About two-thirds of the global population – ~5 billion people – use the internet today. This generates a lot of data. This isn’t news; we know our names and contact info are just the tip of the iceberg. Myriad institutions store individuals’ information (e.g. social, political, financial, medical, etc.) Where we go, what we do, and who we’re with is tracked and profiled, often in real-time (see: Google Maps Timeline). Data is collected from various internet-enabled devices.
This is the ‘Internet of Things’, which is expected to double in size over the next few years.
We also regularly allow ‘cookies’ to track our behaviour online. Yet, the most popular services for mobile messenger (WhatsApp) and video conferencing (Zoom) stand out for being end-to-end encrypted. So do we not want control of our data?
Imagine owning all of your data in a secure and decentralised way. This is the principle behind ‘self-sovereign identity’. The UN’s ID2020 Alliance hopes to create digital identities for the one billion people lacking official proof of identity by 2030. The World Bank has similar prospects for its ID4D Initiative.
- Advertisement -
Yet, the EU’s General Data Protection Regulation – arguably the modern gold standard of privacy law – seems too “vague and difficult to interpret” to be globally effective.
State governments are largely left to their own devices. Consider how data from wearables has been trialled in US court proceedings. In Australia, some government institutions have the power to take over people’s devices and accounts.
Societally, we’re still learning and adjusting to the Fourth Industrial Revolution. So, mistakes are being made. Take the recent IRS scandal as facial recognition technology becomes increasingly prevalent amongst government institutions.
More than ever, governments are implementing digital identity programs. The UK just hired Deloitte to develop their self-sovereign digital identity app. Nigeria just launched a
According to the Edelman Trust Barometer, people tend to trust businesses over governments. And what if you could monetise your data? Privacy economics will undoubtedly need further study as over half of global GDP is digitised. Blockchain technology is developing independently from regulators and to the potential impacts and use cases.
Innovations like the Brave browser and its Basic Attention Token are disrupting the data privacy space. The importance of age verification for social platforms can’t be understated. The data sector is also still evolving – time will have to tell how future technological developments (e.g. AI, Neuralink, the Metaverse, etc) shape how our personal information is stored and used.
The privacy paradox
A stunt by Proprivacy.com convinced 99% of respondents to sign a privacy policy agreeing to:
- Allow drone traffic above their property;
- Give their mum full access to their browsing history;
- Invite an FBI agent to every Christmas dinner for a decade; and
- Surrender the naming rights of their firstborn child.
Most people don’t read the fine print, opting for uninformed consent. Despite some efforts by companies to make this process easier, reading every legally oversaturated privacy policy for all the institutions you provide your data to would take an irresponsible amount of time. However, it’s more inconvenient to disagree, so we allow for contradiction.
- Advertisement -
Today, nearly everyone has a digital identity whether they like it or not. Indeed, most of us feel compelled to. And almost every major global company engages with the ‘big data’ pool this creates. Click here to find out which companies know the most about you.
Meta made ~US$40 per user in advertising revenue last year and users agreed not to be compensated. It’s why in 2012, Facebook spent US$1B acquiring Instagram – a company which at the time had just 13 employees and now nets them US$20B annually. The global ad industry is using more personal data than ever before.
It’s normal for institutions in the modern ‘sharing economy’ to use big data. Consider how tailor-made the online ads we consume every day are. Or how Google always seems to be one step ahead in its search recommendations.
Case study: Cambridge Analytica and ‘shadow profiles’
During his 2018 appearance before US Congress, Mark Zuckerberg apologised for the misuse of public data from 87 million Facebook profiles. This data had been provided to Cambridge Analytica, a former British consulting firm specialising in political advertising. Most notably, Cambridge Analytica helped the pro-Brexit #VoteLeave campaign and the 2016 US Presidential campaigns of Republicans like Ted Cruz and Donald Trump.
Supposedly, Cambridge Analytica wasn’t as useful as Facebook claimed to be. Regardless, this should raise concerns about what happens to the data we share. Facebook has the most monthly active users of any social network as of January 2022 – almost 3 billion people. Anyone can see there’s a discrepancy here. What about the other two billion people?
So anyone can opt out of Facebook collecting their data for ads, but Zuckerberg said that Facebook collects data on non-users for “security purposes”. This is known as a ‘shadow profile’. Basically, Meta collects data on everyone. Google does this as well. Both use this data at their discretion, without publicly declaring the full extent – and they don’t have to.
Bad actors, cyberattacks and zero trust
In 2013, Yahoo announced that data had been stolen from about one billion users. Four years later, they revealed that it was actually all 3 billion accounts on their platform. At the time, that was pretty much everyone on the internet. Data breaches happen often and are becoming more common.
Consequently, there’s a current shift towards ‘Zero Trust’ cybersecurity, which involves replacement of the traditional ‘firewall’ with continuous monitoring and verification protocols.
- Advertisement -
The unauthorised use of personal data isn’t necessarily malicious. Consider how Lifeline Australia provides anonymised data for research, which is standard practice. Facebook data was used to monitor the migration of refugees during the 2020 Venezuelan border crisis. A Florida teenager has been tracking the private jets of Elon Musk and Russia’s oligarchs. And Target used to track women’s pregnancies so they could send them coupons.
The use of big data is a mixed bag, largely because regulations and attitudes are still being formed. But what’s known as a “self-sovereign identity,” run on the blockchain, maybe a solution to increasing data and online privacy concerns.