The Paradox of Privacy

Bad Privacy Blog by Claudiu Popa
4 min readMar 28, 2021

Or how companies collect and share our information before even asking for it.

Let’s get one thing out of the way. You must never, ever, ever surf the Web unprotected. You would not walk into a store if you had to fill out detailed application forms from strangers, so why would you summarily surrender your identity without even bothering to ask who wants to know?

The concept of the privacy paradox is well documented. It presents the gap between the expectation of privacy and its associated salience. It laments the fact that as a species, we care about things we bother to think about, but shamefully avoid thinking about them out of convenience and discomfort. It even hints at a certain complicity between our submissive selves and the data aggregating overlords that have redefined privacy in their favour.

Much like scam victims who have cooperated with their abusers for so long that they feel guilty and ashamed at their own failure to put a stop to things, the privacy paradox pretends to uncover something of a Stockholm Syndrome unfolding between negligent and unscrupulous Websites and their users.

Unfortunately that concept is flawed. It assumes that people who don’t know things also do not care about things. That point is critical, since the current state of the Web is precisely designed around dark patterns that seek to discourage, demotivate and deceive people just long enough to get their data. Over the past decade, this art — to which the Privacy Paradox previously referred— has been elevated to the status of science. Literally.

From the science that powers social media to the dark arts of online advertising, it’s all increasingly fine-tuned to continuously serve up influence and manipulation. We see it in the ecommerce platforms that “optimize” prices based on every situation to the politically charged discourse designed to push disinformation and fake news. For Sir Tim Berners-Lee, the man credited with the invention of the World Wide Web, this unintentional consequence of global connectivity is a heartbreaking reality:

For the man who set all this in motion, the mushroom cloud was unfolding before his very eyes. “I was devastated,” Berners-Lee told me that morning in Washington, blocks from the White House. For a brief moment, as he recalled his reaction to the Web’s recent abuses, Berners-Lee quieted; he was virtually sorrowful. “Actually, physically — my mind and body were in a different state.” Then he went on to recount, at a staccato pace, and in elliptical passages, the pain in watching his creation so distorted.

As such, people simply are not aware that the objective of most Websites is to acquire as much information as possible by frictionless means before confessing to anything or asking for consent.

To wit, many — if not most — of today’s privacy policies are meaningless copies of copies of generic language that are entirely divorced from the practices of their respective organizations. They are simple placeholders for the phrase “if we understood or cared about your privacy, it would be printed here. Since we do not, pretend to read the following patronizing nonsense and feel that you have at least tried.”

This is plainly illustrated by sites that require visitors to relinquish rights to their data before even viewing their ‘privacy policies’.

By surfing with a browser add-on that helps you summarily block privacy-invasive activity, you can see that many companies share your presence and connection details even as you are reading their privacy ‘policy’.

I don’t subscribe to fearmongering or fatalistic conclusions about the surveillance state, but we are clearly at an inflection point marking maximum data collection and minimum public awareness.

Where we go from here depends on knowing what information to trust and how we choose to reward organizations that demonstrate respect for individual privacy and evidence of adequate security. We don’t even look for ‘best practices’. We would settle for good, decent, respectful practices.

If we settle for less than that, the Privacy Paradox will will be validated. All it takes is to stand our ground and block companies that we know should not be trusted. And we can do that one Web page at a time.

Here are 5 tools I use to prevent faceless companies from stealing my data:

  • Privacy Badger
  • NoScript
  • AdBlock Plus
  • uBlock Origin

There are many more and they supplement the proper configuration of your browser, but this is a start. You can think of it as a red pill, but it’s really an antidote to the dreaded Privacy Paradox.


Note: as with all other posts on this site, logos and brands remain under the copyright of their respective owners and images are courtesy of Pexels, Canva and Wikipedia Commons.



Bad Privacy Blog by Claudiu Popa

Fīat jūstitia, ruat cælum. Personal musings on data protection fails, snafus & oddities, written & edited by Claudiu Popa; author, educator, booknerd.