Privacy is a fundamental human right for the evolution of a society. There is no discussion about it, it is included in the United Nations Declaration of Human Rights, the International Covenant on Civil and Political Rights and in many other international and regional agreements. The lack of privacy limits people’s freedom of association and speech, and discourage research and development due to intellectual property leaks.
We are living these days probably the biggest privacy violation related scandal since the Snowden revelations. It all blew up in March this year when reports from the New York Times and other media explained how the London based data mining company Cambridge Analytica was able to build psychological profiles out of Facebook user’s data. The investigation showed some shadows on Facebook’s ability to protect its customers data. It was discovered, and acknowledged by Facebook, that Cambridge Analytica may have accessed over 87 million people’s records without people’s consent between 2013 and 2015. The original source of the data was a quiz offered to users in form of a Facebook app.
To make this a perfect storm to the Silicon Valley’s company, the data Cambridge Analytica was able to silently access was used to help Donald Trump’s campaign. This was probably what elevated the issue to a new level of discussion, and put Facebook management in front of the US Congress to respond some questions.
Zuckerberg’s hearing at the congress wasn’t surprising at all. It was an MBA lesson on how the digital advertising business works. He explained in detail how Facebook makes money providing data to advertisers helping targeting their campaigns, as well as how they try to give visibility and control to users over their data. In some cases, information was blurry and far from understandable. Probably not because him trying to hide something, but because the data monster he has created is too complex.
The question is: if Mark Zuckerberg wasn’t able to explain in 5 hours to congressmen how digital data in the Internet era is handled and what users can do to take control of it: how can we expect users to do so? And Facebook is just the tip of the iceberg; if someone wanted to dig deeper it would find multiple cases as Facebook where user data is out of control and being used without consent.
Let’s face a reality: personal data is the fuel of this century. Advertisers, marketers, strategists, artificial intelligence providers, and many other companies, live and breath from personal data. Additionally, a branch of the cybercrime also traffics with data. Every year the number and severity of cybercrime incidents is growing and the reason is mainly monetary. This article from experian estimated how much money can be obtained for selling personal information in the dark web. Some references:
- Loyalty accounts: $20
- Online payment services login info (e.g. Paypal): $20-$200
- Medical records: $1-$1000
- Passport info: $1000-$2000
The Internet and social media has growth so quickly and has so much traction that whatever regulation and control efforts are in place will take just very little effect. Even the new European Union General Data Protection Regulation, which is considered the biggest change to data privacy in the last 20 years, won’t have a dramatic impact on data trafficking. Or at least in the short term.
So we all need to think carefully about this, and while what Facebook and other Internet companies are doing is a legitimate business, we should be critical and judge whether this will have impact on one of the fundamental human rights: Privacy. If you think it does, change is not in companies, not in regulators, is on us thinking twice before providing personal information in the world wide web.