The privacy paradox: How much privacy are we willing to give up online?

Overhead view of home office

A definition of the privacy paradox, stats suggesting it became a bigger problem during the COVID-19 pandemic, and tips to protect our internet privacy on everyday platforms.

Ever imagined living your everyday life without the internet? 

According to Statista Global Consumer Survey in 2020, around 55% of Indian users said they could never fathom a world without digital extension, from surfing on social media to online shopping.1

For all of the conveniences these online platforms and services bring, how often do we really ponder the price we pay for them in privacy? Well, less than how much we should worry about losing them. Only 37% of Indian adults are concerned about their online data being misused.

And that was before the COVID-19 pandemic, which digitized our life even further, thanks to new normals that involved online learning, telehealth appointments, and working from home, to name a few socially distanced pivots.

As we kept putting more of our lives online, our personal data followed along. To echo one headline, we can say that 2020 was the year we gave up on privacy. We went from people who were addicted to the internet to people who are getting tired of using it. We now rely on the internet to perform almost every daily task, putting our privacy on the line because of it, despite having concerns about doing so.

It’s a problem plaguing digital citizens for decades, how our online behaviours don’t match up with our online intentions, and it’s called the privacy paradox. 

What is the privacy paradox?

a definition of the privacy paradox: a dichotomy between a person’s intentions to protect their online privacy versus how they actually behave online and, as a result, compromise their privacy

First coined in 2001, the privacy paradox is a dichotomy or difference between how people intend to protect their online privacy versus how they actually behave online to disclose their personal information and protect their data, which is usually very different. This is generally because of an unwillingness to break convenient habits or behaviours.

That’s the thing about technology. It makes our lives easier, but that ease comes at a price that we often don’t see: our online privacy.

Yet, the privacy paradox doesn’t entirely exist because of our inability to understand how websites and platforms use our private information frequently every day. Instead, the privacy paradox exists because we prioritize the conveniences of these platforms over tweaking our behaviours to use them safely. A part of the reason is the influence of trust for a site or online platform on our behaviour, not the risks surrounding them, which creates a mismatch between our intents and our actions.

In other words, the privacy paradox is discord between our attitudes for protecting online privacy and our actual online activities that do not comply with our intentions. So, what are our attitudes toward online privacy? Generally, that we’re concerned. 

Internet privacy concerns: How concerned are we?

statistics regarding how concerned Americans are about protecting their online privacy versus how they prioritize their privacy, all of which alludes to the privacy paradox

Online users cherish their digital lives. According to some counts, more than 45% of the Indian population uses the internet, that’s over 615 million people. Staggeringly, most adults spend around 17 hours per week on the internet. Yet, we so often take for granted the digital footprints and private data we leave behind online.

NortonLifeLock recently released their findings from the Norton Cyber Safety Insights Report 2021, which revealed that 63% of Indian adults feel more vulnerable to hackers and cybercriminals more than they did before the pandemic. More findings from the same survey below:

  • 75% of Indians are concerned about the privacy of their online data, and 77% want to strengthen their online security to do so. 
  • 59% of Indians have been victims of cybercrimes in the previous year, most of which included data breach and identity theft.
  • 42% of Indian adults think that it’s impossible to protect their online privacy or just don’t have the knowledge of how to do it.

Yet, as the privacy paradox so goes, people aren’t necessarily prioritizing their privacy online. Just consider how our online activities make us vulnerable to cyberattacks and, in turn, compromise our online privacy.

Reasons for internet privacy concerns

three examples of how our personal information can be compromised online, included to be used for extortion, identity theft, and data broker sites

Why should online users be concerned about their privacy in the first place? For starters, because your privacy is just that — yours. And it would be best if you had control of it or, at least, know who else is maintaining it and how.

For instance, companies known as data brokers collect and maintain data on millions of people. For many reasons, including targeted advertising, credit risk assessment, and direct marketing, many of those companies analyze, package, and sell the collected data without the user’s knowledge or permission.

