In the first two parts of this series, privacy was identified as a human right. However, preserving it in today’s society poses some challenges. In addition, individuals and organisations should not ignore risks of privacy breaches. While some regulatory changes were introduced in recent months and years, it remains to be seen whether these changes provide expected protection.
With continuous technological advancements, protecting one’s privacy in tomorrow’s societies becomes even more important – or does it?
One of the emerging technological trends is the Internet of Things, e.g. household devices and appliances are connected wirelessly to the internet – all for the convenience of the user. A grocery list for the fridge can be synchronised with other smart devices, the cycles of the washing machine can be controlled remotely and health monitoring devices can transfer information such as heart rate or blood pressure to an internet-connected station. All this data provides even more insights into a person’s habits, interests or predispositions. Not only the user is interested in such information but also companies and governments.
Using advanced analytics and artificial intelligence, a profile can be created which describes a person better and more meticulously than that person could describe him or herself. Creation of such a profile may have different reasons and good intentions. However, since such a profile exists it can easily be converted to serve other purposes. Databases can be connected, behavioural patterns forecasted and appropriate measures initiated without any actual event taking place. All this is done to prevent criminal activity of a few or target potential customers with even more specific advertisement. Factoring in scope creep, incomplete extracts or mis-interpretation of information with cultural/racial bias could have detrimental effects on an increasing number of innocent people.
China is a leading example for the comprehensive use of personal data. In 2020, China will finalise the introduction of its social credit system which scores its population according to its trustworthiness. For example, people with a high score will receive special treatment at hotels, cheap loans and study places at the best universities. In contrast, people with low scores will experience restrictions on travels and loans. They will also find it difficult to start a position with the government. This is the current scope of consequences. However, future, more severe consequences may have an even more detrimental impact.
Data is collected for the social credit system via different channels. These include position tracking, facial recognition, body scanning and mobile apps on smartphones. Advanced Analytics and Artificial Intelligence analyse and correlate the data resulting in these credit scores.
Other jurisdictions are not as advanced as China in terms of surveillance and use of personal data. However, a certain trend towards more surveillance and increased data collection is recognisable. Surveillance cameras are equipped with facial recognition capabilities, at airports fingerprints or body scans are taken and databases containing personal data are connected in order to enrich collected information.
With the introduction of the General Data Protection Regulation (GDPR) the European Union (EU) leads the way in controlling the use of personal data. However, compliance with GDPR poses some challenges for organisations in terms of increased organisational complexity and operational costs. Non-compliance incurs heavy fines. While protecting privacy may benefit consumers, some would argue that it creates competitive disadvantages for organisations which have to comply with GDPR. However, this may be a hasty conclusion. Recent data scandals such as Cambridge Analytica’s misuse of personal data and Facebook’s continued sharing of personal data with other organisations such as Amazon, Netflix and Microsoft resulted in a public outcry and tumbling of the share price of respective company.
Privacy: A Competitive Advantage
Different from other large corporations, Apple recognised that privacy may provide a competitive edge. With other Tech companies using personal data to their advantage and sometimes to the detriment of individuals, Apple’s CEO Tim Cook recently asked in a speech in which world do we wish to live in. He went as far as saying that GDPR should be implemented world-wide not only in the EU.
As discussed in previous paragraphs most companies still hold the illusion that privacy is not important and does not need to be preserved. However, with growing negative sentiment against such views, organisations which can preserve privacy to the extent of customer wishes may set themselves up for success in the coming years.
Privacy: An Individual Choice
Since different stakeholder groups define protection of privacy according to their own interests, preservation of personal data becomes an individual choice. Governments require personal data to manage immigration as well as fight terrorism and criminal activities. Commercial organisations are interested in enhancing their revenue streams. Even the general population has different needs for privacy. For example, Millennials, having grown up with the latest technological developments, are less concerned about their privacy than older age groups. It appears younger generations are more willing to share their personal data. Conclusively, every member of society needs to make a conscious decision to what extent one wants to share personal data.
Key questions are:
- How much privacy is necessary?
- How much privacy is achievable?
- How much inconvenience is one prepared to accept?
These questions imply that every individual must understand which information is shared with whom and what consequences exist for not sharing that information, i.e. what “price” a person wants to pay to preserve one’s privacy. Besides the usual recommendations such as using a different internet browser or encrypt the hard drive, some additional measures are suggested:
- Only use social media for specific purposes such as business and be aware that any provided information will be correlated with data from other sources.
- Check whether an email address has been hacked (https://haveibeenpwned.com/)
- Avoid providing personal information to companies which are known to repurpose it, e.g. Google, Equifax, Experian etc.
- Use cash instead of credit cards
- Turn off data collection features on smart devices such as TVs, fridges etc.
How far would you go
to preserve your privacy and that of your clients?