absolute security of their users’ information.
On February 21, 2024, Change Healthcare, a medical technology company owned by the famous health insurance company UnitedHealth suffered a serious cyberattack. Change Healthcare managed the medical data of more than as many as half of those living in the United States. Hence, this incident has profound implications and become one of the most serious data breaches in the history of the U.S. healthcare Industry.
The cyber attack was launched by the hacker group ALPHV and its attack directly affected the core operational platform of the U.S. healthcare system was paralyzed due to an outage. This cyber attack continued for several weeks and during that period all insurance claims of this company stopped processing. The system of electronic medical records in doctors’ offices was disrupted and the medical payment platform couldn’t operate, the processing and reimbursement of patients’ medical costs were suspended (Whittaker, 2025a).
The hacker group claimed they had stolen millions of Americans’ health data and demanded 22 million dollars to Change Healthcare as ransom, then required them to pay in the form of Bitcoin. Despite UnitedHealth paying a high ransom to the hacker group, the data was not completely recovered, and the hacker remained nowhere to be found (Alder, 2025). The incident was experienced over a year-long time to survey and processing. Until January 2025, Change Healthcare confirmed about 190 million people in the US were affected by the data breach (Whittaker, 2025a).
This incident exposed the healthcare industry’s vulnerability in data protection. Although Change Healthcare is a famous company in the industry, it still cannot guarantee the absolute security of data. Nowadays, the records way of the Healthcare industry have gradually changed from paper to electronic health records (Robinson, 2018). It improves work efficiency and convenience to some degree. Meanwhile, it also reduces the security of data significantly. Thus, in the future healthcare companies should shoulder more responsibility and strengthen data protection. Using stricter encryption measures to deal with different cyber security issues.
Conclusion
The rapid development of the digital era changed the way people live. People’s lives seem to become more convenient and efficient. However, it also brings a bigger challenge to the privacy problem. People worry about the potential risk of losing their privacy on the internet and digital platforms, and it is an ongoing and important issue (Flew, 2021). However, many people face privacy paradoxes in privacy protection. Additionally, the existence of data colonialism further reinforces the issue of data safety. Companies collect user data on a large scale. Users and companies have an imbalance of power in the usage of data. Leading to the gradual erosion of the right to privacy and further strengthening the dilemma of privacy protection.
Under the development of the future, the users, enterprises and laws need to be improved. The users should improve their personal digital literacy and strengthen their awareness of privacy protection. Enterprises should assume the responsibility of data protection and apply more strict data encryption measures to protect the user’s information security. In the meantime, the law needs to be improved to keep pace with the times and solve the complicated privacy protection problems in the digital area. Only collaboration between different parties and the users’ privacy data security could obtain efficacy protection.
References:
Alder, S. (2025, February 19). Judge sets deadline for motions to dismiss claims in change healthcare data breach lawsuits. The HIPAA Journal. https://www.hipaajournal.com/change-healthcare-responding-to-cyberattack/
Clavora Braulin, F. (2021). Data, competition, and consumer privacy in digital markets. https://doi.org/10.48676/UNIBO/AMSDOTTORATO/9523
Couldry, N., & Mejias, U. A. (2019). Data colonialism: Rethinking big data’s relation to the contemporary subject. Television & New Media, 20(4), 336–349. https://doi.org/10.1177/1527476418796632
Flew, T. (2021). Regulating platforms. Polity Press.
Global social media statistics—DataReportal – global digital insights. (n.d.). Retrieved 2 April 2025, from https://datareportal.com/social-media-users
Masur, P. K., DiFranzo, D., & Bazarova, N. N. (2021). Behavioral contagion on social media: Effects of social norms, design interventions, and critical media literacy on self-disclosure. PLOS One, 16(7), e0254670. https://doi.org/10.1371/journal.pone.0254670
Millions of stalkerware users exposed again | malwarebytes. (n.d.). Retrieved 2 April 2025, from https://www.malwarebytes.com/blog/news/2025/02/millions-of-stalkerware-users-exposed-again
Nietzsche, F., & Norman, J. (2001). Beyond good and evil: Prelude to a philosophy of the future (R.-P. Horstmann, Ed.). Cambridge University Press. https://doi.org/10.1017/CBO9780511812033
Norberg, P. A., Horne, D. R., & Horne, D. A. (2007). The privacy paradox: Personal information disclosure intentions versus behaviors. Journal of Consumer Affairs, 41(1), 100–126. https://doi.org/10.1111/j.1745-6606.2006.00070.x
Oaic. (2023, April 19). Australian community attitudes to privacy survey 2020. Oaic. https://www.oaic.gov.au/engage-with-us/research-and-training-resources/research/australian-community-attitudes-to-privacy-survey/australian-community-attitudes-to-privacy-survey-2020
Robinson, P. (2018, January 9). The 10 biggest data security problems in the healthcare industry. Lepide Blog: A Guide to IT Security, Compliance and IT Operations. https://www.lepide.com/blog/the-10-biggest-data-security-problems-in-the-healthcare-industry/
Suzor, N. P. (2019). Lawless: The secret rules that govern our digital lives (1st ed.). Cambridge University Press. https://doi.org/10.1017/9781108666428
Whittaker, Z. (2025a). How the ransomware attack at change healthcare went down: A timeline | TechCrunch. https://techcrunch.com/2025/01/27/how-the-ransomware-attack-at-change-healthcare-went-down-a-timeline/
Whittaker, Z. (2025b, February 27). Spyzie stalkerware is spying on thousands of android and iPhone users. Techcrunch. https://techcrunch.com/2025/02/27/spyzie-stalkerware-spying-on-thousands-of-android-and-iphone-users/
Be the first to comment