From there, our private information is so far out of grasp, we can feel hopeless about protecting it, let alone trying to opt-out of the white pages. Moreover, the real risk arrives when our personal information gets into the wrong hands, which includes the rise of cybercrimes such as identity theft, social media account takeovers, and extortion.

Reclaiming our private information and correcting a cybersecurity incident can be painstaking and life-altering. For this reason, protecting your privacy begins with understanding the relationship between privacy and security.

Privacy relates to any rights you have to control your personal information and how it’s used. Security, on the other hand, refers to how your personal information is protected.

Bottom line: Your online privacy matters. By improving your cybersecurity, you’re not only protecting your privacy but also saving yourself from all the stress you may have to face if you lose your data. And by holding your private information close from the start, you’re already one step ahead of fixing the privacy paradox.

10 places we give up privacy online and tips to quit

icons indicate four ways to protect your privacy online, including using strong passwords, practicing webcam awareness, using a VPN, and not sharing information at all

There have been debates on who should be held responsible for protecting our private information online, with some believing that the government and companies should be accountable and others believing individuals themselves should be responsible. 

No matter where you stand, one thing is for sure: You can make adjustments to protect and shield your online privacy. It’s not as painful as combing through the fine print on every platform’s privacy policy. It all comes down to tweaking some privacy-compromising behaviours we commit to on a daily basis. 

To that end, we’ve compiled a list of the platforms and places online where you might visit regularly, the risks associated with them, and behavioural adjustments to help break your privacy paradox problem.

1. Food delivery apps and services and the privacy paradox

an illustration of a person picking up a box of pizza off of their doorstep while they hold a cell phone in their hand, indicating they used an app to order the pizza and gave up some online privacy

In 2020, food delivery apps and services thrived. According to some counts, the global online food delivery market’s revenue surged by almost 30% in light of the COVID-19 pandemic, reaching a whopping $136.4 billion in 2020. The market is also expected to rise to $182.3 billion by 2024. 

The privacy we give up: The personal information we save in these apps, including names, email addresses, delivery addresses, phone numbers, and payment methods.

The riskPhishing scams can occur, and security breaches happen. For example, take DoorDash’s incident in 2019, which comprised almost 5 million users’ personal information.

The fix: It’ll be helpful to input your information manually for each transaction and not save it for later. If you create an account, be sure to use strong, unique passwords and pick 2-factor authentication if it’s in the options. Take things a step further and consider signing up for identity theft and/or dark web monitoring services.

2. Online banking and the privacy paradox

The COVID-19 pandemic may have accelerated the use of digital banking for some. But even before 2020, online banking was big, significantly because it saves customers time plus is more convenient. Considering the ease of banking it brings, many prefer to manage their finances digitally rather than in person.

The privacy we give up: Our financial history and information.

The risk: Cybercriminals know precisely where to breach your financial data, that is, banking websites and services. In case they get a hold of your banking details like credit card numbers, or your account number, they could use it to extract more information which could result in identity theft or even extortion.

The fix: Protect your online banking accounts by using strong, unique passwords and change them often. Also, sign for two-factor authorization (2FA) if it’s an option.

3. Social media and the privacy paradox

an illustration of a person on a phone using social media, indicating that they’re giving up some of their online privacy even if they don’t mean to, which is the privacy paradox

Statista reported that most Indian adults spend more than two hours and twenty-five minutes surfing social media. It might only seem too much, until you consider how much you engage online in that time, saving posts for later, liking others’ posts, and getting lured to an online shopping site.

What’s more, 2020 led more people to social media for socializing. By other counts, an average user spent two and a half hours per day on social media last year. Remember, your data is still out there in the digital world, even when you are offline.

The privacy we give up: Personal Information that we make public on our profiles, including our date of birth, education, even employment history.

The risk: Hackers can pull information from your public account and create a profile about you, which will potentially be used for performing illicit acts. Besides, the more information you make available, the easier it is for cybercriminals to piece together a picture of you and take over your accounts or, worse, identity.

