The Cost to Connect
“Privacy is not an option, and it shouldn’t be the price we accept for just getting on the Internet.”
— Gary Kovacs, former CEO of AVG Technologies
In his TED Talk, Gary emphasizes that we shouldn’t sacrifice our privacy to participate in a connected world. He raises an essential question: what exactly is the cost of connection? How much personal information must we surrender to stay linked through social media and social networking? Does an inverse relationship exist between online connectivity and our privacy and security?
Background
Social Media & Social Networking
While these terms are often used interchangeably, important distinctions exist:
- Social media: Websites and applications enabling users to create, share content, or participate in social networking.
- Social networking: Use of websites and applications to interact with others or find people with similar interests.
Think of them as a square and a rectangle relationship. All social networking sites are social media platforms, but not all social media platforms are social networking sites.
Social networking sites typically expose users’ personal information since their purpose centers on connecting people with shared interests. Sharing personal data on these platforms is nearly unavoidable.
In contrast, social media can allow users to remain as private as they prefer. Consumers typically only need a profile for commenting and liking content, which doesn’t require personal information. They can create aliases and remain anonymous. However, content creators must share personal information and banking details with the platforms they use, making them vulnerable to data breaches and other risks.
Security & Privacy
Privacy refers to our right and ability to control the collection, use, and sharing of our personal information—essentially, our ability to control our digital footprint.
Security encompasses the measures and protocols implemented to protect systems and user data from unauthorized access, attacks, and breaches. It means keeping unauthorized actors from exploiting personal data.
Common Security Concerns
Social networking companies generate revenue by leveraging user data. This information typically determines algorithmic decisions that impact what content users see and who they’re encouraged to connect with. The data can be sold to advertisers or used for targeted advertising. While not inherently dangerous, these practices carry significant privacy and security risks.
Data Collection
“Facebook and Google have amassed data vaults with an unprecedented volume of information on human beings.”
— Joe Westby, former researcher of technology and human rights at Amnesty International, July 2019
Social networking platforms gather extensive user data, including personal details, preferences, and behaviors. They monitor user activity both on and sometimes off the platform. This information creates detailed user profiles, which are sold to advertisers or used for algorithmic decisions. One significant risk is the potential for data breaches, which are becoming increasingly common.
The “Mother of All Breaches” (MOAB), reported in January 2024, included various types of data such as usernames, passwords, and sensitive personal information. Companies compromised included:
- Tencent QQ with 1.4 billion records compromised
- Weibo with 504 million records compromised
- MySpace with 360 million records compromised
- X (Twitter) with 281 million records compromised
- Deezer with 258 million records compromised
- LinkedIn with 251 million records compromised
- Adobe with 153 million records compromised
- Canva with 143 million records compromised
- Dropbox with 69 million records compromised
Most refer to MOAB as the largest data breach in history. This breach alone illustrates how vulnerable we are when entrusting our data to social networking companies.
Tracking
Most modern websites track user activity across the internet, including browsing habits, search history, and location. This data is typically used for personalized advertising or sold to third-party companies.
In 2017, researchers at the University of Washington demonstrated how cheaply bad actors could exploit ad networks for fine-grained individualized surveillance. They named it ADINT (ad intelligence). Their findings revealed how they could locate the homes and frequented locations of test subjects using location data from their DSP (Demand-Side-Platform). A DSP could be any company like Facebook, Google AdWords, MediaMath, Centro, or Simpli.fi. The researchers concluded it wouldn’t matter which DSP was used—the results would be similar.

The researchers displayed one test subject’s daily commute across Seattle. They created this graphic by pushing an ad to the Talkatone app via their DSP. By correlating when the ads were delivered to the subject’s phone, they could reveal the subject’s home, bus stop, workplace, and local coffee shop.

This table summarizes the DSPs and their features.
Profiling
Profiling involves collecting and analyzing users’ online activity and personal data to create detailed profiles of their behavior, preferences, and interests. This technique is primarily used for targeted advertising and personalizing user experiences, raising significant privacy and ethical concerns. When social networking sites use this data and algorithms, it can lead to manipulation by the platforms or third parties.
The Cambridge Analytica Scandal represents a notorious example, also known as “The Great Hack.” Cambridge Analytica misused Facebook data to micro-target and manipulate swing voters in the 2016 US election. The company claimed to have up to 5,000 data points on each US voter, including status updates, likes, and private messages. By applying psychographic analytics, they determined users’ personality types and influenced their behavior with tailor-made messages. They accessed approximately 87 million Facebook profiles, illustrating their operation’s scale. For the full story, watch the Netflix documentary “The Great Hack”.
Many social networking sites use psychographics for marketing and curating personalized content, often selling this information to advertisers. The Great Hack demonstrates the potential for third-party manipulation of social media users, signaling a troubling trend rather than an isolated incident.
Cost of Admission
When creating a social media profile, users typically share their name, email, date of birth, and possibly a photograph. Here’s what social networking sites commonly request:
- Full Name (First and Last)
- Contact information
- Birth date
- Location data (hometown, previous cities lived, or exact address)
- Personal interests, such as buying history and website interactions
- Employment information (current or past job)
- Personal identifiers like age, race, and gender
This data is subject to being sold to advertisers and other third-party companies, or potentially stolen by hackers.

LinkedIn’s request for current location information—necessary for the platform to fulfill its main objective.

Airbnb’s profile setup page encourages users to add education, employment, languages spoken, pet info, hobbies, and states visited.
Analysis
Social networking requires a significant amount of personal information to facilitate online connections. An inverse relationship appears to exist between online connectivity and privacy. Mark Zuckerberg has been quoted suggesting that concerns about privacy are outdated and that users have accepted this trade-off.
However, this perspective isn’t universally held. Most online users care about maintaining some level of privacy. Although an obvious inverse relationship exists between privacy and connectivity, finding a balance between the two remains possible.
Key questions: Do you believe an inverse relationship exists between privacy and connectivity? Do you think we offer too much personal information for the sake of connecting with others online?
References
Electronic Privacy Information Center. (n.d.). Social media privacy. EPIC. Retrieved May 2024, from epic.org/issues/consumer-privacy/social-media-privacy
Pashankar, S. (2024, February 15). Hackers exploit ad tools to track users and spread malware. Yahoo Finance. Retrieved June 8, 2024, from finance.yahoo.com
Henson, B., Reyns, B. W., & Fisher, B. S. (2011). Security in the 21st century: Examining the link between online social network activity, privacy, and interpersonal victimization. Criminal Justice Review, 36(3), 253-268. doi.org/10.1177/0734016811399421
Amnesty International. (2019, July 24). The Great Hack: Facebook and Cambridge Analytica. Amnesty International. Retrieved June 12, 2024, from amnesty.org
Bipartisan Policy Center. (2023, March 16). Cambridge Analytica controversy. Bipartisan Policy Center. Retrieved June 12, 2024, from bipartisanpolicy.org
CoreTech. (2021, July 13). How do hackers use social media profiling? CoreTech. Retrieved June 12, 2024, from coretech.us
Barnes, S. B. (2006). A privacy paradox: Social networking in the United States. First Monday, 11(9). doi.org/10.5210/fm.v11i9.1394
University of Washington. (n.d.). AdInt: Ad-based intelligence gathering. University of Washington. Retrieved June 8, 2024, from adint.cs.washington.edu
Proven Data. (n.d.). Mother of all breaches. Proven Data. Retrieved June 8, 2024, from provendata.com
House of IT. (2020, September 30). What’s the impact of social media on personal security? House of IT. Retrieved June 12, 2024, from houseofit.ph

