2014 will be the year when citizens start to take control over their own data. So far the public has accepted a dramatic increase in use of personal data because it doesn’t impinge much on freedom, and helps to give us a largely free internet.[i]
But all of that could be about to change. Edward Snowden’s NSA revelations have fuelled a growing perception that the big social media firms are cavalier with personal data (a perception not helped by Facebook and Google’s recent moves to make tracking cookies less visible) and the Information Commissioner has described the data protection breaches of many internet firms, banks and others as ‘horrifying’.
According to some this doesn’t matter. Scott McNealy of Sun Microsystems famously dismissed the problem: “you have zero privacy anyway. Get over it.” Mark Zuckerberg claims that young people no longer worry about making their lives transparent. We’re willing to be digital chattels so long as it doesn’t do us any visible harm.
That’s the picture now. But the past isn’t always a good guide to the future. More digitally savvy young people put a high premium on autonomy and control, and don’t like being the dupes of big organisations. We increasingly live with a digital aura alongside our physical identity – a mix of trails, data, pictures. We will increasingly want to shape and control that aura, and will pay a price if we don’t.
That’s why the movement for citizen control over data has gathered momentum. It’s 30 years since Germany enshrined ‘informational self-determination’ in the constitution and other countries are considering similar rules. Organisations like Mydex and Qiy now give users direct control over a store of their personal data, part of an emerging sector of Personal Data Stores, Privacy Dashboards and even ‘Life Management Platforms’.
The tipping point
In the UK, the government-backed Midata programme is encouraging firms to migrate data back to public control, while the US has introduced green, yellow and blue buttons to simplify the option of taking back your data (in energy, education and the Veterans Administration respectively). Meanwhile a parallel movement encourages people to monetise their own data – so that, for example, Tesco or Experian would have to pay for the privilege of making money out of analysing your purchases and behaviours.
When people are shown what really happens to their data now they are shocked. That’s why we may be near a tipping point. A few more scandals could blow away any remaining complacency about the near future world of ubiquitous facial recognition software (Google Glasses and the like), a world where more people are likely to spy on their neighbours, lovers and colleagues.
Geopolitics will also play its part. Europe is much more concerned about identity and privacy than other parts of the world, and that concern has been fuelled by Prism. Europe will set much more stringent rules for protecting personal privacy[ii] and given that the EU now has 500 million of the world’s richest citizens it will be hard for social media firms to ignore these standards.
Meanwhile some firms are distancing themselves from the pack – like Microsoft developing technologies to help citizens control unauthorised reuse of their data. The big consultancies and accounting firms see privacy accreditation as a huge new source of business. And BCG recently warned that two-thirds of the total value of greater use of personal data, estimated to reach a potential €1 trillion in Europe by 2020, will be lost if organisations fail to establish trust.
The next few years will bring a further explosion of data, and data awareness in daily life. We’re some way off the new Magna Carta that will, at some point, need to establish the ground rules of privacy, power and identity in a digital world. But these issues are fast moving from the margins to the mainstream of daily life – and quite a lot of very powerful organisations risk being on the wrong side of history.
[i] I’ve had three main involvements in this field in the past: at Demos in the 1990s we ran some big research programmes on privacy, the Internet and trust which in retrospect were far ahead of their time. In government I oversaw the Cabinet Office review of privacy and data sharing in 2002 (which, ironically, can no longer be accessed on-line). In both cases we concluded that, with the right safeguards, the public stood to gain more from the free flow of personal data than they were losing. But the balance of the issue has changed markedly – one reason why more recently I became involved in helping the creation of Mydex, a project to give the public much more control.
[ii] A good recent overview of the field which sets out current European thinking is ‘Digital Enlightenment Yearbook 2013: the value of personal data’ published by the Digital Enlightenment Forum.