How to Ensure Your Privacy in a Data-Driven Future
There is a downside to the abundant presence of data in today’s society.
Today’s tech giants such as Google, Amazon, Facebook, Microsoft, Tencent and Alibaba have long recognised that data is a valuable asset. They have been aggregating vast amounts of data in return for ‘free’ services from the outset.
The problem with ‘free’ services is that you and your data are the actual product. This has resulted in a centralised web and a handful of organisations dominating and controlling it. This has caused problems with truth and trust – such as fake news, clickbait, trolling, spam, absence of accountability and above all lack of privacy.
These centralised internet corporations are incredibly powerful. They have access to vast amounts of data of their users, which they use and abuse to follow (potential) customers around the web. These organisations often ignore existing privacy practices. They use the data to their liking, often without properly involving or informing the consumer, as became once again clear last week with Google workers secretly listening to recordings on the Google Home.
Who Can Protect Your Privacy?
Fortunately, in recent years, media attention to these problems has grown. Consequently, consumers have become more aware of the consequences of data that is in the hands of technology companies. Increasingly, they demand change or take action themselves. Consumers start to see privacy once again as an important good that they want to protect. But how can you protect your privacy in a society where data is everywhere?
To understand how you can protect your privacy, it is important to know the three different groups that affect your privacy:
- Yourself a.k.a. the consumers that create vast amounts of data via a plethora of devices, websites, networks;
- Organisations and governments a.k.a. the collectors and users that collect all the data that is created within their organisation or government and use it to gain new insights for themselves or others (the data markets);
- Government organisations, the court or consumer organisation a.k.a. the regulators that are trying to develop a policy regarding commercial use of data and how data has to be protected.
You, The Consumer
Consumers are a big contributor to the flood of data coming our way. Social media data, mobile phone data, communication data (e-mail, Skype, Zoom, etc.) wearable data, Internet of Things data, smart homes data and data collected by any of the hundreds of applications on your phone. If you want to protect your privacy, it is first of all important to know what data you are sharing with whom. Once your data is in the public domain or the hands of the organisations, it is almost impossible to delete it again (despite the GDPR).
Fortunately, there is a strong movement to move from centralised data storing by organisations to decentralised data storing by consumers. In 2018, Sir Tim Berners-Lee revealed his new vision, one where the internet becomes decentralised again as he had envisioned it originally. His technology is called Solid POD (personal online data store), which is developed by his company Inrupt. Solid PODs will allow every internet user to store their data, be it video, articles, wearable tracking data or comments, and share that with anyone or any website that has connected to the Solid ecosystem. Using the Solid POD, the user will remain in full control over their data and who has access to it and who not. A great new initiative that will hopefully bring us closer to a decentralised society where data is owned by those who created it, privacy is protected, and security is a given.
Until we have reached that stage, it is important that consumers understand what data they share. Ideally, they should refrain from absentmindedly accepting policy statements or terms & conditions that result in sharing personal data. They should be cautious with what they share, for example, on social networks. That means, before you install an application, make an effort to understand how your data is being used.
This is especially relevant today, where apps tend to use and abuse the data they collect. The most recent example is the application FaceApp, which can show how you will look decades from now. The moment you upload a selfie, you have lost the rights of your face, and the Russian owners of the app can do whatever they want with that data. So much for privacy.
Organisations, the Collectors
As I always tell organisations, every organisation is a data organisation. This means that for organisations to succeed in today’s world, they have to datafy their business processes, distribute their data using the cloud or blockchain, analyse the data for insights and automate their processes. To do so, they need to collect vast amounts of data.
However, collecting vast amounts of data should not mean violating users’ privacy at a large scale. If organisations are to be trusted, they have to take care of the data they collect. To protect your privacy, consumers should require organisations and governments to adhere to ethical big data guidelines:
Organisations should be transparent, so consumers know what will be done with their data, today and in the future. They should keep their communication simple and understandable, so that everyone, including digital immigrants, understands what’s being done with the data. This means simplifying the terms and conditions to make sure that it does not read like the constitution. All data should be well-secured and encrypted. Although distributed ledger technology will enable highly secure data, non-decentralised data remains receptible for hackers. Next, the organisation of tomorrow should give back control of consumer data whenever possible. If the consumer created the data, the consumer owns it and should control it. Finally, privacy should be part of the DNA, so that all employees understand the importance of it.
Such guidelines will ensure that organisations and governments protect and respect the privacy of their customers/citizens. Especially with organisations that do not adhere to such guidelines, consumers that value their privacy should try to avoid them, although that is not always easy.
Governments, the Regulators
The past years, Facebook has shown to be pretty unreliable when it comes to your (data) privacy. Unfortunately, the American government has failed to take action. After the 2018 Facebook/Cambridge Analytica scandal, the US government settled with Facebook for a mere US$5 billion. This seems a lot of money but will not make a dent in Facebook’s revenue.
After all, in return for paying this fine, Facebook does not have to change their processes. As a result, they can continue the same money-making practices they have done for years. On the day the settlement was made public, Facebook’s share price rose by 2%, and the company increased in value by US$10 billion.
If governments want to protect their citizens, they should move faster and adapt quickly to changes in the market. Above all, they should respond better to large scale data breaches than in the case of Facebook and the settlement.
The GDPR is a good step in the right direction, though it took a long time to get there. In addition, governments and regulators should find a balance between protecting consumers’ privacy and not limiting innovation. This makes the regulators’ task a difficult one but an important one. With the right regulations, governments can stimulate innovation while protecting citizens from too abusive companies.
Final Thoughts on Privacy
Protecting your privacy starts with awareness and understanding of how organisations use (and abuse) your data. After awareness comes action. It is important to take action if you disagree with how an organisation treats your data. Action can be to no longer use the services of such company (although that might be very difficult with companies such as Google).
The organisation of tomorrow will not be able to survive very long when continuing to violate users’ privacy. The transition costs for consumers will only decrease. Especially, if they use solutions such as Solid POD, where they can easily take their data to a new service. Once we have reached a decentralised society, the power will lie with the consumer. Organisations will have to focus on developing the best product, offering the best service and ensuring users’ privacy.