autonomy, privacy, the symbiotic web

Autonomy, Privacy and the Symbiotic

Web

Paul Bernal - LSE

The internet is an intrinsic part of modern

lifeInteractions with government, from tax returns and claims to access to health services

Discounts, beneficial rates, some shopping services, delivery services only available online

Access to information is faster, more extensive

You CAN exist without online access, but you will be increasingly disadvantaged

Autonomy should mean the freedom to access modern life - so we should be ‘free’ to enjoy the internet...

The internet and personal data

More data is being collected, and in more ways and by more organisations than ever before

The data that is gathered is being used in more ways than ever before

All of these trends are increasing, without any sign of slowing

Does this represent a threat to autonomy?

The Symbiotic WebA new model to understand this phenomenon - it helps explain:

Why so much data is gathered

The principle commercial uses to which it is put

Some of the ways it might be used in the future

Why so much data collection and use is covert

The difficulties our legal and regulatory systems have in controlling it

The threats to our privacy and autonomy that arise through it

Symbiosis

Where two different kinds of organism exist together in a state of mutual dependence

Symbiosis can be mutually beneficial - but can also become parasitic, and detrimental to one of the parties

The Symbiotic Web

Individuals and commercial enterprises are mutually dependent:

Enterprises have built business models reliant on a currency of private data

Individuals depend on ‘free’ access to many services - from search engines to price comparison web sites, email to YouTube

Users

Web 1.0

Content Providers

The Symbiotic Web

User/Contributors

Web 2.0

Content Providers

The Symbiotic Web

User/Contributors

Web 2.5Content Providers/

Information Gatherers

The Symbiotic Web

User/Contributors Web 2.5

Content Providers/Information Gatherers

The Symbiotic Web

A fractured web?

Individualised advertising, content - and links

For search engines, for example, different search results - or search results in a different order

Overall, the effect is more than just on the individual page, but on the navigation and the whole web experience

Not in the control of the user, but of the web providers

The origins of the Symbiotic Web

Business models of Google and Facebook

Other businesses trying to emulate them

Not an expected development - many (including the EU in their E-money Directive) were expecting a big need for online micro-payments. These have not really materialised on any scale

Data and the data gatherers

Search data - search engines

Clickstream data - ISPs and web providers

Communications data - email, telephony, chat

Social data - social networking sites

Commercial data - transactions AND ‘browsing’ data

‘Habitual’ data - Google maps etc, YouTube etc.

Competitive drives

The understanding by businesses that personal information has commercial value

Organisations gather more and more data, not just for specific current or planned uses, but speculatively

Once the data has been gathered, there is a drive to find more uses for it, to take advantage of your ‘assets’

New businesses developed for aggregation and profile generation - and to help other businesses use data

Competitive drives

As competition develops, so do competitive and anti-competitive practices - alliances, cartels etc Beacon and Phorm are prime examples

Drive for more ‘tailored’ services - and potentially price or service discrimination

The need for covertness - when customers know what is happening, they often object. Beacon and Phorm are again examples.

As competition increases and margins fall, less attention may be paid to ‘ethics’

ConsequencesA burgeoning market in data - one about which users are being kept deliberately unaware

Much more data is being held - and hence is vulnerable

New data types are emerging - profiling data in particular - which has more significant vulnerabilities. Better targetted scams are more likely to succeed

New kinds of risks are emerging - ‘Back-door Balkanisation’ is just one example

Solutions?

Break the dependence - through stronger, better enforced laws?

Change the paradigm - effectively give up on privacy. Accept that this is happening, enjoy the positives, penalise excesses.

Weaken the dependence - strengthen the rights of individuals, particularly in terms of consent and rights to be informed

Do very little - allow norms and markets to redress the balance. This may be happening already - e.g. Google reducing data holding periods

A rights-based approach?

Human rights should extend to the internet

Appropriate rights need to be developed:

A ‘right to roam with privacy’ - i.e. without data being gathered about you

Stronger data protection laws - including stronger requirements for informed consent, and rights to have data deleted

A new paradigm where privacy is taken seriously - and becomes something that companies gain from

Autonomy, Privacy and the Symbiotic Web

•Paul Bernal

•p.a.bernal@lse.ac.uk

•CCJHR Postgraduate Conference