How do we leave digital traces?
When we use digital services through our laptops or mobile phones, we actively and/or passively leave digital traces. On a daily basis we might browse the Internet, access news websites, rant on Twitter, post photos on Facebook, comment under YouTube videos, publish blog posts, receive phone calls or send SMS messages.
In some cases, our data is collected without our knowledge or consent – like when our browsing habits and IP address are collected while we visit a website. In other cases, we choose to hand over our data to third parties – when we share photos on Facebook, or book a flight ticket, for example. Through all such activity, we leave digital traces which result in the creation of our digital shadow.
What happens to our Digital Shadow when we use digital services?
When we use the Internet and/or mobile phones, we use digital services through networks. Our digital shadow exists within networks and that makes it vulnerable. In a network, data cannot travel directly from one device to another – it has to go through many other devices which make up the network. This means that all of our digital activity - such as sending an email, accessing a website or making a phone call - travels through multiple servers in a network until it reaches its final destination. The problem is that these third party actors can have access to our digital shadow in transit.
Anyone can potentially have access to our digital shadow - including communications service providers, law enforcement agencies and companies, as well as groups and individuals running their own servers. We cannot know precisely what happens to our digital shadow and that itself is a problem.
Learn more about how the Internet and mobile phones work here.
Can't privacy laws protect our Digital Shadow?
Yes, but not adequately. And here are five reasons why:
When sending a message data travels. National privacy laws do not provide safeguards for data across borders.
A lot of surveillance is carried out in secret and many privacy laws are not properly enforced.
Often surveillance is carried out in the name of "national security", which often overrides privacy protections.
Internet Service Providers (ISPs) and Telecom Service Providers (TSPs) are required to comply with license agreements in order to operate, which often require the installation of lawful interception systems at their premises.
Intelligence agencies have access to the fibre optic cables that make up the backbone of the Internet and to almost all Internet traffic. Such access is largely unregulated by privacy laws.
Why should we care about our Digital Shadow? Think about your credit card details, your passport or the secrets you share with your partner. Would you really want to share them with the world?
“What happens to our data happens to ourselves. Who controls our data controls our lives.”
If our digital shadow gets compromised, so does most of all the information that comprises it: such as our credit card details, our medical records, our personal emails and photos and much more. The bottom line is that our digital shadow tells a story about us, which may or may not be true. To care about our digital shadow is to care about ourselves.