Last month, 145 million Americans discovered they were victims of one of the biggest data breaches in history, after the credit rating agency Equifax was hacked.
Social security numbers, birth dates, telephone numbers and, in some cases, driver’s licence and credit card numbers were exposed, leaving people vulnerable to identity theft and fraud.
Companies know more about individuals than they ever have. And almost every week there is news of a data hack.
So does this mean that the age of personal privacy is over?
BBC World Service’s The Inquiry programme has been hearing the views of four experts.
‘Database of ruin’
“Technology has created enormous conveniences for us, but there is no reason why those conveniences have to inevitably come at the cost of giving up our privacy wholesale,” says Ben Wizner, of the American Civil Liberties Union, who is chief legal adviser to the US intelligence leaker Edward Snowdon.
Mr Wizner says people should be able to control information held on them, as well as with whom they share it.
“It is now both technologically and financially feasible for corporations and governments to collect and store records of almost all of our activities, records that never would have existed in the past,” he says.
All of this – whether harvested from the web, mobile phones or social media – creates vast amounts of data from consumers, held by corporations.
And with the advent of smart appliances, this will only increase.
“You will be watching your television, your television will be watching you.”
And he has concerns about agreements meant to safeguard consumers’ data.
“It is literally impossible for consumers to read all of those agreements. What we all do instead is we click “agree”. In legal terms, we have consented. In meaningful terms, have we consented?”
Personal information, Mr Wizner says, allows corporations to make highly accurate predictions about a person’s life, including their sexuality and any health problems they may have.
“I think that we hear all too often this sort of blase remark that ‘I don’t need to be worried about surveillance because I’ve done nothing wrong and I have nothing to hide.’
“For every single one of us, there is some pile of aggregated data that exists, the publication of which would cause us enormous harm and, in some cases, even professional and personal ruin.
“Every single one of us has a database of ruin.”
The post-privacy economy
Former Amazon chief scientist Andreas Weigend says the time has come to recognise that privacy is now an illusion.
He grew up in West Germany, where his family moved following his father’s release from prison in East Germany, where he had been a political prisoner.
Later, he discovered that, though his father’s Stasi files had been destroyed, the secret police had opened a file on him, in 1986, when he was a graduate student in the US.
Though he felt vulnerable after this revelation, his views on privacy are clear.
“I have realised that even if you were a privacy zealot, you don’t have a chance.
“Data is being created as we breathe, as we live, and it is too hard a battle to try to live without creating data.
“And that is a starting point: that you assume that we do live in a post-privacy economy.”
Indeed, he has just written a book called Data For the People: How to Make Our Post-Privacy Economy Work for You.
Or daily lives, he says, constantly lead to the creation of new data: from phones, credit cards, public transport systems and more.
“I think we don’t have the time in the day to know everything that’s being created about us.
“On the other hand, we don’t want companies to just scoop up all the data that we create and never tell us anything about it.”
He believes we should embrace the fact we’re creating lots of data, because we get better products and services in return.
“Every battle we should fight now is, ‘And what can we, as individuals, as citizens, get out of the data which we create?’
“Having new technologies means that we need to think about what actually does ‘privacy’ mean. So, it’s time to actually redefine privacy.”
But Mr Weigend isn’t willing to let go of all privacy. There is “no way”, for instance, he would publish his browsing history.
“I think our browsing histories are way more personal than what we share with our partners.
“Our most secret questions in our mind, our most secret desires, they end up at Google and where Google takes us.”
His message to people concerned about privacy is simple.
“Think about your computer security, think about your passwords, think about just how lax, probably, your own personal security is.”
And he believes that people’s views on privacy will change, just as things have already changed.
“What the KGB wouldn’t have gotten out of people under torture, now people knowingly and willingly publish on Facebook.”
Naked on the net
Svea Eckert is an investigative reporter for Germany’s national broadcaster, ARD. Last year she decided to adopt a fake name and set up a fake company, complete with its own website.
Her target? Detailed information showing which web pages individuals had visited, offered for sale by companies who gather data about people’s internet use.
She and a colleague eventually gained access to a month’s worth of de-anonymised browsing records of about 20 people, all in high-profile positions.
The URLs pointed to details of a criminal investigation, a senior executive’s complete financial records, a judge’s daily porn viewing habits and the browsing histories of politicians.
The subjects were shocked when shown the data held about them.
It emerged that all this data had come from a browser plug-in that these users had installed.
Ms Eckert says it wasn’t legal for the data to be sold but there has been no action against the company selling it, because it was based outside the EU.
And she is concerned at how smaller marketing companies were able to sell this sensitive data but may not have had the money available to wealthy corporations to protect themselves from hackers.
“I think at the moment we are living in a time which is like the time was when people were not wearing seatbelts in the car.”
A future with less data?
“The beauty of what’s been occurring in the past year or two,” says Gus Hosein, head of Privacy International, a global non-governmental organisation campaigning for privacy, “has been that some of the companies who are core now to the delivery of the internet as we know it have taken security and privacy much more seriously.
“What is disappointing is that below the waterline, below what we can see, some of these companies have doubled-down or tripled-down on the extent to which they are grabbing data and doing things with that data without you ever being able to see.”
But he thinks there is a limit to how much individual behaviour can achieve in securing online privacy.
“Almost every positive move that Facebook and Google and the other large companies have taken, particularly the data companies… has been as a result of regulatory pressure.”
Most technology companies are based in the US where, he says, lobbyists have prevented regulations from being imposed.
That lobbying influence has proven less effective in Europe, where a new law, the General Data Protection Regulation, designed to increase safeguards on the storage and handling of personal data, is due to come into effect next year.
“My worry is that we’ll become desensitised and we’ll become quite resigned to the fact that, ‘Yeah, our data is harvested, and, yeah, I guess it is not secure, and, yeah, I guess any criminal who wanted to can get access to it.’
“The defence of privacy will be the saviour of the future, essentially.”