Is privacy dead?
I am writing my final submission for 2014 as the year quickly draws to an end. It has been a year of startling privacy revelations, including extreme outrage in response to data breaches and government snooping, which all point to the same question: “is privacy is already dead?” I’ll attempt to answer this with a series of questions where you, the reader, can weigh in.
In November and December, Pew Research released two major surveys on “Public Perceptions of Privacy” and “The Future of Privacy.” Both were extremely troubling in terms of both the levels of intrusion into our privacy already underway, and the general belief by the public (much less by others in the government, military and the judiciary) that privacy is, supposedly, not important. These results were a bit shocking to me on one hand, but not totally surprising on the other. As I have commented in my previous 2014 submissions, the public (consumers) either don’t take the time to read about what they are giving away in terms of privacy rights when they accept a software vendors EULA, or don’t seem to care as long as they perceive that they are getting some value in return. This is very much an American thing, in my opinion, because the rest of the world (most specifically the European Union) remains in a high state of alert in terms of not only protecting existing privacy rights (codified long ago), but in creating new laws, regulations and practices to better protect it in the future. Why is there such a disparity?
It suits the needs of everyone but the consumer (citizen) to have weak or no privacy protections. This allows a world where every consumer is an “opportunity to be exploited or victimized” by whomever has the desire and technical means. In essence, no consumer (citizen) is safe from this behavior and there are few (if any) who want to protect them. The government has already thrown your rights under the bus in respect to national security with the judiciary giving them a green light at ever turn. Silicon Valley tech giants (you know who they are), data brokers and app developers are all willingly using (much less, selling to all interested parties) your PII, behavioral data, health information and other intimate details to target you for offers or to observe and experiment on you. How much worse can it get?
Additionally, those who are supposed to be protecting your privacy rights are in a turf war to see who is actually in charge (for example: FTC versus FCC versus State Department versus Commerce Department and so on) while others who certify privacy protections are being fined for non-compliance, such as eTrust. It is indeed a perfect storm of poor leadership (if any) and lack of genuine interest in doing the right thing (White House Big Data Privacy workshops, NIST Privacy Engineering working group and so on). The only area that is getting any real focus (and funding) is cyber security, which as we know is about security and not privacy. Are we not putting the cart before the horse?
What does the future hold? In my opinion, the rest of the world will continue to take the lead in all things privacy. We will see within five years the balkanization of the internet and associated environments (cloud) with many EU countries operating a private internet featuring limited connectivity with the open internet, localized cloud services (and storage) and much, much tighter privacy protections and limited government means to penetrate and snoop on citizens. In essence, due to constant efforts to thwart the basic human right of privacy, the rest of the world will take a giant step backwards in terms of innovation and build a ring fence around their citizens’ (and governments’) data and ultimate privacy. This will have profound effects beyond just the internet as agreements such as Safe Harbor will be abandoned, affecting international air travel and commerce in general).
The opportunity to create a different version of this future is limited and the ball is in the US end of the court right now. We will see what happens next.