The privacy paradox: How much privacy are we willing to give up online?

Overhead view of home office

A definition of the privacy paradox, stats suggesting it became a bigger problem during the COVID-19 pandemic, and tips to protect our internet privacy on everyday platforms.

Have you ever tried imagining your everyday life without the internet? 

Nearly 60 percent of people say they could never fathom a world without digital extension, from social media to food deliveries and online banking.

For all of the conveniences these online platforms and services bring, how often do we really ponder the price we pay for them in privacy? Well, less than how much we worry about losing them — only 40 percent of American adults are concerned about the misuse of their online data.

And that was before the COVID-19 pandemic, which digitized our life even further, thanks to new normals that involved online learning, telehealth appointments, and working from home, to name a few socially-distanced pivots.

We put more of our lives online and, as a result, our personal data followed. To echo one headline, 2020 was the year we gave up on privacy. We went from people who couldn’t imagine lives without the internet to people who relied on the internet — and we put our privacy on the line because of it, despite having concerns about doing so.

It’s a problem that’s plagued digital citizens for decades — how our online behaviors don’t match up with our online intentions — and it’s called the privacy paradox. 

What is the privacy paradox?

a definition of the privacy paradox: a dichotomy between a person’s intentions to protect their online privacy versus how they actually behave online and, as a result, compromise their privacy

First coined in 2001, the privacy paradox is a dichotomy in how a person intends to protect their online privacy versus how they actually behave online — and how they don’t protect their information online. This is usually because of an unwillingness to break convenient habits or behaviors.

That’s the thing about technology. It makes our lives easier, but that ease comes at a price that we often don’t see: our online privacy.

Yet, the privacy paradox doesn’t entirely exist because we don’t understand how our private information is used by websites and platforms we frequent every day. Instead, the privacy paradox exists because we prioritize the conveniences of these platforms over tweaking our behaviors to use them safely. A part of the reason for that is that our behavior is influenced by the trust of a site or online platform, not the risks surrounding them, which creates a mismatch between our intents and our actions.

In other words, the privacy paradox is discord between our actual online activities and our attitudes about online privacy. So, what are our attitudes toward online privacy? Generally, that we’re concerned.

Internet privacy concerns: How concerned are we?

statistics regarding how concerned Americans are about protecting their online privacy versus how they prioritize their privacy, all of which alludes to the privacy paradox

Online users cherish their digital lives. By some counts, one-third of consumers even value their online life at $100,000 to priceless. Yet, we so often take for granted the digital footprints and private data we leave behind online. For instance, one survey posited that people think their browser history is worth the equivalent of a Big Mac meal. That’s about $6.

This doesn’t match up with other findings that over 80 percent of online users in the U.S. feel that their data is vulnerable to hackers. What’s more, according to a 2019 Pew Research study:

  • 72 percent of Americans feel that all, almost all, or most of what they do online is being tracked by advertisers, technology firms, or other companies.
  • 79 percent of Americans are concerned about how companies are using the data they collect about them, yet 59 percent understand very little or nothing about what data companies collect.
  • 81 percent of Americans think the potential risks of data collection by companies about them outweigh the benefits and/or conveniences of using those companies’ online services.

Yet, as the privacy paradox so goes, people aren’t necessarily prioritizing their privacy online. Just consider how our online activities make us vulnerable to cyberattacks and, in turn, compromise our online privacy.

Reasons for internet privacy concerns

three examples of how our personal information can be compromised online, included to be used for extortion, identity theft, and data broker sites

Why should online users be concerned about their privacy in the first place? For starters, because your privacy is just that — yours. And you should have control of it or, in the least, know who else is maintaining it and how.

For instance, there are companies known as data brokers that collect and maintain data on millions of people, which they analyze, package, and sell without the user’s knowledge or permission and for many reasons, including targeted advertising, credit risk assessment, and direct marketing.

From there, our private information is so far out of grasp, we can feel hopeless about protecting it, let alone trying to opt-out of the white pages. Moreover, when our private information gets in the wrong hands, that’s when cybercrimes can arise, resulting in identity theft, social media account takeovers, and extortion.

