From someone who is always talking about privacy, it may seem a bit strange that I am suggesting that we stop talking #privacy, but there is method to my madness :-)
Today the entire conversation around collection and analysis of personal data is being dumbed down to a simple counter-argument that “privacy is dead”; and thanks to social media, mobile technologies, and our willingness to get free services in exchange for our data, it’s hard to argue with this. However even if privacy is dead and our data is already out there, it doesn’t mean that data controllers should have the right to do whatever they want with it. Just becuase I know someone’s home address, it doesn’t mean I have the right to camp outside their house and harrass them. If I know their telephone number, it doesn’t give me the right to call them up at any time of the day or night. The argument that “privacy is dead” is no excuse for allowing us to weaponize data and to create a wild wild west where everyone has a gun (data) and isn’t afraid to use it. So we need to stop talking privacy and instead frame the conversation around an individual’s data rights, talk about data ownership, consent, protection, and governance.
Collecting data is a byproduct of living in a digitally interconnected world and it’s going to be impossible, in practical terms, to stop this even if we wanted to; and I’m not even sure that people really want this once they realize the impact it will have on the digital products and services they use; at least I’m sure I can say this for the digital natives. Data proliferation is often out of our control. Take social or communication networks, as an example, systems which are extremely porous and where data about you is only as safe as your weakest link. Anyone you are connected to could, inadvertently or otherwise, share information about you. There are also questions of data ownership, where you could argue that information is frequently co-owned between multiple parties. Imagine that Jane shares the following content on social media, “Just had dinner with Marie at Xxx, worst fish dish ever”; now who owns that data, since it shares information about 2 individuals and one company? This is a fairly trivial example, but this co-ownership question is a really thorny issue that you can very easily get tangled up in; I know I have.
The proliferation of personal data is one genie that is not going to go back into it’s bottle, so while consent is a tool that can be used to manage, to some extent, how data is handled, I don’t believe we are ever going to be able to go back to a world where we can completely prevent personal data from being collected. So if we can’t stop data from being collected, what we need to do is to ensure that we protect people against bad use of that data. In the same way that we have gun control laws, we need data control laws.
In my next blog posts I’m going to be talking about personal data as a currency and suggesting that we need, and want, to collect more data and not less. However this viewpoint is predicated on having strong individual data rights. So let’s stop talking #privacy and instead talk about data rights and protections for all; data subject, data controller, and everyone in between.