obile and smartphone penetration rates have increased worldwide including the most remote and underdeveloped economies and jurisdictions. E–commerce and online marketplaces now comprise the lion’s share of consumer purchases with associated global revenues over $3.6 trillion in 2025 with an expected growth close to $5 trillion by 2030. Social media use has eclipsed five billion users with an increasing share of youth engaged as millennial and GenZ consumers are web–native and expect most of their access to services, from health to education to banking, to be (exclusively) online.
Online engagement now enables connectivity across borders, increasingly in real time, connecting users in markets that were never envisioned in an analog world. Internet connectivity knows no boundaries, and this reach enables us to easily put a bank account in the hands of anyone with a smart phone—or for any family with an internet connection to access essential health services across the globe. Employers can access a larger global market for talent, and businesses can engage consumers more at minimal cost through social media and marketplaces that engage billions of potential buyers.
Unfortunately, this growth in online activity poses increased risks to our privacy and personal data. Online access—especially to highly regulated services like health and finance—bring new threat vectors to illicit actors. And as internet protocols continue to evolve, so do deep/dark web and malicious activities. Bots are taking up an increasing share of engagement—nearly half of internet traffic in 2024, with so–called ‘bad’ or malicious bots comprising a third! This growth is expected to be exponential as artificial intelligence (AI) tools including generative and agentic AI proliferates in the coming years.
But the internet was not built with inherent data privacy guardrails, and as such the personal data is increasingly controlled—and monetized—by infrastructure and service providers on the world wide web. Websites and applications can collect data on a user’s browsing behavior, preferences, and even the nature and direction of ‘swipes’ and keystrokes. Cookies are used to track activity, while apps track location and instances by default—seemingly to decrease friction for users. But they also leave digital footprints that are harvested and used to influence behavior, click–through patterns, and online searches. Cookies also become additional cybersecurity vulnerabilities through spyware and ransomware. Algorithmically elevated content now steers users to particular content and behavior; coupled with the dependencies younger generations have to digital engagement (e.g. online/remote learning, social media, gaming, etc), we are seeing greater threats to our emotional and social wellbeing.
Such activity in an analog world would be considered a national emergency. We need that same sense of urgency and purpose in deciding how we govern online exposure, or there will continue to be financial incentives for those who exploit user data and privacy. But how do you price a ‘good’ whose inherent value is only known once it is acquired—or when one needs to recover it? The reality is, both hostile nations and organized cybercrime groups exploit our vulnerabilities to steal sensitive information, undermine our critical infrastructure, and—with growing mis- and disinformation—can ultimately threaten to destabilize societies through the manipulation of data and truth itself.
The good news? Emerging technologies such as user–owned digital identity exist, and can help mitigate customer identity process exploitations and combat a wide variety of illicit activities across the web. This is particularly critical for sectors such as finance, healthcare, and essential public services that are high–value targets for cyberattacks.
The time to act is now. Governments, technologists, ethicists, and concerned citizens must all play a role. If we care about our youth, who will inherit this new web–native world, they must be positioned with the online tools to protect themselves in the same ways we help our kids understand the threats in our physical world.
a global affairs media network
Privacy and data in a borderless, interconnected digital world
Photo by Atharva Tulsi on Unsplash
November 3, 2025
Because the internet doesn't have any inherent data privacy guardrails, our personal data is increasingly controlled and monetized by digital infrastructure and service providers. This threatens our wellbeing in ways we would treat as an emergency in the analog world, writes Amit Sharma.
M
obile and smartphone penetration rates have increased worldwide including the most remote and underdeveloped economies and jurisdictions. E–commerce and online marketplaces now comprise the lion’s share of consumer purchases with associated global revenues over $3.6 trillion in 2025 with an expected growth close to $5 trillion by 2030. Social media use has eclipsed five billion users with an increasing share of youth engaged as millennial and GenZ consumers are web–native and expect most of their access to services, from health to education to banking, to be (exclusively) online.
Online engagement now enables connectivity across borders, increasingly in real time, connecting users in markets that were never envisioned in an analog world. Internet connectivity knows no boundaries, and this reach enables us to easily put a bank account in the hands of anyone with a smart phone—or for any family with an internet connection to access essential health services across the globe. Employers can access a larger global market for talent, and businesses can engage consumers more at minimal cost through social media and marketplaces that engage billions of potential buyers.
Unfortunately, this growth in online activity poses increased risks to our privacy and personal data. Online access—especially to highly regulated services like health and finance—bring new threat vectors to illicit actors. And as internet protocols continue to evolve, so do deep/dark web and malicious activities. Bots are taking up an increasing share of engagement—nearly half of internet traffic in 2024, with so–called ‘bad’ or malicious bots comprising a third! This growth is expected to be exponential as artificial intelligence (AI) tools including generative and agentic AI proliferates in the coming years.
But the internet was not built with inherent data privacy guardrails, and as such the personal data is increasingly controlled—and monetized—by infrastructure and service providers on the world wide web. Websites and applications can collect data on a user’s browsing behavior, preferences, and even the nature and direction of ‘swipes’ and keystrokes. Cookies are used to track activity, while apps track location and instances by default—seemingly to decrease friction for users. But they also leave digital footprints that are harvested and used to influence behavior, click–through patterns, and online searches. Cookies also become additional cybersecurity vulnerabilities through spyware and ransomware. Algorithmically elevated content now steers users to particular content and behavior; coupled with the dependencies younger generations have to digital engagement (e.g. online/remote learning, social media, gaming, etc), we are seeing greater threats to our emotional and social wellbeing.
Such activity in an analog world would be considered a national emergency. We need that same sense of urgency and purpose in deciding how we govern online exposure, or there will continue to be financial incentives for those who exploit user data and privacy. But how do you price a ‘good’ whose inherent value is only known once it is acquired—or when one needs to recover it? The reality is, both hostile nations and organized cybercrime groups exploit our vulnerabilities to steal sensitive information, undermine our critical infrastructure, and—with growing mis- and disinformation—can ultimately threaten to destabilize societies through the manipulation of data and truth itself.
The good news? Emerging technologies such as user–owned digital identity exist, and can help mitigate customer identity process exploitations and combat a wide variety of illicit activities across the web. This is particularly critical for sectors such as finance, healthcare, and essential public services that are high–value targets for cyberattacks.
The time to act is now. Governments, technologists, ethicists, and concerned citizens must all play a role. If we care about our youth, who will inherit this new web–native world, they must be positioned with the online tools to protect themselves in the same ways we help our kids understand the threats in our physical world.
