Technology is now integrated into every aspect of daily life. We use the internet for knowledge, shopping, communication, business, convenience, and much more. Although technology has become increasingly invasive over the past few decades, many users are just beginning to understand and question the data collection practices of vendors used every day.
With the amount of time spent on the internet and the number of websites, apps, and other digital entities that we interact with daily, it seems almost impossible to know what data has been collected about ourselves and our online habits, who has access to that data, and how that data is being used. While we may not ever be able to fully answer those questions, we can determine some of the data collected about us based off of the websites, apps, and other web tools that we use.
Malicious Intent—Phishing, Hacking, Leaks
When most people consider the risks of exposing their data on the web, they mostly worry about hacking and the resulting leaks. Many major companies, such as Target and Equifax, that handle millions of users’ sensitive and private data have been hacked and compromised customer data. These risks are real, and every company storing consumer data online should take extra steps to ensure information security. However, data acquired illegally through malicious mechanisms is only one of several ways that companies acquire and profit off your data. Many even do so legally.
Google, which earns over 84%  of its revenue through targeted advertising made possible through the vast amount of data collected by google search engines and other products, collects much of your data. Curious what data they have, and want to adjust your settings? Find out what information Google has collected about you.
The Washington Post recently published an article that outlines the extent of data collected by browser extensions and the surveillance that is available through them. The article found that some browser extensions monitor all your web activity and sell the data they collect on it.  Make sure to check the privacy practices and legitimacy of any browser extension before downloading.
Social Media Sites
Facebook, now infamous for its data collection and selling practices, was recently fined $5 billion for data privacy violations. While certainly the most famous example, Facebook is not alone in collected data from its users. Check the privacy settings on any social media site used to find out what information they collect and how they use it.
The terms and conditions that most users typically accept without reading detail what data the company can collect, who they can give it to, and how it can be used (albeit often in confusing and misleading terms). While no one can be expected to read the terms and conditions for every online platform used, if you are concerned about the data practices of any website, it may be worth looking over the site’s terms and conditions.
Many websites require you to accept their cookies before continuing to use the website. Cookies track your use of the website and may perform tasks like saving your login information. Some cookies may track your web use across multiple sites. You can usually find your stored cookie information by checking your cookie settings in your chosen web browser.
Third-party Vendors on Social Media or Email
Both Google and Facebook (whose own data practices are mentioned above) have been highly criticized for allowing third party vendors using their platforms to collect and sell data of their customers. Check any third-party apps used on social media or email before use.
Many online retailers collect data on your shopping and browsing habits to show you personalized advertisements. Have you ever seen an advertisement for something you were just searching for the day before? Data collection makes these advertisements possible. Data collected by retailers may also be used for other purposes such as price discrimination.
Navigation systems and location services on various apps collect your location data and use it for a variety of purposes. Have you ever gotten in your car to drive to work to find that your phone already knows where you are going and has notified you how long your drive will be? This service is made possible through the data collection of your navigation system. While the intent in collecting this data may not be malicious, it never hurts to double check the privacy settings on your navigation service.
The above is not an exhaustive list of possible data collection means and uses, but it does illustrate the amount of data that can be easily and legally collected from unsuspecting users. While not all of these data collection practices are performed for malicious purposes, and while some even seem quite useful and convenient, it can be frightening to realize how much information different organizations have collected about you, sometimes without your knowledge or even consent. In this digital age, it may not be possible to completely control your personal data but understanding how it’s collected and used is a good start.