Autonomy, Privacy and the Symbiotic Web Paul Bernal - LSE
May 15, 2015
Autonomy, Privacy and the Symbiotic
Web
Paul Bernal - LSE
The internet is an intrinsic part of modern
lifeInteractions with government, from tax returns and claims to access to health services
Discounts, beneficial rates, some shopping services, delivery services only available online
Access to information is faster, more extensive
You CAN exist without online access, but you will be increasingly disadvantaged
Autonomy should mean the freedom to access modern life - so we should be ‘free’ to enjoy the internet...
The internet and personal data
More data is being collected, and in more ways and by more organisations than ever before
The data that is gathered is being used in more ways than ever before
All of these trends are increasing, without any sign of slowing
Does this represent a threat to autonomy?
The Symbiotic WebA new model to understand this phenomenon - it helps explain:
Why so much data is gathered
The principle commercial uses to which it is put
Some of the ways it might be used in the future
Why so much data collection and use is covert
The difficulties our legal and regulatory systems have in controlling it
The threats to our privacy and autonomy that arise through it
Symbiosis
Where two different kinds of organism exist together in a state of mutual dependence
Symbiosis can be mutually beneficial - but can also become parasitic, and detrimental to one of the parties
The Symbiotic Web
Individuals and commercial enterprises are mutually dependent:
Enterprises have built business models reliant on a currency of private data
Individuals depend on ‘free’ access to many services - from search engines to price comparison web sites, email to YouTube
Users
Web 1.0
Content Providers
The Symbiotic Web
User/Contributors
Web 2.0
Content Providers
The Symbiotic Web
User/Contributors
Web 2.5Content Providers/
Information Gatherers
The Symbiotic Web
User/Contributors Web 2.5
Content Providers/Information Gatherers
The Symbiotic Web
A fractured web?
Individualised advertising, content - and links
For search engines, for example, different search results - or search results in a different order
Overall, the effect is more than just on the individual page, but on the navigation and the whole web experience
Not in the control of the user, but of the web providers
The origins of the Symbiotic Web
Business models of Google and Facebook
Other businesses trying to emulate them
Not an expected development - many (including the EU in their E-money Directive) were expecting a big need for online micro-payments. These have not really materialised on any scale
Data and the data gatherers
Search data - search engines
Clickstream data - ISPs and web providers
Communications data - email, telephony, chat
Social data - social networking sites
Commercial data - transactions AND ‘browsing’ data
‘Habitual’ data - Google maps etc, YouTube etc.
Competitive drives
The understanding by businesses that personal information has commercial value
Organisations gather more and more data, not just for specific current or planned uses, but speculatively
Once the data has been gathered, there is a drive to find more uses for it, to take advantage of your ‘assets’
New businesses developed for aggregation and profile generation - and to help other businesses use data
Competitive drives
As competition develops, so do competitive and anti-competitive practices - alliances, cartels etc Beacon and Phorm are prime examples
Drive for more ‘tailored’ services - and potentially price or service discrimination
The need for covertness - when customers know what is happening, they often object. Beacon and Phorm are again examples.
As competition increases and margins fall, less attention may be paid to ‘ethics’
ConsequencesA burgeoning market in data - one about which users are being kept deliberately unaware
Much more data is being held - and hence is vulnerable
New data types are emerging - profiling data in particular - which has more significant vulnerabilities. Better targetted scams are more likely to succeed
New kinds of risks are emerging - ‘Back-door Balkanisation’ is just one example
Solutions?
Break the dependence - through stronger, better enforced laws?
Change the paradigm - effectively give up on privacy. Accept that this is happening, enjoy the positives, penalise excesses.
Weaken the dependence - strengthen the rights of individuals, particularly in terms of consent and rights to be informed
Do very little - allow norms and markets to redress the balance. This may be happening already - e.g. Google reducing data holding periods
A rights-based approach?
Human rights should extend to the internet
Appropriate rights need to be developed:
A ‘right to roam with privacy’ - i.e. without data being gathered about you
Stronger data protection laws - including stronger requirements for informed consent, and rights to have data deleted
A new paradigm where privacy is taken seriously - and becomes something that companies gain from
Autonomy, Privacy and the Symbiotic Web
•Paul Bernal
•CCJHR Postgraduate Conference