At What Price Is Our Personal Data Worth?
Let's take a look at the privacy challenges that the growing worlds of IoT, connected devices, and AI are presenting and how some companies are adapting.
Join the DZone community and get the full member experience.Join For Free
These days, our digital footprint is huge. Our connected devices generate a mass of data, from our physiological health to our geographical location and purchasing habits. Our data privacy becomes a trade off when we choose to use free services such as Gmail, Google, and Facebook. But still, we balk when we discover that Google records not only our trajectory around the Internet but also our private conversations or that Alexa wants to share what we say with Amazon's developers.
The idea of privacy is often confused with security but according to the IAPP ( International Association of Privacy Professionals), information privacy is the right to have some control over how your personal information is collected and used. So why are so many of us relinquishing our right to data privacy?
Let's Face it, No One Reads Terms and Conditions
Every app you download asks for you to consent to their privacy policies. Few of us bother because it takes too long. Last year, the Norway consumer council revealed that it took longer (over 31 hours) to read the terms and conditions of 33 common apps such as Netflix, Skype, Facebook, and YouTube. This is longer than it takes to read the New Testament aloud.
Manchester-based company Purple, which works with businesses to provide Wi-Fi hot spots for the public, added a “Community Service Clause” to their usual connection terms as part of an experiment to highlight the dangers of what can be hidden in user agreements. As a result, more than 22,000 people willingly agreed to carry out 1,000 hours of community service in the two weeks during the experiment.
Gavin Wheeldon, CEO of Purple, said: “Wi-Fi users need to read terms when they sign up to access a network. What are they agreeing to, how much data are they sharing, and what license are they giving to providers? Our experiment shows it’s all too easy to tick a box and consent to something unfair.”
Will GDPR Make Consumers More Aware?
Purple's findings were revealed with the announcement that the company is the first General Data Protection Regulation (GDPR) compliant Wi-Fi provider. The European legislation, which comes into force on May 25, 2018, will reshape the way organizations approach data privacy and allow end users to gain more access to the data collected about them. One of GDPR’s headline rulings is the introduction of ‘unambiguous consent’ before users’ personal or behavioral data can be used for marketing purposes. The results from our experiment clearly support the inclusion of ‘unambiguous consent’ in the GDPR rulings.
But What About When We Don't Opt In?
A pizza restaurant in Oslo unknowingly exposed its use of facial recognition technically when a crashed digital advertisement revealed the coding behind its facial recognition system, activated whenever a customer stood in front of it. As Dublin-based designer, Youssef Sarhan noted in response,
“Your attention (and the meta-data associated with it) is being relayed to advertisers without your permission or awareness, and there is no way to opt–out. This is the crux of the problem. There’s no transparency, there is no obvious notice, and there’s no way to opt–out. This is an erosion of our privacy. I feel this is unacceptable.”
It's fair to say facial recognition technology, once used primarily in public places like airports as a means to detect criminals, is encroaching into more areas of our lives. But is it any more intrusive than the security camera that populates most public space these days, or merely that the information is collected for commercial advantage?
Is the Answer to Sell Your Own Data?
Some start-ups are capitalizing on the idea that your digital footprint equates to sellable user data, creating platforms through which individuals can sell their personal data to third parties. digi.me believes that the existing model is ineffective: “none of us own our information which is scattered across the web in fragments, subject to loss, not available when we need it, or ever in any complete form." The data is not accessible to the company, rather the user is contacted by companies with their request and choose when to share it and to whom.
The company is currently testing a comparable platform for medical data, which may prove successful as some people may be more likely to share information to aid medical research, contributing to the greater good of medical knowledge and patient care.
A comparable service is also offered by datacoup without the choice to consent to individual buyers.
The challenges here, however, are that both digi.me and datacoup are competing in a market where data brokers can access detailed digital information on people for nothing. What is the incentive for marketing companies to pay people for their data when they can get it for free from the masses?
Currently, most of those who die we will leave a digital corpse that may reveal far more about us than even our closest friends know. Connected cars will bring an even bigger pool of data in the future. Consumers will need to rethink those free services that they thoughtlessly agree to if they want true data privacy and fight against those that surveil us without our consent.
Opinions expressed by DZone contributors are their own.