The fix: The cyber-safest way t social media is to get to know and adjust your privacy settings or limit what you share online, especially in the “about me” fields of an account. Also, set your accounts to private and create strong, unique passwords.

4. Online gaming and the privacy paradox

Video games were already prevalent worldwide, but teens and kids have more than ever been relying on gaming since the world went online in 2020. It was reported that Indian gamers, on average, spend around 8.15 hours a week playing, and more than 60% of those have claimed to be playing consecutively for over three hours. TwitchTracker counted over 3 million live video game streaming audiences who have spent more than 587 billion minutes so far this year.2

The privacy we give up: Our account login credentials if we don’t change them often, and the personal information, including payment methods we use on those sites and software.

The risk: Cybercriminals can hack into your gaming accounts or infiltrate your computer and commit active listening, if you leave your mic, screen capture, or camera unattended. Ultimately, they could use your personal information for swatting or doxing and even sell your account logins on the dark web.

The fix: Take your video game security seriously and consider investing in video game security software or VPN to encrypt your online activity. At the least, use strong, unique passwords for your account logins and change them often. Also, pick the 2FA security option if it’s available.

5. Online shopping and the privacy paradox

an illustration of a woman in front of a computer online shopping, indicating that she might be giving up some of her private information online even if she doesn’t mean to, which is the privacy paradox

For fashionistas and home cooks alike, there’s an exceptional satisfaction that comes with having your favourite things delivered right to your door at the click of a button. And the online shopping options can seem endless. According to Statista, it was estimated that more than 330 million Indians were involved in digital buying in 2020.3

The privacy we give up: The personal information we input at checkout, including names, email addresses, delivery addresses, phone numbers, and payment methods.

The risk: Cybercriminals use Formjacking as a technique to inject malicious JavaScript code to hack a legitimate website and take over the functionality of the site's form page, like those on a checkout page, to collect sensitive user information like credit card details which they can later use for committing identity theft, extortion, or selling the information on the dark web. 

The fix: Prevent companies and cybercriminals from following your digital footprint by
browsing incognito or private mode or using a VPN, which encrypts the data (makes it unreadable) you send and receive. Always check whether your connection is private on a new website by confirming the web address begins with HTTPS and there's a lock icon in the address bar.

6. Online schooling and the privacy paradox

Just as many offices moved to an online model, so did our classrooms in 2020. By some counts, 1.6 billion students were affected worldwide due to the COVID-19 pandemic. In India, more than 1.5 million schools were shut down because of the pandemic, having an effect on over 280 million students all over the country. This meant more of our kids, tweens, and teens depended upon the digital classes to get their education, which increased the cyber safety requirements.4

The privacy we give up: Our physical surroundings and also sensitive information were dealt with via email, including grades and medical information.

The risk: Phishing, one of the oldest cyber threats in the book, is a pretty reliable method for cyberattacks, especially when it comes to emails that look trusting but are indeed deceiving. Also, while a school’s Wi-Fi network should be up to cybersecurity snuff, home Wi-Fi networks might not be as secure, which would allow cybercriminals to hack into your devices and steal your sensitive information stored on them.

The fix: Learn how to spot phishing attempts and secure your home Wi-Fi network, perhaps using a VPN that encrypts your online activity would be helpful.

7. Video conferencing and the privacy paradox

an illustration of two people video conferencing, indicating they should practice webcam awareness to protect their privacy online

Video conferencing tools like Zoom, Google Hangouts, Microsoft Teams, and WebEx Meetings turned out to be essential tools for conducting academic classes as well as for workforces. In 2020 alone, Zoom was downloaded 30 times more than the previous year, reaching 485 million downloads from 16 million in 2019. After hackers accessed some video conferences at the beginning of the COVID-19 pandemic, users quickly adjusted their settings to password-protected meetings and limited screen-sharings —still, hackers keep hijacking the sessions.

The privacy we give up: Hints of our location through physical surroundings and private conversations.

The risk: Many video conferencing risks regard malicious software like spyware that can infiltrate your computer and provide hackers with a literal lens to spy on you — through your computer’s camera — and commit an actual invasion of privacy.

