Beware Of Privacy-Policy Loopholes!

advanced-penetration-testing-red-team

Every time you are installing a new application, updating your operating system, or getting a new loyalty card from the drugstore – you are presented with a lengthy legal statement and asked if you agree with the Terms of Service (ToS). If you had ever mindlessly tapped “I agree” to such privacy policy agreements after hardly giving a glance at it, we should say, you are in very good company!

A recent survey found that only 2% of New Zealanders read online privacy policies before agreeing to Terms of Service, and this lack of seriousness towards cybersecurity had already put a lot many people in trouble. We know, this might have struck a chord with some readers. After all, even if someone wishes to read them all, who has the time to read the mind-numbing list of disclosures? Just to read Amazon’s ToS, a normal person would need an entire workday! 

However, be informed, regardless of the effort required, the onus is on the user to discern what he consents to.  

What Survey Says?What Survey Says

A research was conducted online by The Harris Poll on behalf of  NortonLifeLock among 10,063 adults (aged 18+) in 10 countries, which included 1009 New Zealanders. The survey was conducted during the period November 5, 2019, to December 2, 2019, in Australia.

Below are some research highlights:

  • More than half of the respondents (59%) have been a victim of cybercrime at some point, and more than 1 in 3 of them (36%) have experienced it in the last year
  • Around 1 in 6 of the respondents (17%) have experienced identity theft, in which 5% underwent it in the previous year alone.
  • Younger adults (18-39) are more likely to have experienced cybercrimes than older ones (40+) (68% vs. 54%).
  • The majority of adults (86%) believe that they should read companies’ privacy policies in full, but around 56% of New Zealanders rarely or never read it.
  • 50% think that they are well protected against ID theft occurrence.
  • 67% of New Zealanders don’t know what to do if they fall victim to ID theft, and 85% wish they could know more information on this.

The Terrifying Statistics

Over 1.2 million New Zealanders surmised to have experienced some kind of cybercrime in 2019

It took nearly 5.4 million hours to resolve those issues (that means, an average of 4.3 hours per victim!). And close to 30% of cybercrime victims were impacted with an estimated loss of 108 million NZD last year.

 Who’s Responsible?What Survey Says

The Norton LifeLock Cyber Safety Insights also inquired New Zealanders about their opinions on who must be responsible for ensuring the privacy of their personal information and data; interestingly, they were split on that.

The survey found that:

  • 38% believe the government should protect it,
  • 33% put this burden on companies,
  • whereas just 29% assume the individual consumers themselves should protect their data by reading the privacy policies and making sure their personal information is shared only with those they trust.

Even though nearly 3 in 10 people suppose the individual himself is responsible for his privacy, it doesn’t reflect in the number of people reading company privacy policies. 86% think they must read the full user agreement, but a mere 2% do that often – how strange!

Well, New Zealanders who don’t always read privacy policies in full have varied reasons for that too!

  • 80% say they refuse to read privacy policies because they are too confusing.
  • 86% think they have no choices other than accepting privacy policies to use services or apps.
  • And 89% confirm that they are willing to read the privacy policies if they are given choices about how their personal information could or couldn’t be used.

Anyhow, the survey concluded that New Zealanders are among the most likely to rarely/never read privacy policies. 

Why This Findings MattersWhy This Findings Matters

All the above findings from the survey are potentially important, because, in a series of recent cases, courts have held that click-through contracts are enforceable, no matter if it is read or unread. Once the “I agree” button is clicked by the consumer, the contract becomes legal.

But, are there any alternatives available for wading through the dense legalese? While we cannot suggest skimming privacy policies, we could help you to discover what you need to know in less time. Ask these questions to identify the six main pieces of information you should glean from a privacy policy:

  1. Is your data used for what you are explicitly providing? Is it used for any secondary purposes?
  2. Is your data wholly secured in all stages of collection and storage?
  3. Is it shared with any third-parties? If yes, for what purpose? 
  4. Ask about the terms for sharing your data with the government and law enforcement.
  5. Will the service use your data to create a profile for non-primary use?
  6. Will the service permit you to delete your data, if you wish?

So, now you know what details you’re looking for in the TOS. You can now opt to search smart using the manual search option on the browser using key phrases to find the answers to these specific questions quickly.

And, Be Alert!What Survey Says

CERT NZ (Computer Emergency Response Team), the cybersecurity platform of the New Zealand government has warned about the opportunistic online scams and attacks during COVID-19. So, make sure that you stay at a more sturdy level with proper cybersecurity measures in place. 

Cybernetic Global Intelligence, a renowned cybersecurity company, can help you with availing reliable cybersecurity services. For more advice and assistance, give a ring to 1300 292 376.

Post a Comment