Surely, there is money to be made from people’s private information. Most tech companies monetise the information they collect from people – by selling or exchanging raw data, or by processing it and selling what they learn from it. In fact, these money streams provide them with the resources needed to develop and manage the technologies that harvest private information, free of charge. It’s a bizarre state of affairs: more technology collects more data that is traded for money that enables more technology to collect more data etc. It is a state of affairs nobody really had a problem with for many years. After all, weren’t we all collectively ecstatic about our sparkling new devices and convenient new apps?
But this has changed. Data manipulations that exploit people for ulterior purposes – often hidden, sometimes harmful and immoral – have come to light. Only the top of a titanic iceberg, some claim. Only the start of a doomed future in which people will be dominated by those in control of technology, or worse – by intelligent technology itself. In any case, reasons enough, most claim, to motivate a global call for regulation that protects people’s privacy, and in the same breath – human liberties.
While well intended, there seems to be an awful lot of confusion and frustration surrounding these regulations. On the one hand, people invoke them left, right and centre to justify their refusal to share information. On the other hand, companies bombard consumers with dense-looking statements and requests for our consent at the drop of a hat. It is perhaps good to point out that these regulations don’t aim to prohibit the processing of private data categorically – there are simply too many social and economic benefits resulting from that processing. What they do in fact aim for, is establishing conditions for doing so. These conditions fundamentally revolve around one principle – consent – and aim to give people back control over which private information they share with others. For South Africa, the most relevant of these regulations are the Protection of Personal Information Act (POPIA) and the EU’s General Data Protection Regulation (GDPR).
But why should privacy be protected at all? While some argue that privacy is bad – its lack of transparency may be used as a cloak to hide social harms or to fence off economic progress and distribution – most agree that people desire to have control over which information they share with others – to some extent, for at least two reasons. Firstly, privacy makes us human. The desire for privacy reveals something about how we relate with other people. Think of the difference between sharing intimate information with a pet, or with a device, as opposed to sharing that information with another person. We wish to keep some information about ourselves away from other people – perhaps because of how people may use that information against us (in ways that pets and devices can’t). Or, as some philosophers claim, because of how sharing information of different levels of intimacy defines our different social relationships. Secondly, if knowledge is power, then knowing something about a person gives power over that person. Privacy gives us power to control who knows what about us, and consequently control over who we allow to interfere with our minds and lives.
While the value of privacy may be obvious for consumers, profit-driven companies may be forgiven to question “What’s in it for us?” Why should we respect our customers’ privacy, if there is good money to be made from personal data?
Interested to read more about this topic? Read The Ethics of Data Privacy