Reclaiming our private information and correcting a cybersecurity incident can be painstaking and life-altering. For this reason, protecting your privacy begins with understanding the relationship between privacy and security.

Privacy relates to any rights you have to control your personal information and how it’s used. Security, on the other hand, refers to how your personal information is protected.

Bottom line: Your online privacy matters. By improving your cybersecurity, you’re protecting your privacy. And by holding your private information close from the start, you’re already one step ahead of fixing the privacy paradox.

10 places we give up privacy online and tips to quit

icons indicate four ways to protect your privacy online, including using strong passwords, practicing webcam awareness, using a VPN, and not sharing information at all

According to a 2020 NortonLifeLock study, Americans are about a three-way split on who should be held responsible for protecting our private information online, with 36 percent believing companies should be at the helm, 29 believing the government should be responsible, and 34 percent believing individuals themselves should be responsible. 

No matter where you stand, one thing is for certain: You can make adjustments to protect — and take back — your online privacy. And it’s not as painstaking as combing through the fine print on every platform’s privacy policy. It all comes down to tweaking some privacy-compromising behaviors we commit to on the daily. 

To that end, we’ve compiled a list of the platforms and places where you might be considered a regular online, the risks associated with them, and behavioral adjustments to help break your privacy paradox problem.

1. Food delivery apps and services and the privacy paradox

an illustration of a person picking up a box of pizza off of their doorstep while they hold a cell phone in their hand, indicating they used an app to order the pizza and gave up some online privacy

In 2020, food delivery apps and services thrived. The global online food delivery market’s revenue surged by almost 30 percent in light of the COVID-19 pandemic, according to some counts, reaching a whopping $136.4 billion in 2020. The market is also expected to rise to $182.3 billion by 2024. 

The privacy we give up: The personal information we save in apps, including names, email addresses, delivery addresses, phone numbers, and payment methods.

The risk: Phishing scams can occur and security breaches happen. Consider DoorDash’s incident in 2019 that comprised almost 5 million users’ personal information.

The fix: Opt to input your information manually for each transaction, don’t save it for later. In the event you do create an account, be sure to use strong, unique passwords and opt into 2-factor authentication if it’s an option. Take things a step further and consider signing up for identity theft and/or dark web monitoring services.

2. Online banking and the privacy paradox

The COVID-19 pandemic may have expedited digital banking for some. But even before 2020, online banking was big, especially because it saves customers time — almost 90 percent of people agree, according to a Chase Bank survey. In other words, four in five customers prefer to manage their finances digitally rather than in person.

The privacy we give up: Our financial history and information.

The risk: Cybercriminals know precisely where to breach your financial data — banking websites and services. If they get their paws on yours, they could use it to commit identity theft or even extortion.

The fix: Protect your online banking accounts by using strong, unique passwords and change them often. Also, opt for two-factor authentication (2FA), if it’s an option.

3. Social media and the privacy paradox

an illustration of a person on a phone using social media, indicating that they’re giving up some of their online privacy even if they don’t mean to, which is the privacy paradox

At least 30 minutes — surveys show that’s how long 50 percent of the population spent on social media every day in 2020. It might only seem like a sliver of time, until you consider how much you engage online in that time, saving posts for later, liking others’ posts, and getting lured to an online shopping site.

What’s more, 2020 led more people to social media for socializing. By other counts, an average user spent two and a half hours per day on social media last year. Remember, even as we swing back into socializing in the physical world, the digital world is hanging onto our data — unless we reclaim it.

The privacy we give up: Personal information that we make public on our profiles, including our date of birth, education, even employment history.

The risk: White-page sites can pull information from your public account and create a profile about you. Besides, the more information you make available, the easier it is for cybercriminals to piece together a picture of you and take over your accounts or, worse, identity.

The fix: The cyber-safest way to social media is to get to know and adjust your privacy settings or limit what you share online, especially in the “about me” fields of an account. Also, set your accounts to private and create strong, unique passwords.

