Do we care about digital privacy?
Recently the Chinese government ordered online platforms not to offer ride-hailing giant DiDi's applications. The allegation against them is that "they are illegally collecting users' personal data". With more users than Uber, DiDi is one of the leaders in the ride-hailing service business. This same allegation has been voiced around the world against most social network services, or those smart services that let us rest at home while the products (or sometimes humans) are delivered to their destination. According to DiDi this will severely impact their revenue stream. Already, the listed shares of DiDi fell nearly by 4 percent in pre-market trading. But will this act stop or at the least reduce data privacy violations of users? Or do we need a systematic design shift? The answer lies in the understanding of what the users think about their data and how the services communicate with the users regarding the data use.
So, what is personal data? It is any information that relates to an identified or identifiable living individual. Even different pieces of information that may lead to the identification of a particular person are personal data. These include my name, address, my personal email address, identification card number, location data that can be obtained from my cell phone, the Internet protocol address of the computer I am using now, my cell phone's identifier, my hospital record, and many other things. We give away all this information in our everyday interactions with digital services through the use of mobile applications or accessing the web using browsers.
People often confuse privacy with secrecy. We all know what we do when we answer the call of nature. Still, we shut the door of the "petit coin". This is because we want privacy, not secrecy. Article 12 of the Universal Declaration of human rights states: "No one must be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation". Privacy is a right, not a privilege!
We work, shop, get entertainment, look for information and catch up with friends and family online. When we do these online we expect that it would be a quick and easy experience. But that's rarely the case. If you are reading this column online, chances are that before you could start reading it, you had to navigate through a jungle of advertisements. Most websites we visit nowadays are cluttered with advertisements. They also have trackers that are snippets of code that send information about you to other companies. These trackers use your information to target you with advertisements, analyse your behaviour regarding certain news or issue and connect you to specific platforms without your knowledge. If you had the means to check who's lurking behind, you'd see names of companies that you probably have never heard of.
It is like the 1954 movie "Rear Window" by Alfred Hitchcock. A professional photographer with a broken leg staring at his neighbourhood, eventually solving a murder mystery! However, in this modern digital world, we are the neighbours going about with our everyday lives while millions of companies are monitoring us as we have kept our windows open.
Digital applications gather a vast amount of real-time data every day that they use to analyse our choices and movements. It means that that they know where we live, which places we frequently visit and when, how long we work, what food we like and when is the best time to remind us about that product! There is both legitimate and illegitimate use of these data. These applications do not only focus on us but sometimes sell our data to their buddy applications and advertisers. In the darknet that is not indexed by popular search engines, there are data brokerage companies that sell data of ordinary folks. Companies are now into targeted marketing. Now when I walk past a supermarket and get an SMS, "new deal on Hilsha fish", I do not get surprised. The supermarket where I frequently visit probably has shared my customer loyalty information with advertisers! Now they know I love Hilsha fish, especially when it is raining. But did I permit them to share this information? I am sure I did not.
A lot of us are unaware that digital platforms know more about us than we do about ourselves. But those who are aware are not doing much to stop it. GSMA—the industry organisation that represents the interest of the mobile network operators, surveyed to know how concerned we are about our privacy in the digital world. They found 70 percent of consumers are concerned about the privacy of their data and 48 percent pointed out that their concerns are growing. The same survey points out that nearly 50 percent of the consumers fail to take basic precautions such as changing a password. People appear to be doing very little about their privacy concerns!
Why is this happening? Firstly, we do not have enough information regarding how we can keep our digital life secured. This ignorance arises because these issues are not talked about much in our public or private forums. In our recent journal submission with colleagues at the University of Dhaka, we conducted a perception survey on password awareness among 881 Bangladeshi users. We found that most of the digital service users are unaware of the malpractices of password use. They are prone to use weaker passwords, mostly reuse their old passwords and most of their passwords have their personal information—making their digital lives vulnerable. One way to reduce this vulnerability is by educating people about this risk. Hacking and breach of passwords is a known risk. People who are unaware of this vulnerability will never fathom the severity of the unknown risk of giving away bits and pieces of personal information. Nobody taught us that information in the wrong hands is dangerous, and we cannot predict the future! Whatever we do on the internet stays!
Secondly, organisations are reluctant to give away details about their privacy policy regarding personal data. In very recent research at United Nations University, we found that the majority of the applications that came out during the Covid-19 pandemic, collect various sensitive personal data even if they do not have any apparent use. Most applications do not explain the reasons behind the collection of data, why we should trust them, and rampantly use location data!
The fact is, the devil resides in the design. Even if we care about our privacy, we simply do not have the means to "close the window to the on-lookers". It means that acting against one company or two will not solve the issue. We need to get control over these digital windows—we should know how to open and close them. We should also be able to choose when to open, how much to open and when not to open. We must educate people about privacy in the digital world. Governments need to make it mandatory for the digital platforms to clearly state their data use and privacy policies. The idea is simple, when we subscribe to a platform, we will know what this platform will do with our data and how we can choose to say "yes" or "no" to this use—they should not get away with some legal words that we never read! Industries need to make sure that they give "usable and adequate information" about their data use in a way that we can comprehend. For Bangladesh, it means these should be written in Bangla, so that we all can understand.
Moinul Zaber, Ph.D. is a Senior Academic Fellow at Operating Unit on Policy-Driven Electronic Governance (UNU-EGOV), United Nations University, Guimarães, Portugal. His Twitter handle is: @zabermi
The views expressed in this article are personal.
Comments