Privacy and the perils of self management

In the next few weeks, I will look to do a few posts about privacy and surveillance. Privacy has evolved into a sweeping concept including within its scope matters pertaining to control over one’s body, physical space in one’s home, protection from surveillance, and from search and seizure, protection of one’s reputation as well as thoughts. This generalized and vague conception of privacy not only comes with unwarranted judicial discretion, it also thwarts a fair understanding of the subject. Robert Post called privacy a concept so complex and “entangled in competing and contradictory dimensions, so engorged with various and distinct meanings, that [he] sometimes despairs whether it can be usefully addressed at all.” This also leaves the idea of privacy vulnerable to considerable suspicion and ridicule. Jonathan Franzen called it the Cheshire cat of values, not mush substance but a very winning smile. I will look to break down some of the ideas of how we can understand privacy in this series of posts.

In this introductory post, I will look at a specific aspect of privacy and personal data that has bothered me for some time. The ideas of privacy and data management prevalent can be traced to the Fair Information Practice Principles (FIPP). These principles are the forerunners of most privacy regimes internationally like the OECD Privacy Guidelines, APEC Framework or the nine National Privacy Principles articulated by the Justice A P Shah Committee Report which is reflected in the Privacy Bill, 2014. All of these frameworks have rights to notice, consent and correction, and how the data may be used as their fundamental principles. What this system does is that it makes the data subject the decision-making agent about where and when his personal data may be used, by whom and in what way. The individual needs to be notified and his consent obtained before his personal data is used. In case, the scope of usage extends beyond what he has agreed to, his consent will be required for the increased scope. He should have the ability to access and correct his data after providing his consent. In theory, this system sounds fair. Privacy is a value tied to the personal liberty and dignity of an individual. It is only appropriate that the individual should be the one holding the reins and taking the large decisions about the use of his personal data. This makes the individual empowered and allows him to weigh his own interests in exercising his consent. This approach worked well when the number of data collectors were less, the uses of data was more narrow and more defined. However, with their being data collectors for every application or website used, and the data being shared with third parties and complex data sets being created, it is humanly impossible to exercise rational decision-making about the choice to allow someone to use our personal data.

According to Daniel Solove, the problems with self management of privacy exists at two levels – cognitive and structural. At the cognitive level, the problems in managing the boundaries of privacy are multifold. Most people do not bother themselves with the privacy policies. A tiny percentage of Internet users actually read the license terms and privacy policies. Often, these terms stand between us and the applications we want to use, and we accept the terms without any regard for what it contains. Even when one takes the effort to go through them, the policies are often vague and for the layman, difficult to comprehend. Even those familiar with the concepts of privacy and the legalese are often ill-equipped to make informed decisions after diligently reviewing these privacy policies. For about six months in 2013, I read each and every terms of service, privacy policy and familiarized myself with privacy settings of social media services I used. I used to work as a lawyer at a large technology company then and was familiar with data protection concepts and trained to deal with the language one encounters in these documents. I still found two factors that continues to impede my ability to rationally make these choices. The first of these structural issues was that of scale. There were just too many data collectors out there for me to intelligently exercise my consent. The more aware I became of the numerous ways my personal data was being collected, the more convinced I became I was fighting a losing battle. The second issue was that as someone with very minuscule knowledge of data science, there was no way for me to predict or estimate the numerous ways in which my personal data would be aggregated. The considerable drop in the costs of maintaining data makes this a long term problem as the data controllers can continue to keep our personal data for as long they wish.

A number of scholars seek a more paternalistic solution to this problem. Julie Cohen looks at the social value of privacy and argues that individual should not have the choice to waive their privacy in a number of cases. In this analysis, privacy exists not only to articulate an individual’s right to self determination, it also exists to perpetuate a certain kind of society. The outcome of such a solution, however, is to take the choice away from the individual. Give the fact that this choice is being exercised so badly, one may feel that it is not such a bad thing. However, often the outcomes of data processing have both positive and negative externalities and it seems unfair to restrict behavior in the absence of clear and demonstrable harm.

The impact of huge and self-defeating obligation of data self management on individuals has been commented upon widely in the last decade. The OECD appointed an Expert Group to re-examine the guidelines. Based on its recommendations, the OECD updated its Guidelines with import changes on accountability and security breach. However, the Expect Group preferred not to touch the basic principles of notice and consent. Later another group moderated by Viktor Mayer-Schönberger recommended more fundamental changes to the guidelines, particularly replacing the Collection Limitation Principles with a Collection Principles that puts greater obligations on the data controllers. Most reforms to the system suggested are centered around making privacy policies simpler and the implementation of an an ‘opt-in’ as opposed to ‘opt-out’ system using clickwrap arrangements instead of browse-wrap where the default is for greater privacy that you have the option of manually waiving. However, they only touch upon a limited aspect of the problem and are very difficult to mandate.

Perhaps an efficient solution lies somewhere at the confluence of privacy self management and paternalistic approaches. It is a fact that we are incapable of micro-managing our privacy and perhaps having a few global privacy settings as opposed to those pertaining to each specific entity will help. However, in an dynamic space where new kinds of online services appear everyday, it will be very difficult to implement. Solove has lamented the lack of inclusion of theories of cognitive sciences by scholars such as Daniel Kahneman and Richard Thaler about how individuals take decisions, in lawmaking.  This is all the more important in recognizing that at the stage of giving consent there are too many unknowns for us to make informed decisions about the future uses of our personal data. Despite blanket approvals allowing any kind of use granted contractually through terms of use and privacy policies, there should be legal obligations overriding this consent for certain kinds of uses that may require renewed consent. This will require a more substantive view of privacy and what are undesirable practices, rather than a neutral view which condones all uses of data so long as it is permitted by contract.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s