Ode to Privacy

The word risk derives from the early Italian “riscare” which means to dare. In this sense, risk is a choice rather than a fate. The actions we dare to take, which depend on how free we are to make choices, are the story of what risk is all about. And that story helps us define what it means to be a human being. - Peter L Bernstein, Against the Gods.

Slight levels of paranoia in societies have been proven to be an evolutionary benefit if properly prioritized and managed to alert a risk. We live under distributed and centralized data processors that are fed by the sacrifice of our autonomy, privacy and, to some extent, our individuality as algorithms are “artifactualized” in order to have political and commercial power over our individual choices.

Biased technologies that improve mass surveillance are rising at a much faster rate than their regulations since politicians are unable to see all of the consequences or applications of such advances. People do not have access to these source codes and therefore have no power over them as machine learning is a black box, sometimes to programmers.

Today, it is unclear what data can be subject to appropriation and to what extent this data privacy is an absolute fundamental right when dealing with such relative risks and benefits to the individual and the public. There is a very interesting debate on whether privacy is denying access to something or the control over what we deem private.

Kevin Macnish exemplifies this by questioning whether someone obtaining your diary would be an invasion of privacy or whether this is only true for when they read it. The issue with the second is that once you lose control of your privacy, you need to trust the person that has access to it. Extrapolating this question to mass surveillance, if the CCTV network was embedded with real time biometric recognition, you need to trust the surveillant authority that they will be ethically infallible.

Why you shouldn’t want to be surveilled has nothing to do with “having done nothing wrong,” as this depends solely on the relative definition of “wrong” by the surveillance authority that may vary with time and location. To hide something, like the content of one’s diary does not mean you’ve done something wrong but rather that the activity gains value by remaining private.

As with privacy you obtain many values like fostering relationships with others and oneself, security as you protect yourself from being judged from relative information that might harm your reputation or position in any aspect of your life and you also protect yourself from being subject to manipulation from political or corporate surveillance.

Personal or private data is very valuable and yet now, it empowers public and economic actors much more than it does to a single person. According to European legislation, this data is no longer personalized once it is anonymized, so that economic and public actors can still benefit from the advantages of “big data” feeding into the machine-learning algorithms without any risk to the individual.

However, these risks have not been properly mapped out for the individual to provide ethical consent as no individual alone could possibly understand how their personal data or their metadata that has little value to themselves could end up feeding a deterministic algorithms shaping whether you get a job, credit, who you will end up voting, or where you will shop.

Protecting your privacy in the end protects your freedom of taking risks embedded with individual choices and, to some extent, living your life with dignity.

That’s just it, there should be no consent and no terms, no legal nonsense. Because nobody in their right mind would consent. Instead there should be totally private systems that don’t give anything away, and no way to guess who a person is either. Then it is a matter of there being new technologies that allow for anonymous attribution for ad personnalisation and performance tracking, and so on. And finally each time we give our personal information, it could only be when necessary such as with a bank. Perhaps we could also all have multiple identities, multiple addresses that can be each individually controlled and monitored, where only we (and the government) can connect them to an actual person. That would be an ideal, so we have a long way to progress from where we are now.

A very concise article that has yet so many angles and food for thought. Our privacy is infringed upon more pervasively than most people realize, and this will have unknown and probably far-reaching consequences if it is allowed to continue to erode. With “data the new oil” some true Wild-West stuff is happening with our data. As the excellent social cooling website explains, we will change our behavior, unless the trend is changed. It says “Privacy is the right to be human” and we are becoming more aware of how that is true.

There are many flaws in how we try to improve our situation. Like for instance the majoriity of anonymized data is easily deanonimized. On the regulatory front it is not just lawmakers that lack the knowledge. They are in large part dependent on the tech they proclaim to improve, while being fiercely lobbied by (and bowing to) the corporations they want to legislate.

But there are hopeful developments too. Legislators are truly waking up to the dangers and pitfalls and catching up (though late, as even democracy itself is in danger). And technologies too, like Personal Data Vaults or Zero Data Apps (Solid Project among others). These solutions are interesting, as they turn things around: no longer do you have to read and/or agree with a privacy policy full of incomprehensible legalese (and follow a chain of 3rd-party policies), but you expose your private data to applications on your own terms of use and on a case by case basis, by giving consent. Or offload the processing logic entirely to your own device, so that the remote platform doesn’t get to see your PII. But things move fast, and these technologies still need a long while to mature. There are also mutliple identiy standards in the works, but distributed identity is a very tough nut to crack.

Interesting times ahead. It’s between panopticon and dystopia, or retaining of our freedoms and human rights.