What’s Next… for privacy in the digital age?

21.01.2011

What’s Next… for Privacy in the Digital Age? from Fishburn Hedges on Vimeo.

Journalists deliberately play up stories which play to consumer fears that Big Brother is spying on them and there is a real need to improve media literacy so consumers understand better the implications of sharing personal data.

At our event on Tuesday 18 January, a panel of experts warned that the sheer scale of information now available online places huge strains on effective management and control.

The speakers were:

Belinda Lewis, head of information policy at the Ministry of Justice
Anthony House, policy manager, Google
Benjamin Cohen, technology correspondent, Channel 4 News

The key issues raised were:

Consumers tend to be willing to share private data if they clearly understand what it will be used for and why it is in their interests
Therefore, organisations that hold and use consumers’ data have both an incentive and obligation to explain their purpose. Transparency, control and security are the watch words
Pushing the boundaries (within the law) can help us understand how private data should be managed as it grows in volume and complexity
It is hard to legislate against the “determined child” who is ingenious in getting past the measures put in place for their own protection

Regulations and responsibilities

The UK Government has both a legislative and a principle-based approach to privacy. Not every outcome should be legislated for. There needs to be flexibility and also self-regulation
Much of the regulation for the UK is enacted at European level but data crosses national boundaries and this poses significant challenges
Google, for instance, operates in nearly every country in the world. Each has its own often very different regulatory framework yet, by and large, consumers want similar services wherever they are
While the large companies that hold the majority of our private data mostly behave responsibly, Ben Cohen argued that questions still remain over third-party data use
Arguably, media such as Facebook, are now so ubiquitous that they have an additional burden of responsibility because the sheer volume of members within the network effectively locks each of them in. Alternative platforms such as Path and Diaspora are unlikely to attract users as it will be so hard for them to get to critical mass
The question of sharing commercially-held personal data with Government and law enforcement agencies is sensitive. There are times when law enforcement agencies deliberately do not disclose how they operate lest it undermines their investigation. These tend to be counter-terrorism and some criminal investigations.

Consumer savviness

The complexity of data protection, how that information is intended to be used, and the technology behind it, renders it almost impossible to explain privacy control concisely to the layman. Yet the layman has every right and expectation to understand how information about them will be used
There are many tools and services available to help consumers see what others know (or can find out) about them, but they are not as well known about as they could be. Google Dashboard, for instance, enables people to see and manage in one place all the information that they have stored with Google, consciously or not
While this imposes a heavy responsibility on holders of information there is also a strong case for media literacy lessons to teach young people how the media works (and the privacy and data issues at stake) – possibly through the citizenship part of the curriculum
Individuals have responsibilities too. For example, the press regularly report people not getting jobs because they posted inappropriate information about themselves on Facebook
Data storage in the longer term also raises issues. For instance, Google believes there’s a strong rationale for storing historic data: users often want to be able to access old information

The historical context

In recent generations, our expectations of privacy have grown. Before that it was common to be born, live, work and die within the same tight-knit community in which everyone knew everything about each other. We may be returning to those days. Privacy may simply be returning to historically normal levels
The scale of data available online now would have been unimaginable only a decade ago. At current rates, we create as much information every two years as was ever created by the whole of mankind before 2003. In years to come, our attitudes towards managing information and privacy may well come to be seen as the equivalent of early motorists having to have someone walk in front of the car with a red flag
Data protection and privacy issues are in their infancy and are likely to become more complex as new technologies emerge