“Privacy Policy” is one of the great oxymorons of the Digital Age. The term also speaks volumes about how the current corporate paradigm of data collection hides behind digital doublespeak.
Most privacy policies are nothing more than a legal fiction designed by lawyers to create an appearance of consent in order to allow mining of personal data for profit. Not only are these policies one-sided – subject to change at will by the corporations who use them -- but they do little to protect the privacy of the public. Instead, they facilitate the dominant corporate paradigm of over collection and retention of personal data that, in turn, invites the litany of data breaches that dominate the news. Against the backdrop of events like the recent Yahoo data hack, most of these so-called “privacy policies” are a classic example of digital doublespeak.
Participation in the economy and society of our time requires that we embrace digital commerce. But these privacy policies, which are long, complicated, and written in legalese. If you don’t click “agree,” you don’t get to engage in digital commerce, whether you understand the policy or not. And by forcing you to “agree,” you’re forced to surrender your fundamental human right to keep your personal information private.
Personal data is an extension of our person. This is the reason that Article 12 of the Universal Declaration of Human Rights protects the privacy of such data. But the so-called privacy policies of our era have actually dramatically reduced our privacy. Such policies have inured an entire generation to the practice of routinely turning over large amounts of personal data because modern life effectively requires it.
As evidence, one need only consider a major study by researchers at York University in Canada and at the University of Connecticut who recently surveyed more than 500 subjects who volunteered to sign up for a new social networking site. The experiment actually studied the extent to which people read the privacy waivers they “accept” when they sign up to use Web sites. As part of the test, the researchers included in the fictitious site’s privacy policy a statement that anything posted to the networking site by the test subjects would automatically be turned over to the National Security Agency. Only one test subject raised a concern about this. They also included a clause that said users of the site agreed to turn over their first-born child as payment for their use of the site. Ninety-eight percent of participants in the study never even noticed.
As we move into the era of the “Internet of Things,” the dangers associated with the lopsided paradigm supported by such policies will increase exponentially. We will live in a world where millions of devices collect data on their users that can then be sold for a profit. While this data can be used to target advertising better, it can also be quite problematic for consumers, as decisions will be made about them on an individual basis based on the data that they generate about themselves.
For example, when you buy groceries, a list of the specific items you purchase may be sent to your health insurance company, and they will use it to assess your health risk and their bottom line. They may increase your premiums or deny you coverage altogether. The same goes for how you drive your car, what kind of car you have, how much you sleep, how much you exercise, what Web sites you visit, how many children you have, how many friends you have, where those friends live, how much money those friends make, etc.
Moreover, there are risks associated with the collection of such data in that the companies collecting it can be hacked and your data stolen. Currently, only about 7-8 billion devices are connected to the Internet, and already data breaches are costing companies more than $1 billion annually. In five years, the number of devices connected to the Internet is expected to grow tenfold, with a resulting increase in hacking and data loss. Before this happens, we need to work together to explore a new paradigm for privacy – one that will protect the privacy of the personal data that expresses our personality with more than transparent doublespeak.