Dark clouds and silver linings: impact of COVID-19 on internet users' privacy.

OBJECTIVES

To examine the impact of coronavirus disease 2019 (COVID-19) pandemic on the extent of potential violations of Internet users' privacy.

MATERIALS AND METHODS

We conducted a longitudinal study of the data sharing practices of the top 1000 websites in the United States between April 9 and August 27, 2020. We fitted a conditional latent growth curve model on the data to examine the longitudinal trajectory of the third-party data sharing over the 21 weeks period of the study and examine how website characteristics affect this trajectory. We denote websites that asked for permission before placing cookies on users' browsers as "privacy-respecting."

RESULTS

As the weekly number of COVID-19 deaths increased by 1000, the average number of third parties increased by 0.26 (95% confidence interval [CI] 0.15-0.37) < 0.001 units in the next week. This effect was more pronounced for websites with higher traffic as they increased their third parties by an additional 0.41 (95% CI 0.18-0.64); < 0.001 units per week. However, privacy respecting websites that experienced a surge in traffic reduced their third parties by 1.01 (95% CI -2.01 to 0); = 0.05 units per week in response to every 1000 COVID-19 deaths in the preceding week.

DISCUSSION

While in general websites shared their users' data with more third parties as COVID-19 progressed in the United States, websites' expected traffic and respect for users' privacy significantly affect such trajectory.

CONCLUSIONS

Attention should also be paid to the impact of the pandemic on elevating online privacy threats, and the variation in third-party tracking among different types of websites.