Data, Privacy and Power
If we can all agree on who owns which data, maybe we can all be happy — government, corporations, and private citizens.
When two of the biggest behemoths of Big Data — Google and Meta/Facebook — joined forces to help with the effort of contact-tracing people who may have, or may have been exposed to, COVID-19 (SARS-Cov-19), many people were on edge about the potential invasion of their private lives. While the intent to help in the fight against the coronavirus pandemic is definitely good, this action can be seen as yet another attack on personal freedom.
I’ve worked with data professionally for over 20 years in a number of different forms: pharma, fintech, insurance, online and mobile gaming, and TV viewing measurement. It’s treated differently everywhere, subject to a slew of federal and international laws. In the main, however, companies generally follow the rule that they can do whatever they want with the data so long that it doesn’t directly conflict with any of those laws. There usually isn’t any moral restriction if governments don’t first say “that can’t be done”.
The almighty dollar rules.
There are really two primary types of restrictions: those preventing collection of certain data from children (usually meaning those under 13 years old), and those that prevent any third party companies from being able to match personally-identifying information (PII) to the data collected from those individuals, under which personally identifiable health data also falls.
Companies spend a lot of money and time doing whatever they can with our data without stepping on these requirements.
With the Meta (as Facebook) and Cambridge Analytica data “scandal”, the question of who really should control where our data goes has become a topic of household discussion.
Meta and social media in general has become an integral part in the lives of a large percentage of the world’s population since the early 2000’s. In order to reach the heights of billions of users, though, such services need to be free and open to as many people — “users” — as possible. But any service can never be truly free. True, after the software is created the initial use for it requires much less ongoing effort. But the software must be integrated in various places, maintained, improved, and constantly supported in the ongoing battle against hackers. Someone, somewhere, has to pay for it. In the case of social media, that someone is advertisers. And in order to advertise more effectively, brands and agencies want to know as much as they can about the users of a particular social media service so that their spends can be targeted to the right users.
Welcome to Pandora’s Box for the 21st century.
As far as who owns what goes, most organizations view the data that a customer or user generates directly through the use or purchase of their product as belonging to the organization. For example: In pharmaceuticals and medical device, a company has a record of from whom, how much, and when their products are purchased. They don’t deal directly with consumers/patients, though. In their case, the medical establishment is the middleman. Doctors and hospitals are the link that ties products to patients.
How the video game industry utilizes data, however, is very similar to social media. Data in games is all about marketing and monetization: being able to categorize your users and customers in order to better target them for promotions and new product offerings. Video game developers and publishers collect huge troves of information relating to a user’s behavior, including every conceivable data point on what they do while playing a game and also how they interact with web and marketing pages. Whatever a user does while interacting with a gaming product is used to fill an endless reservoir of knowledge that is drawn on to continue improving a game’s KPIs. This data is all treated as property of the game company, and a user essentially agrees to this when registering to play the product via the company’s terms & conditions boilerplate.
When it comes to television advertising, the data used by advertisers is anonymized after a process in which the viewing events of a certain household are matched with demographic data from various sources (like the U.S. Census). No third party ever knows exactly who anyone is (names, addresses, etc.), but the advertisers can see how many households, and in what general area, watch X program for X times and when.
And then there is the whole data space surrounding the Internet of Things (IoT), in which a household is the nexus for a bevy of many connected devices, each of which reports its usage data back to whatever company created and sold it.
We live in a web of information being relayed at dizzying speeds on a nonstop basis.
Only we aren’t the spider in this web. So that leaves one other option, right? We must be the trapped prey.
It’s a spooky metaphor, but sadly, apt in more ways than one. Every one of us, no matter what class we belong to, generates dozens, hundreds, and even thousands of data points every day which are stored in databases and will be called on at some point for analysis or pulled to generate a list that will ultimately feed back into the system and somehow affect our lives. A specific advertisement will be displayed to use via our smartphone, laptop or TV monitor, or we will get some more junk mail delivered to our home or inbox, or be annoyed by a robocall during dinner.
The effects aren’t all negative. The immense power of collected, monitored and collated data helps us find good deals and interest rates, and drives improvements in medical care and road safety. And data as a commodity is a driver of commerce that pushes companies in endeavors that launch satellites with the goal of helping the whole world become connected to wifi, which will ultimately further education and employment opportunities.
I think it’s fair if an organization uses data collected from its own users or customers strictly for improving on their products/services for those users and customers.
Where our data goes outside of an organization that collects it should be controlled by us. We need to be able to opt out of any and all data sharing.
And what our data is used for, by the organizations that collect it, should be revealed fully and completely to us, and we should be able to opt out of it.
Data that is about us — data that we bring with us before signing up for any new product or service — should always remain ours. That includes all of our demographic and PII data. Even if an organization requires us to sign up with our real name, address, phone number, and anything else, those bits of info should never be utilized by the organization for any reason without first obtaining our express permission.
Shoshana Maraney, Content and Communications Director at identity verification company Identiq, has some interesting thoughts on this relationship:
It’s also worth noting the potential of new technologies to enable companies to collaborate without sharing data. For example validating identities is vital for online businesses, but…sharing data with third parties in order for that to happen is not ideal. With the development of technologies such as Identiq’s F.A.I.R. network companies can validate accurately without sharing, copying or transferring any personal data. [In the] future technologies similar to this could change the options available for companies and remove or at least dramatically reduce the use cases where sharing data has traditionally been necessary. The technological solution to enable privacy-first collaboration could be an important part of making the changes that need to happen possible without leading to a flood of fraud.
Unfortunately, not every organization and company around the world believes in the sanctity of personal data, nor are they all held to the same standards or laws. This will never be the case, so our own data safety rests on our shoulders.
It all begins at home, when our children reach the age to independently use electronic devices. We need to inform and teach them what to watch out for and how to protect their privacy and data security.
For the everyday citizen and scrupulous companies, vigilance is the best protection.
Thank you for reading and sharing! If you would like to support me further as a writer you can purchase my novel “Talisman of Earth” here: https://amzn.to/3rTHS1f