4. Online gaming and the privacy paradox

When the world went online in 2020, adults and kids alike turned to one of America’s favorite digital pastimes: video games. It’s reported that during shelter-in-place months, time spent gaming increased by 39 percent over 2019, with 18-to-24 year-olds spending the most time with controllers in their hands. Moreover, overall viewership across Facebook Gaming, Mixer, Twitch, and YouTube Gaming was up almost 80 percent in 2020 over 2019 to a total of 27.9 billion hours, according to StreamLabs, a video game extension developer.

The privacy we give up: Our account logins, if we don’t change them often, and the personal information and payment methods we save on them.

The risk: Cybercriminals can hack into your gaming accounts or infiltrate your computer and commit active listening, if you leave your mic, screen capture, or camera unattended. Ultimately, they could use your personal information for swatting or doxing and even sell your account logins on the dark web.

The fix: Take your video game security seriously and consider investing in video game security software or VPN to encrypt your online activity. At the least, use strong, unique passwords for your account logins and change them often. Also, opt for 2FA, if it’s an option.

5. Online shopping and the privacy paradox

an illustration of a woman in front of a computer online shopping, indicating that she might be giving up some of her private information online even if she doesn’t mean to, which is the privacy paradox

For fashionistas and home cooks alike, there’s a special satisfaction that comes with having your favorite things delivered right to your door at the click of a button. And the online shopping options can seem endless. In light of the COVID-19 pandemic, online grocery and apparel sales rose beyond 40 percent among U.S. adults, according to some studies. What’s more, 80 percent plan to continue buying online post-pandemic.

The privacy we give up: The personal information we input at checkout, including names, email addresses, delivery addresses, phone numbers, and payment methods.

The risk: Formjacking is when cybercriminals inject malicious JavaScript code to hack a website and take over the functionality of the site's form page, like those on a checkout page, to collect sensitive user information like credit card details which can then be used for identity theft, extortion, or sold on the dark web. 

The fix: Prevent companies and cybercriminals from following your digital footprint by browsing incognito or private mode or using a VPN, which encrypts the data you send and receive. Always check whether your connection is private on a new website by confirming the web address begins with HTTPS and there's a lock icon in the address bar.

6. Online schooling and the privacy paradox

Just as many offices moved to an online model, so did our classrooms in 2020 — by some counts, 1.6 billion students were affected worldwide due to the COVID-19 pandemic. In the U.S. alone, 65 percent of households with children reported using online learning during the pandemic. This meant our kids, tweens, and teens were all needing to brush up on their cyber safety, while our home Wi-Fi networks worked harder than ever.

The privacy we give up: Our physical surroundings and also sensitive information communicated via email, including grades and medical information.

The risk: Phishing, one of the oldest cyber threats in the book, is a tried-and-true cyberattack method, especially when it comes to emails that look trusting but are indeed deceiving. Also, while a school’s Wi-Fi network should be up to cybersecurity snuff, home Wi-Fi networks might not be as secure, allowing cybercriminals to hack into your devices and tap into your sensitive information stored on them.

The fix: Learn how to spot phishing attempts and secure your home Wi-Fi network, perhaps by using a VPN that encrypts your online activity.

7. Video conferencing and the privacy paradox

an illustration of two people video conferencing, indicating they should practice webcam awareness to protect their privacy online

Video conferencing tools like Zoom, Google Hangouts, Microsoft Teams, and WebEx Meetings catapulted in importance in 2020, as much of the world’s workforce pivoted to remote models. Zoom alone juggles more than 200 million daily meeting participants compared to a mere 10 million in 2019. After hackers accessed some video conferences at the beginning of the COVID-19 pandemic, users were quick to adjust their settings to password-protected meetings and limited screen-sharings. Still, some risks may remain that we don’t see.

The privacy we give up: Our physical surroundings and private conversations.

The risk: Many video conferencing risks regard malicious software like spyware that can infiltrate your computer and provide hackers a literal lens to spy on you — through your computer’s camera — and commit a true invasion of privacy.