The fix: Always be aware of your webcam and what it could be exposing. Enhance your webcam security by opting for a video background so other call members can’t take a peek into your home. When not in use, cover your webcam with a piece of tape or paper or an adhesive sliding webcam cover. Additionally, ensure your router’s firmware is up to date and consider a cybersecurity software or VPN to keep cybercriminals at bay.

8. Telehealth and the privacy paradox

Just like work and school went online, so did some of our routine medical appointments, thanks to a rise in socially-distanced video chat with doctors in 2020.

According to the latest report, it was revealed that, in 2020, the use of online consultancy was increased by three times since 2019.5  Even as these appointments might decline as the pandemic diminishes, it’s important to remember that our personal data shared online through telehealth appointments remains where we left it — online. 

The privacy we give up: Our medical and billing formation we provide to our doctors online.

The risk: Hackers might intercept video conferences with your doctor. Similarly, they could hijack email exchanges, and exploit your private medical and billing information, selling it on the dark web.

The fix: Foremost, consider requesting all health information be provided to you via a phone call instead of text or email. Also, analyse how your telehealth provider protects your sensitive data, and maybe use video-conferencing services relying on encryption and request that they don’t share your medical information without your permission.

9. Streaming services and the privacy paradox

an illustration of a person sitting on a couch steaming a television show, indicating that they might be putting some of their personal information at risk and should protect it

Netflix, Voot, Amazon Prime, Hotstar, no matter your preference, you’ve probably watched a show on at least one of these streaming platforms. In 2020, Netflix recorded more than 13 million revenue generation from India alone.6 This just goes to show how much people are relying on online platforms to entertain themselves.

The privacy we give up: The personal information we save to our streaming accounts, including names, email addresses, phone numbers, and payment methods.

The risk: Cybercriminals prey on streaming account logins. Consider after the launch of Disney+,  when thousands of accounts were hacked, giving access to viewers’ payment information and account logins, which could be sold on the dark web.

The fix: Use strong, unique, and random passwords for your account logins and change them often. Also, opt for 2FA if given as an option.

10. Connected fitness and the privacy paradox

Wearable tech and fitness trackers were making waves long before the COVID-19 pandemic, with the global market expected to top $51.6 billion by 2022. But 2020 increased demand for IoT devices, including connected fitness equipment. According to one study, 127 new IoT devices connect to the internet every second — and cybersecurity concerns surrounding them are growing at the same rate as well. Your personal data might be vulnerable if your connected fitness appliances aren’t secured well enough. Shareable fitness tracking devices such as smartwatches, Peloton bikes, etc., use information gathering to make the sessions more personalized, which could be hijacked if you’re not applying security measures.

The privacy we give up: Depending on the device, our physical surroundings, and conversations in their vicinity, plus personal or health information connected to our gadgets.

The risk: Think of a connected fitness device, such as a smartwatch or Wi-Fi-accessible bike, as an extension of your smartphone. They’re supposed to collect a lot of personal data, including information attached to apps we download on them, health and financial information used for billing purposes. The catch: These devices often lack authentication favouring convenience, making them easier to open and access by non-owners.

The fix: Be aware of the permissions you’ve given apps on smartwatches or fitness trackers, including your geographical location. Secure your Wi-Fi-connected devices, and be sure the microphone and camera are deactivated when not in use. 

The bottom line: Don’t be complacent about your online privacy

So how much privacy do we really give up when we go online? Only you can determine that because breaking the privacy paradox begins with putting an end to online habits that negotiate your privacy. You can start by going through all the risks of various online activities mentioned above and following all the fixes as well. 

And it would help protect your online privacy if you do not compromise your cybersecurity to reap the endless conveniences, apps, and services the internet provides. Leading a cyber-safe, digital life is all about embracing what the internet has to offer and protecting your online privacy at the same time.






an infographic that’s an overview of the privacy paradox, including what it means and places we sacrifice our online privacy out of convenience, plus tips to protect our online privacy
Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.