Protecting privacy online

    Business Spotlight 3/2023
    securely locked phone on a table
    © Dan Nelson/
    Von Kate O'Flaherty

    Online shopping has always been convenientbequemconvenient, but during the Covid-19 pandemic, it became essential. Amazon’s Prime service now has more than 200 million members across 23 countries. Many people regularly shop online for everything from groceriesLebensmittelgroceries and clothes to books and electronics. This, combined with the fast growth of streaming platforms and other online services, has led to increased concerns about (data) privacyDatenschutzdata privacy.

    for one thingzum einenFor one thing, many websites collect vastriesigvast amounts of data, whether a user buys a product or not. Email addresses, phone numbers and dates of birth are just a few examples of the information that can be gathered. More data is collected by the browsers people use, via third-party cookie trackers in Google Chrome, for example ­— a  practice that will be to phase sth. outetw. auslaufen lassenphased out by 2024. Meta, the social media giant that owns Facebook, is also a specialist in to track sth.etw. nachverfolgentracking web activity to feed its advertising network, although privacy featureFunktionfeatures introduced by Apple in 2021 now make it much harder to track the more than 1.2 billionMilliarde(n)billion iPhone users.

    Consumers are becoming increasingly aware of the importance of online privacy, and businesses must rethink their strategies for a future that doesn’t include cookie trackers and mobile-app tracking. regulatorAufsichtsbehördeRegulators are also becoming more proactive and creating rules, such as the EU’s updated General Data Protection Regulation (GDPR), that to grant sb. sth.jmdm. etw. gewähren, einräumengrant consumers more rights to decide what happens with their data.

    Privacy risks online

    There are two main privacy risks to individuals online: data getting into the hands of an adversarygegnerische Parteiadversary, and organizations using information without consumers’ permission, explains Caroline Carruthers, CEO (chief executive officer)Geschäftsführer(in)CEO of the global data consultancy Carruthers & Jackson.

    Both areas are already covered by legislationGesetzgebunglegislation, she says. “Cyber­crime is obviously illegal and covered by anti-fraud lawGesetz zur Betrugsbekämpfunganti-fraud laws, and incorrect use of data is forbidden as part of regulation, such as GDPR in the EU and the California Consumer Privacy Act in the US.”

    Payment data is especially valuable to cybercriminals. While services like PayPal can help protect this sensitivesensibelsensitive information, it is hoped that the concept of tokenizationTokenisierung (digitale Segmentierung einer Einheit)tokenization will make online shopping more secure. adoptionÜbernahme, EinführungAdoption of the technology is increasing, with India having to launch sth.etw. einführenlaunched a new mandatehier: Verordnungmandate in late 2022 that makes tokenization a standard in the country.

    Tokenization allows two parties to exchange sensitive information, such as credit card details, via a randomlyzufälligrandomly assignedzugewiesenassigned number, known as a “token”. Although it’s still relatively new, this technology could be useful both for businesses and users, says Michael Tegos, product marketing manager at Opera, makers of the Opera web browser. “It can help speed up transactions and improve customer experience, because the users don’t have to keep entering their payment details, potentially to expose oneself to sth.sich etw. aussetzenexposing themselves to phishing scam (ifml.)Masche, Betrugscams or errors. It to mitigate sth.etw. mindern; auch: etw. minimierenmitigates the risks of a data breachDatenschutzverletzungdata breach because, even if the token data is stolen, bad actors can’t use it.”

    This system also makes complianceErfüllung von Richtliniencompliance easier to manage for businesses. “The process is to approve sth.etw. bewilligen, zulassenapproved by the PCI Security Standards [councilRatCouncil], which sets security standards for organizations who accept credit card payments,” Tegos adds.

    Data protection

    For businesses that collect customer details online, protecting that data is the highest priority. That feeling of security is key to building the trust that keeps customers coming back to the site. surveyUmfrageSurveys by the company Treasure Data in the UK, Germany, France and the US found that people expect marketing campaigns to adapt to their changing priorities and needs due towegendue to the current cost-of-living crisis.

    to take sth. into accountetw. berücksichtigenTaking this into account, Andrew Stephenson, Treasure Data’s director of marketing for EMEA and India, thinks responsible brandMarkebrands should implement a two-trackzweigleisigtwo-track strategy: “Communicate the value exchange of data sharing to consumers and operate within ethical boundaryGrenzeboundaries using the right technology.”

    Measures businesses can take to look after customer data include to ensure sth.etw. sicherstellenensuring it is stored correctly and securely, as well as making sure that access from within the organization is limited to the right people, in line within Übereinstimmung mitin line with regulations, Carruthers says. “Of course, tokenization also helps, and e-commerce sites should work together with big payment companies, such as PayPal or Mastercard, to to bolster sth.etw. stützenbolster safety mechanisms.”

    It is also important for individuals to do what they can to protect their own data, says Jake Moore, global cybersecurity adviser at ESET, a data protection company. He advises creating a separate email address and using a VPN when shopping. “At the very least, private browsing can mitigate the risk of sharing personal information.”

    People should always ask questions about where their data is going

    Websites must offer detailed privacy policies, and individuals should read them when using online services, advises Colin Hayhurst, CEO of the privacy-focused search engine Mojeek. “People should always ask questions about where their data is going and why.”

    The choice of browser makes a difference, with alternatives to Google Chrome available that are less likely to track your online activity. If you are worried about your browser, take the time to read its privacy information pages, or use one that respects privacy, such as DuckDuckGo, Nigel Jones, co-founderMitgründer(in)co-founder of The Privacy Compliance hubZentrumHub advises. For Apple users, the obvious choice is Safari, which includes tracking prevention tools, while Brave and Firefox are also considered privacy-friendly alternatives.

    Taking back their data

    As people become more aware of their privacy and of the implicationFolge, Auswirkungimplications of data-hungry websites and applications, consumers and businesses both have a role to play. This is especially important as technology develops and concepts such as the metaverseMetaversummetaverse and 5G start to become reality.

    Jones thinks people are beginning to recognize that some businesses have been to abuse sth.etw. missbrauchen; hier: etw. verletzenabusing their privacy rights. Now, they’re fighting back. As a result, privacy credentialReferenzcredentials are becoming a unique selling pointAlleinstellungsmerkmalunique selling point for businesses, but these need to be built in from the start, Jones says, such as the way Apple is actively selling products based on the iPhone’s privacy protection credentials. “Product engineerIngenieur(in)engineers and designers need to build privacy into their processes, because if they don’t, they will to lose out to sth.gegenüber etw. ins Hintertreffen geratenlose out to companies that do.”


    • Give consumers control: the General Data Protection Regulation (GDPR) aims to protect personal information and give individuals the power to choose. Consumers must give consentEinwilligungconsent for the use of their data, and companies must be clear about how they use it.

    • Know exactly what personal information you process: Nigel Jones says firms should to assess sth.etw. prüfen, abschätzenassess where data is; what rights they have in relation to it; what they do with it; who they share it with; how they protect it; and what they do with it when they no longer need it.

    • Build trust through complianceErfüllung von Richtliniencompliance: Jones says businesses must “understand what they do with their customers’ data and be transparent to build customer trust”.

    • Don’t try to find loopholeSchlupflochloopholes in the regulation: “In order to to comply with sth.etw. erfüllen, einhaltencomply with the spirit of data laws with transparent and principled data practices, professionalFachkraftprofessionals need to implement data ethics into their governanceFührunggovernance,” says Caroline Carruthers.

    Neugierig auf mehr?

    Dann nutzen Sie die Möglichkeit und stellen Sie sich Ihr optimales Abo ganz nach Ihren Wünschen zusammen.