You and I have something in common. We're at an airport, or some other public spot. We want to go online. So we connect to a public WiFi connection. But before we're given internet access we're asked to agree to the terms of a privacy statement, which is generally a million words written in two-point font. You don't read it, right? Neither do I. You and I just blindly agree and happily surf.
Apparently 22,000 people did the same thing recently. All of them signed on to a public WiFi router maintained by a European provider called Purple. However, Purple decided to play a prank on them. By agreeing to their privacy statement, they also agreed to perform more than 1,000 hours of community services over a two-week period which included cleaning toilets, scraping gum off the sidewalk and picking up dog poop.
The company doesn't plan to make those people honor their agreements. But their point was obvious: privacy statements aren't being read. So who knows what we're agreeing to? It's a consumer awareness issue, and a big one.
"WiFi users need to read terms when they sign up to access a network," Gavin said in a blog post. "What are they agreeing to, how much data are they sharing, and what license are they giving to providers? Our experiment shows it's all too easy to tick a box and consent to something unfair."Wheeldon, Purple's CEO
Sure, reading these agreements is like reading a phone book. And most of the terms in a WiFi privacy statement are just boilerplate. Plus, it's not as if there's room for negotiation - you either accept or you don't. But just know that by accepting access to a public WiFi spot you may be allowing the information you provide (like your email address or even credit card info if you're paying for something) to be shared by the provider with its other marketing partners.
Also, most statements disclaim any responsibility that the provider may have with regards to potential hacking or stealing of your data. You're taking all the risk, not them. In Europe, new rules are taking effect in 2018 that will change the way WiFi providers are approaching their data privacy and will allow end users to get more information about the data collected about them. The U.S. still has a ways to go.
So if you're like me, and you frequently access public WiFi, then know that if you agree to the privacy statement, data about you is now up for grabs. In most cases, it's just being used for marketing or demographic purposes. But security experts warn that others nearby can easily intercept your connection and steal more confidential information from you, or download malicious code that wreaks havoc.
What this means for you and me, the business travelers, is to be super-careful. When accessing public WiFi we must try not use our credit card or other personal information for any transactions. We should consider using our own hotspot or data connection via our wireless service - most experts agree that it's more secure. And we must keep our local security software up to date. Maybe next time I'll take the time to read that privacy statement before I just blindly agree to its terms so I'm aware of what I'm agreeing to. Who knows - I may decide the risk isn't worth it.
One final note: of the 22,000 people who agreed to the community service only one person - yes, one person - took advantage of the company's offering of a prize for just flagging the questionable community service clause. Now, don't you wish you read that privacy statement?