The fix: Always be aware of your webcam and what it could be exposing. Enhance your webcam security by opting for a video background so other members of a call can’t see into your home. When not in use, cover your webcam with a piece of tape or paper or an adhesive sliding webcam cover. Additionally, ensure your router’s firmware is up to date and consider a cybersecurity software or VPN to keep cybercriminals at bay.

8. Telehealth and the privacy paradox

Just like work and school went online, so did some of our routine medical appointments, thanks to a rise in socially-distanced video chats with doctors in 2020.

According to the CDC, 95 percent of the health centers used telehealth during the COVID-19 pandemic. In June to November 2020 alone,  30 percent of weekly health center visits occurred via telehealth. Even as these appointments might decline as the pandemic wanes, it’s important to remember that our personal data shared online through telehealth appointments remains where we left it — online.

The privacy we give up: Our medical and billing formation we provide to our doctors online.

The risk: Hackers can intercept video conferences with your doctor, as well as email exchanges, and exploit your private medical and billing information, selling it on the dark web.

The fix: Foremost, consider requesting all health information be provided to you via a phone call versus text or email. Also, vet how your telehealth provider protects your sensitive information — encourage using video-conferencing services that rely on encryption and request that they don’t share your medical information without your permission.

9. Streaming services and the privacy paradox

an illustration of a person sitting on a couch steaming a television show, indicating that they might be putting some of their personal information at risk and should protect it

Netflix, Hulu, Amazon Prime, Disney +, no matter your preference, you’ve probably watched a show on at least one of these streaming platforms. By some counts, our time spent on video streaming platforms increased 43 percent in 2020 over 2019. Additionally, 44 percent of viewers began using at least one new streaming service since March 2020, much of them working in tandem with smart TVs.

The privacy we give up: The personal information we save to our streaming accounts, including names, email addresses, phone numbers, and payment methods.

The risk: Cybercriminals prey on streaming account logins. Consider after the launch of Disney +,  when thousands of accounts were hacked, giving access to viewers’ payment information and also account logins that can be sold on the dark web.

The fix: Use strong, unique passwords for your account logins and change them often. Also, opt for 2FA, if it’s an option.

10. Connected fitness and the privacy paradox

Wearable tech and fitness trackers were making waves long before the COVID-19 pandemic, with the global market expected to top $51.6 billion by 2022. But 2020 increased demand for IoT devices, including connected fitness equipment. According to one study, 127 new IoT devices are connecting to the internet every second — and cybersecurity concerns surrounding them growing every second. Just consider President Joe Biden and his Peloton bike, with its tablets that boast built-in cameras and microphones, both of which opened a can of cyberthreat worms when he moved to the White House.

The privacy we give up: Depending on the device, our physical surroundings and conversations in their vicinity, plus personal or health information connected to our gadgets.

The risk: Think of a connected fitness device, such as a smart watch or Wi-Fi-connected bike, as an extension of your smartphone. They’re supposed to collect a lot of personal data, including health information but also financial information for billing purposes and information attached to apps we download on them. The catch: These devices often lack authentication in favor of convenience, making them easier to open and access — including by non-owners.

The fix: Be aware of the permissions you’ve given apps on smartwatches or fitness trackers, including your geographical location. Treat larger, Wi-Fi-connected devices as you would a video call and be sure the microphone and camera are deactivated when not in use. 

The bottom line: Don’t be complacent about your online privacy

So how much privacy do we really give up when we go online? Only you can determine that because breaking the privacy paradox begins with breaking privacy-compromising habits online — and understanding just what those habits are.

And you shouldn’t have to compromise your cybersecurity to reap the endless conveniences, apps, and services the internet provides. Leading a cyber-safe, digital life is all about embracing what the internet has to offer and protecting your online privacy at the same time.

an infographic that’s an overview of the privacy paradox, including what it means and places we sacrifice our online privacy out of convenience, plus tips to protect our online privacy
Clare Stouffer
  • Clare Stouffer
  • Gen employee
Clare Stouffer, a Gen employee, is a writer and editor for the company’s blogs. She covers various topics in cybersecurity.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.