Better late than never Apple’s Tim Cook joins the fray during the EPIC Champions of Freedom event, to ram home the need for greater protection of user data. Microsoft’s Kevin Turner made a similar statement during his 2013 Partner Conference when he mandated that security and privacy were up front and central Microsoft commitments to PRESERVE and PROTECT individual’s data.
I would have to give Microsoft and KT the higher ground on this despite the lower public radar impact for leading the charge. Since then though we have heard and are seeing a clarifying of the false justifications that have been influencing opinion on user data, privacy and use. Policymakers and society at large are waking up to a cold online reality on the scale of some of the worst forms of offline abuse. False justifications peddled by the self-interests of some large online corporations, marketers, advertising and PR entities are crumbling. Not unlike the BBC institutionalised ‘insulation’ that allowed Jimmy Saville to perpetrate his child abuse for so long. As for the lightweight journalistic approach adopted by some to the reporting of this issue their rolling over to industry soft-power plays is going to dent credibility. The media are complicit in the act by obfuscated the truth with tales akin to the Emperor’s New Clothes in the Hans Christian Anderson fairy tale, which will haunt many.
Two recent sources makes it crystal clear that when it comes to privacy users do not like trade-offs, it is up front and central in their online worries.
1. ‘The Online Privacy Lie Is Unraveling’ – A recent US consumer report makes it crystal clear only a minority (4%) accept the common view peddled by many online that users are happy with the status quo on the gathering of their data. Instead they feel bludgeoned and unprotected in the face of the commercial imperatives and pervasive reaches of Internet search engines like Google and Facebooks social media pressures.
Nails in the trade-off fallacy coffin, the days of ‘Digital Enslavement’ I hope are coming to an end:
- 91% disagree (77% of them strongly) that “If companies give me a discount, it is a fair exchange for them to collect information about me without my knowing”
- 71% disagree (53% of them strongly) that “It’s fair for an online or physical store to monitor what I’m doing online when I’m there, in exchange for letting me use the store’s wireless internet, or Wi-Fi, without charge.”
- 55% disagree (38% of them strongly) that “It’s okay if a store where I shop uses information it has about me to create a picture of me that improves the services they provide for me.”
2. ‘Internet ‘Magna Carta’ vote launched by British Library’ – A vote on ‘Digital Rights’ is highlighting a focus on the need for users to feel safe and protected online, a push back against the current feral state of affairs.
This is not some sort of sudden awakening. Research has impressed the Privacy Concerns for as long as the Internet has been around. The 2013 ‘Pew Research Center’s Internet and American Life Project’ stated:
- 68% of people feel the law is insufficient to protect them online.
- Users are driven to adopt online practices that are inconvenient in attempt to protect their privacy online.
This latter point has serious implications for Data Mining as it implies a higher proportion of obfuscated ‘dirty’ data in user samples.
The 2008 survey reported in USA Today from the ‘University of Southern California’s Center for the Digital Future’ stated that since 2005 the concern has been growing increasingly, and the 2001-2005 trend of acceptance to the use of data had clearly U turned. This is probably as much to do with the maturing of the practice of harvesting of user data made so blatantly visible by Facebooks rise to fame.
Not to forget the Online Privacy Foundations that exist for many countries, just do a search and you will find them.
The wheels are at last coming off the bandwagon and the implications are going to ripple further than the headline brand names, the Big Data industry will feel this amongst others that have been gorging on the exploitation of user data. For some investors I have spoken to this class of IT activity sits alongside the likes of the Tobacco and Weapons Industry when it comes to ethical investment choices.
For users a clensing wind of change cannot come soon enough with the next wave of innovation rolling in the form of ‘The Internet of Things’ IoT. With the IoT the implications get more personal and invasive to the point where individuals are no better off than prisoners with tags. The IoT heralds a world of ‘Virtual Tagging’ under the current systems of 3rd party user data abuse. For many who are almost surgically attached to a mobile device that already is a reality even before the new wave of ‘beacon’ networks being rolled out by Facebook and Apple (yes that one that has just professed themselves as privacy advocates!) amongst others. Read ‘Bluetooth privacy is mostly ignored, so you’re beaming yourself to the world‘.
Industry needs to take a lead and initiate self-regulatory discipline or risk being regulated. Which brings me back to Tim Cooks lauding Apple’s privacy credentials. It is not enough to simply make this kind of statement. There needs to be material follow-through to drive a behaviour and cultural change into the Apple ecosystem not just the organisation itself. The first beachhead of which must be their App Store and the feral way that app developers behave in demanding/forcing insights into the end user system use. This does not stop advertising revenue’s but reduces data abuse. If Cook is true to his word he will stake the high ground and move first on this and encourage Microsoft to follow. I cannot see Google conceding to this as it goes to the heart of the data harvesting system behind their Android Mobile OS data hoover.
This industry action needs to start with urgency and include such issues as, but not limited to:
- Make it so app developers CANNOT mandate ANY compulsory demands for access to user’s device sensors or controls.
- Make it so ALL Operating Systems provide a means for users to manage the access ANY software on their systems (mobile, laptop or other) has to ANY of their devices sensors or controls, including the software ‘call home’ licensing and update activity.
- Drop the use of persistent monitoring cookies such as the ‘super cookie’.
- Implement user data management systems that means users data is managed by the USER. This means they can delete or dictate its use against certain classifications. This would in fact simplify the management and if done collectively to a common ‘schema’ could end up providing the foundation for users to charge for the use of their data and see a real value return instead of the pseudo ‘free services’.
- Put an end to persecution and ‘stalking by algorithm’ Publish Data Mining algorithms and search engine formulae which are fraught with inaccuracy lacking proper peer review. These reap havoc with inaccurate insights and assumptions that mislabel and wrongly implicate users in their findings. Subject these to the same scrutiny as trusted publicly available encryption algorithms.
As for the Regulators, they are now not just forewarned, as I and many others have been for years trying to get through to them, but now they are armed with hard facts. It is time that the laws changed practices such as:
- The ‘Click through to Hell’ consents made my millions to terms and conditions they do not fully understand.
- Secondary marketing of user data under obscure terms and conditions of association between companies.
- The merging of user data sets when organizations merge without explicit consent received from each user to the new merged entity, be that the acquirer or acquired.
- Retaining ANY user’s data if a user requests that their data is deleted or removed in part or whole. Regulated compliance industry use cases would be subject to their existing data retention rules such as banks and healthcare for example. These latter industry examples have mature and respected data management rules that could go some way in guiding how other industries should respect data.
It is time to take the target of every online users back, as they are hunted by companies wanting to sell them stuff 24 x 7 x 365 throughout their digital lives. Furthermore it is time to stop treating users like ‘product’, whose data is to be marketed, uplifted, cross sold, merged and crunched for every conceivable insight (whether right or wrong seems to matter little) . Privacy protections are needed to preserve dignity and prevent harms such as discrimination, abuse and fraud in all their forms.
To those who reel out the old chestnut ‘I have nothing to hide’, used in its online privacy context it is probably more a symbolic comfort blanket for those in denial that they are out of control. I quote Cardinal Richelieu (the main antagonist in the 3 Musketeers) “If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged“.