After a lot of time looking at the great digital copyright challenge and a brief foray into 4G mobile data, "adult" content blocking and social media injunctions I spent the last week firmly back on digital privacy. A greater challenge even than copyright, and with perhaps greater significance.
Two seminars in 6 days and a lot of meetings and web chats later some key themes are emerging:
- The "can't do that because of privacy" argument is losing any sway it once had. Governments now hold aloft useful services reliant on private data that people willingly use - Foursqare, Facebook, Amazon recommends - to attempt to discredit arguments like "it's my data, you can't have it." Don't shout all at once, I know such a rebuttal is flawed; I'm just explaining the situation as I see it. As a speaker said at a recent privacy seminar, government policy is not driven by proven fact and rational argument but by the headlines in the Daily Mail. A valid political argument is one that washes with the public.
- Enforcement of do's and don'ts through the law is a pipe dream. Data is everywhere, we have a massively distributed problem; and the problem is relatively knew, technology - and the markets - in many respects needs time to catch up with themselves. Many data protection laws and regulations are nothing more than best practice - in reality prosecutions are expensive, time consuming and data regulators have relatively low capability, are under-resourced, have limited power and as a consequence are of little deterrent. (If they had more power there'd be a risk of encroachment into free speech and free press territories!) Regulation needs to aim at a enforcing a few high level principles - setting the red lines on the harm spectrum - and leave the rest to technology and the markets to solve.
- Privacy is still a debate driven by fear. Not just the odious McMullen with "privacy is for paedos" (perhaps belying McMullen's own fear of the privacy brigade) but fear by citizens not understanding the privacy implications of their actions, whipped up into a frenzy only when the Daily Mail tells them to be angry; and fear within corporations afraid of a privacy backlash - a rare but devastating event. Corporations and government officials trying to do the right thing are walking afraid, whilst the general public is at risk of walking blindly into traps, willingly disclosing too much personal data. Meanwhile private organisations who either don't give a hoot or justify their behaviour using their own moral code continue to make money out of profiling the population.
- Transparency is crucial. More crucial perhaps than any other data protection principle, regulation or law. But companies and governments don't want to be transparent, mainly because of (3) above, but also because of (1) - they don't want to be told they "can't" do something; and, (2) - being transparent about what they're doing makes them an easy target for the under-resourced regulator.
I'll be exploring around these themes in two follow-up posts.
No comments:
Post a Comment