Selling your privacy for ‘free’ services | #eBizWires


Facebook, Twitter, Snapchat, Instagram… Chances are that most people are a user of at least one of these social media sites.

However, when signing up for a social media account, most users are more concerned about which profile picture to choose, than about reading the seemingly endless terms of service document. And what they fail to realise is that by accepting the terms of service, they are effectively forming a legal contract between themselves and the social network in question.

“It’s interesting how people are so concerned about their privacy, but are essentially giving it away for free,” says Robert Brown, CEO of DRS, a Cognosec AB company. “And once you are in the cycle of exchanging your privacy for ‘free’ services, there is no getting out. People need to realise that there is no free lunch.”

He says unless the user is a lawyer, or a privacy advocate, they will most likely just click the ‘agree’ button. “A few might give the terms a cursory scroll through, but almost no-one reads the fine print when they register for these sites.”

Originally privacy policies were aimed at protecting the users, but this is no longer the case. “These days, these policies, while not giving direct ownership of the user’s data to the social network, effectively give them a broad licence to use any of the data, be it posts or pictures.”

Take Instagram for example. Under the ‘Rights’ section of its terms of service, it states:

“Instagram does not claim ownership of any Content that you post on or through the Service. Instead, you hereby grant to Instagram a non-exclusive, fully paid and royalty-free, transferable, sub-licensable, worldwide license to use the Content that you post on or through the Service, subject to the Service’s Privacy Policy, available here, including but not limited to sections 3 (“Sharing of Your Information”), 4 (“How We Store Your Information”), and 5 (“Your Choices About Your Information”). You can choose who can view your Content and activities, including your photos, as described in the Privacy Policy.”

Similarly, Facebook’s terms of service clearly state:

“We collect the content and other information you provide when you use our Services, including when you sign up for an account, create or share, and message or communicate with others. This can include information in or about the content you provide, such as the location of a photo or the date a file was created. We also collect information about how you use our Services, such as the types of content you view or engage with or the frequency and duration of your activities.”

All social media sites will have similar terms of service, essentially giving them the right to use all the user’s shared and posted content, with zero liability to the network. “The average person would be dismayed to discover that all these policies are the same in essence, and they are giving the full license to all the information you put into their service. You are effectively giving up ownership and control of your personal data, messages, posts and pictures, to a company that will use that data for their own benefit,” says Brown.

Moreover, he says social media networks continually use your data in order for advertisers to more effectively target users. “Have you ever wondered why an advert for something you were recently looking for online suddenly pops up in your Facebook ads? Wonder no more. When you look at the permissions you granted Facebook when installing the mobile app, you might be astonished to see you have given them the right to collect data from all devices on which you have the application, and are allowing it to collect data on the location of your device, language, time zone and suchlike.”

Ultimately, he says people need to be far more circumspect about the permissions they give, the terms and services they accept, and most importantly, the information they share online. “These sites track your every move as a means to promote goods and services in a very targeted way. So-called ‘free’ services can only exist by monetising their data, and selling advertising. They are not free. People are paying for these services with their personal data, and ultimately their privacy. Personal data has become the de facto product, and alongside it, the privacy itself.”

About DRS

Dynamic Recovery Services (DRS) is an ICT services and solutions provider specialising in providing innovation and agility in information security, IT risk management and IT governance. The company provides security services with a portfolio that satisfies customer needs, from the creation of security strategy to the daily operation of point security products.

The company partners with market-leading technology providers to ensure the best supply of infrastructure as well as execution of professional services, ensuring that the selected products are effectively implemented and operate efficiently in the business environment.

About Cognosec

 Cognosec is an IT security company engaged worldwide, operating in a multitude of industries including banking, finance, government, healthcare, retail, manufacturing and hospitality. Cognosec’s extensive experience in security, governance, risk and compliance services allows the company to offer the best in payment, communications, network, and e-commerce security.

Cognosec is certified in QSA, ASV, (P2PE) PA-QSA, CESG Penetration, Testing, CESG Cyber Security Incident Response.

Don't be shellfish...Share on Reddit
0Tweet about this on Twitter
Share on Facebook
0Email this to someone
Share on LinkedIn


eBizRadio is a live multi- platformed social media service providing an online forum to the business community for holding conversations on the key issues related to specific businesses as well as availing a space for cross-business collaboration in response to key issues affecting the world of business. The place to go if you want to know about business and lifestyle

scroll to top


Please enter the correct answer: *

Register | Lost your password?