• Portia Inzone

Did We Lose Our Privacy While Avoiding the Public?: Data Protection in the Age of COVID-19

Beyond spending time at home, COVID-19 has prompted a universal comfort with the digital space. As work meetings transitioned to Zoom, mental health therapy followed and small businesses navigated retailing online. In the United States in 2020, retail sales increased 44 percent with US $ 861.12 billion (approximately GBP 627.27 billion) spent online. However, with the movement of employees and consumers to the digital space came the influx of personal data shared online. Ranging from biometric details to IP addresses, legislators and large tech companies are challenging the extent to which companies should have access to this data.


In June, Apple announced the details of the iOS 15 update expected to launch this coming fall. Apart from app improvements, the update will revoke the ability to track email open rates – the ratio of recipients who open an email to the total number of recipients, which is the most commonly used metric for email marketing. Additionally, Apple Mail users can opt to hide their IP addresses while iCloud+ users can opt to hide their email addresses. After almost a year and a half of boosted online sales, this update will force companies to restructure their long-trusted marketing strategies.


Email marketing forefronts the marketing realm with the highest ROI (return on investment) of all marketing channels; US$42 back for every US$1 spent. While it outperforms other approaches to marketing (social media marketing, physical ad space etc.) with its low cost and high return, it also integrates the many moving parts of a business into one, organised space – emails can capture social media content, promotions, store updates and more.


Email marketing is also highly successful in generating leads. If a customer considers purchasing a product and abandons their checkout, email marketing algorithms can retarget those customers with the product to convert them from a lead to a sale. This ability to target batches of customers – often called “segmenting” – allows the opportunity to build personal relationships with customers. For example, companies often create a batch of their best customers to provide them exclusive offers and insight to the business.


Without access to IP addresses and open rates, businesses will have to rely on click rates - the ratio of recipients who clicked into the marketed product or promotion within the email - instead. Companies will be unable to test and measure the success of different email layouts, subject headers or segmented emails and will therefore be incapable of measuring what specifically engages a subscriber and encourages them to open an email.


Though the iOS 15 update appears to be a conservative approach to data sharing, the update will also offer the option to put house or office keys into the Apple wallet feature. Apple therefore contradicts itself when it protects digital identities but infiltrates people’s real lives and security. At second glance, the company seems to only approve of their own access to people’s data. By fogging the transparency of open rates and IP addresses, the update rather disadvantages small businesses that rely on email marketing to generate income – Apple obviously does not need to send emails to remind their customers to buy a new computer.

Perhaps this seemingly small update is another step toward widening the wealth gap and fueling large corporations. When small businesses fail to market their product and establish real relationships with their subscribers, the customers will turn to larger, trusted companies like Amazon. Subtle but substantial, the iOS 15 update exemplifies the comradery between big businesses and the ease with which they can disadvantage their smaller peers.

Regardless of the update’s consequences, it does recognise the urgency of data privacy in the post-pandemic, digitally immersed world. In the US, the Federal Trade Commission Act includes policies to protect consumers from “deceptive trade practices” but as data privacy becomes more pressing, individual states need more-detailed legislation to protect its residents. The California Consumer Privacy Act (CCPA), the most comprehensive piece of data privacy legislation, has laid the groundwork for other states to follow. Effective as of January 2020, the Act details consumer rights; ensures that websites notify consumers when and how their data is collected and allows consumers the opportunity to change or delete their information, among other benefits. The recent US$ 650 million (around GBP 473 million) settlement against Facebook regarding illegal biometric data acquisition corroborates the reality and severity of this issue.


In the wake of COVID-19 and in the depths of the digital world, it seems as though we now must treat our data as a form of currency rather than an inconvenient barrier to access a website. As the iOS 15 update and the rise in data privacy legislation follows pandemic life, we must ask ourselves: did we lose our privacy while avoiding the public?