The death of privacy is a chronicle of a death foretold.
One of my favourite cartoons is the 1970 Newsweek cover that depicts the end of privacy, to me it clearly portrays our fears about loss of control and technologies designed to keep track of our every move. Time Magazine declared the death of privacy in 1997. In 1999, Scott McNealy of Sun Microsystems famously said “You have zero privacy anyway. Get over it”. More recently, he reiterated the feeling in an interview, “privacy, you still don’t have any”.
I must admit that I have been surprised by the strength of public outrage after the Cambridge Analytica scandal, but not by act itself. If you were surprised by the misuse of data to get Trump elected then you have not been paying attention. For days my Cyberlaw timeline has been filled with ‘I told you sos’; once more the tinfoil-hat-wearing brigade is proven correct.
But smug privacy advocates aside, Facebook is facing a tremendous backlash because it empowered and enabled the breach of confidence that allowed the mining of information that was used by Cambridge Analytica. The company has seen its stock plummet, and for a while #DeleteFacebook was trending on Twitter. I’m on record as not being a fan of Facebook, and my recent interaction with the platform has dwindled to the occasional cat picture and duck selfie. However, this diminished interaction is not due to privacy concerns, but mostly because of a growing sense of annoyance at the conservative political views expressed by many people that I used to call my friends. But Facebook remains one of the most important ways in which people interact socially online, and despite the few grumblings, I suspect that it will remain so for at least the next few years. Calls to delete Facebook sound shallow when the people doing so will retain their Instagram and Whatsapp accounts.
And this is perhaps the issue that I have with all of the brouhaha surrounding Cambridge Analytica, it is missing the forest for the trees. If you’re concerned about Facebook and Cambridge Analytica (and you should be), may I introduce you to Palantir, a company so shady that it advertises its purpose in its name? Have we already forgotten about Snowden and widespread state surveillance? Have you tried checking your Google Activity and Location History (via this excellent article)? Have you looked at all the ever-present CCTV cameras around us? Why aren’t people worried about Alexa and other personal assistants?
In many ways, privacy has been dead for a while, but it was killed not by a tech giant, but by a thousand cuts. For every privacy-minded expert out there, there are thousands of people who gleefully give away their data for a chance to know which Friends character they are. The ubiquitous smartphone is a surveillance mechanism the likes of which we have never seen before, and its prevalence with teenagers is such that there is an entire generation growing up with little expectation of privacy, and the boundaries that we took for granted may even seem outdated.
So you may forgive me if the apparent threat of Facebook does not leave me trembling with fear. Facebook is just a piece of a puzzle that is about to get worse. Wearable technologies are already allowing the mining of data that can uncover secret installations. Now that Google has opened its Maps API, we are about to see Google Map integration to countless new games. The Internet of Things is already being deployed in household devices, and these will often be insecure and easily hackable. Smart Cities are just an euphemism for “always-on pervasive surveillance”.
What should we do to redress this Orwellian dystopia? I have to admit that I tend to be sceptical about most regulatory and legislative solutions. Most data protection legislation relies on consent, but it is difficult to gain meaningful consent when people sign up to apps giving permission for all sorts of misuse, often willingly. I have always been a critic of cookie legislation and other similar solutions because you give just a pretence of privacy, it becomes another nagging screen that you ignore without reading. It looks like GDPR might have more bite, but either consent will still be sought through nagging, or companies will willingly pay fines as a tax, the profits to be made from data are just too juicy to give up.
However, I am not advocating doing nothing, but understanding the scale of the problem is one part of the solution. We should be mindful that unless there is a drastic change in surveillance capitalism and the prevalence of data markets, this situation will not go away, regardless of how many people abandon Facebook.
It often surprises friends and colleagues that I am not a privacy advocate, and I often approach data and privacy from a pragmatic perspective. The first thing is perhaps to understand just how much information you are giving away. I always assume that my Internet habits will be collected by someone, be it my ISP, my employer, or my VPN company, this is a fact of life. I own a mobile phone with lots of apps, and I try to see what permissions are given to each one, but I rarely deny any. I use some loyalty cards. I have Google Pay and use it nowadays for almost everything. I use Gmail and Google Calendars and Google Maps. On the other hand, I always use ad blockers, sometimes even three layers of protection; and I will not buy IoT devices and personal assistants like Alexa.
Why am I being so open you may ask? Perhaps because for all its reach, technology seems to understand so very little about who we really are. I downloaded and looked at my Facebook data, and found a laughably inaccurate picture of my life. YouTube seems to think that I am an 18-year-old gamer obsessed with esports and movie trailers, while Twitter seems to think that I am a woman looking to buy an expensive car. By living an unusual life, I have managed to confuse the algorithms. I’m sure that ISPs and Google will have a more complete image of my true self, but for the most part I am happy to leave things as they are. You could say that one strategy is to obtain privacy through obfuscation.
Having said that, maybe our own expectation of privacy is what is mistaken. Privacy after all is a modern affectation, and throughout history most of humanity lived without any. In an age where surveillance is everywhere, and where privacy may very well be dead with no hope of ever coming back, what we should strive for is transparency at all stages of collection and storage. This is indeed where legislation can have a positive effect.