{"id":2633,"date":"2014-12-16T23:16:21","date_gmt":"2014-12-16T23:16:21","guid":{"rendered":"http:\/\/www.lifeandnews.com\/articles\/?p=2633"},"modified":"2016-08-15T01:49:50","modified_gmt":"2016-08-15T01:49:50","slug":"personal-privacy-is-eroding-as-consent-policies-of-google-and-facebook-evoke-fantasy-world","status":"publish","type":"post","link":"https:\/\/www.lifeandnews.com\/articles\/personal-privacy-is-eroding-as-consent-policies-of-google-and-facebook-evoke-fantasy-world\/","title":{"rendered":"Personal privacy is eroding as consent policies of Google and Facebook evoke ‘fantasy world’"},"content":{"rendered":"

By Fred H. Cate<\/a>, Indiana University, Bloomington <\/a><\/em><\/p>\n

We live in a world increasingly dominated by our personal data.<\/p>\n

Some of those data we choose to reveal, for example, through social media, email and the billions \u2013 yes, billions \u2013 of messages, photos and Tweets we post every day.<\/p>\n

Still other data are required to be collected by government programs that apply to travel, banking, and employment and other services provided by the private sector. All of these are subject to extensive government data collection and reporting requirements.<\/p>\n

Many of our activities generate data that we are not even aware exist, much less that they are recorded. In 2013, the public carried<\/a> 6.8 billion cell phones. They not only generate digital communications, photos and video recordings, but also constantly report the user\u2019s location to telephone service providers. Smartphone apps, too, often access location data and share them through the internet.<\/p>\n

Added to the mix are video and audio surveillance, cookies and other technologies that observe online behavior, and RFID chips embedded in passports, clothing and other goods \u2013 a trove of data collected without our awareness.<\/p>\n

Trillions of transactions a year<\/h2>\n

Much of this data is aggregated by third parties we\u2019ve never heard of with whom we have limited or no direct dealings. According to The New York Times<\/a>, one of these companies, known as Acxiom, alone engages in 50 trillion data transactions a year, almost none collected directly from individuals.<\/p>\n

Known as information intermediaries, they calculate or infer information from demographic information such as income level, education, gender and sex; census forms; and past behavior, such as what clothes and foods someone purchased. That can generate data profiles that can be very revealing and used in determining credit scores, marketing predictions and other ways to quantify us.<\/p>\n

As the volume, importance and, indeed, the value of personal data expand, so too does the urgency of protecting the information from harmful or inappropriate uses. But as we know, that\u2019s not easy.<\/p>\n

Most data protection laws in the US and elsewhere place some or all of the responsibility for protecting privacy on individual subjects through what\u2019s called \u201cnotice and consent.\u201d<\/p>\n

In 1998, for example, the US Federal Trade Commission, after reviewing the \u201cfair information practice codes\u201d of the United States, Canada and Europe, reported to Congress<\/a> that the \u201cmost fundamental\u201d principles to protect privacy are \u201cnotice\u201d and \u201cconsumer choice or consent.\u201d<\/p>\n

US statutes and regulations tend to parallel the FTC\u2019s rules and recommendations on notice and choice. All US financial institutions are required to send every customer a privacy notice every year, and doctors, hospitals and pharmacies provide similar notices, usually on every visit.<\/p>\n

The focus on notice and consent is not limited to the United States. The draft of the European Union\u2019s General Data Protection cites \u201cconsent\u201d more than 100 times and emphasizes its importance.<\/p>\n

\"\"<\/a><\/figure>\n

People across the world are spending more and more of their lives online, in the process handing over billions and billions of documents with their personal data.<\/span>
\nReuters<\/span><\/span><\/p>\n

All our fault<\/h2>\n

The truth is that notice and consent laws do little to protect privacy but typically just shift the responsibility for protecting privacy from the data user to the data subject \u2013 that would be us. After all, if anything goes wrong, it is our fault because we consented \u2013 often without realizing it.<\/p>\n

Individual consent is rarely exercised as a meaningful choice. We are all overwhelmed with many long, complex privacy policies that most of us never read.<\/p>\n

It is no wonder. One 2008 study calculated<\/a> that reading the privacy policies of just the most popular websites would take an individual 244 hours \u2013 or more than 30 full working days \u2013 each year.<\/p>\n

A reliance on notice and choice both under-protects privacy and can interfere with and raise the cost of beneficial uses of data, such as medical research and innovative products and services. (This is especially true when personal information is used by parties with no direct relationship to the individual, generated by sensors or inferred by third parties.)<\/p>\n

\u2018Fantasy world\u2019<\/h2>\n

In a May 2014 report, the US President\u2019s Council of Advisors on Science and Technology described<\/a> the \u201cframework of notice and consent\u201d as \u201cunworkable as a useful foundation for policy.\u201d The report stressed that \u201conly in some fantasy world do users actually read these notices and understand their implications before clicking to indicate their consent.\u201d<\/p>\n

There are better alternatives. One is enacting laws that place substantive limits on risky or harmful data uses, for instance. Another is to increase oversight by government and self-regulatory agencies, which could potentially forbid certain uses of personal data by third parties.<\/p>\n

Many privacy advocates note that the US is the only industrialized country without a dedicated privacy office in the federal government. Creating one might help ensure more attention is paid to privacy.<\/p>\n

Other efforts are underway to restrict notice and choice to times when they are necessary and meaningful, and then to make them simpler and clearer.<\/p>\n

Another promising approach would be to ensure that businesses take responsibility for their uses of personal data by making them legally liable for the reasonably foreseeable harm they cause, rather than allowing them to use notice and consent to continue shifting the responsibility to us.<\/p>\n

At minimum, big users of personal data should be required to assess and document the risk those uses pose, and the steps they have taken to mitigate those risks. A more formal approach to managing privacy risks could better protect privacy, lead to greater consistency and predictability over time, and allow data users to make productive uses of data if risks can be mitigated.<\/p>\n

The alternative is to continue to rely on notices no one reads, choices no one understands, and the other ineffective tools of the fantasy world that privacy law has become.<\/p>\n

This article is part of an ongoing series on cybersecurity<\/a>. More articles will be published in the coming weeks.<\/em><\/p>\n

\"The<\/p>\n

This article was originally published on The Conversation<\/a>.
\nRead the original article<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

By Fred H. Cate, Indiana University, Bloomington We live in a world increasingly dominated by our personal data. Some of those data we choose to reveal, for example, through social media, email and the billions \u2013 yes, billions \u2013 of messages, photos and Tweets we post every day. Still other data are required to be […]<\/p>\n","protected":false},"author":39,"featured_media":6244,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/posts\/2633"}],"collection":[{"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/users\/39"}],"replies":[{"embeddable":true,"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/comments?post=2633"}],"version-history":[{"count":2,"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/posts\/2633\/revisions"}],"predecessor-version":[{"id":6245,"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/posts\/2633\/revisions\/6245"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/media\/6244"}],"wp:attachment":[{"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/media?parent=2633"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/categories?post=2633"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.lifeandnews.com\/articles\/wp-json\/wp\/v2\/tags?post=2633"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}