Data Privacy – The Way Forward

In recent years, data privacy has become a prominent concern for netizens across the globe. Studies indicate that the overall level of trust in anything digital is at an all-time low, and the everyday news we hear about data breaches and misuse of data further contributes to this declining level of trust. As common folks, our first reaction is to blame the tech industry for bringing about this ‘trade’ of data, but before we do that, it is important to understand how we got here. During the early days of the Internet, making information free for all was an important consideration. The intent was indeed good, and companies started digital advertisements to cover costs. However, soon the investments required to keep up with the demand and build scale drastically shot up. So, instead of charging consumers for various services, tech giants start monetising the data they collected while providing the services free to consumers. Several forward thinkers did flag the risks involved, but most of us seemed to be comfortable enjoying free services while our data was being monetised in different ways. I recently read a quote, “If you are not paying for it, you are the product!”, and we had all become products in our pursuit for free services.

The tipping point

For quite some time, this arrangement continued, albeit with multiple red flags here and there, until the news of large-scale data analytics for influencing elections hit a raw nerve with consumers. This is when the harsh reality of several companies misusing our data started to draw upon us. In this backdrop, the pertinent question is – “Is it fair to put the entire blame on large technology companies?” We the subscribers of these services allowed these companies to scale to the current levels, meaning we were an active part of the entire process. Therefore, if we have to bring about a positive change in the data privacy scenario, it is very essential that all of us play an active role. I think it is time to reset the clock and challenge the business model of free services in return for misusing our data.

Power Imbalance

Well, clearly the solution is not to say that we will no longer share our data – because we are beyond that point. Plus, insights from data, when used appropriately, can be very beneficial, particularly to segments of society that are not currently served well. However, the value stream should be much clearer. The choice of what data to trade for what value is something that should be left to the individual’s decision. Data privacy laws like GDPR are a good start. However, at the time of downloading an app, there is an urgency for the subscriber to use the service. Presenting ‘Terms and Conditions’ that run into several pages at this stage creates a power imbalance and the users are under pressure to accept it without clearly understanding what it covers. So, what can be done?

The Solution

If you look at the food industry, product manufacturers are mandated to indicate the ingredients on the wrapper of the product, so that consumers can easily understand and then decide whether to buy or not. What we need is a similar mechanism for digital products. Imagine a standardised categorisation based on the purpose for which collected data will be used. Once established this categorisation should be published along with the listing of every product. E.g. a product that uses data only for enrolment could be level 1 usage. There could be another product with Level 2, that will be Level 1 + internal marketing. Similarly, there could be a Level, say Level “n”, where your data can be used for anything the company wants. With this standardised categorisation, one can easily understand how the data will be used by the product, understand the tradeoffs compared to the value offered by the product and then decide to use it or not. I strongly feel that some simple yet practical steps along these lines should be quickly brought out to benefit from all the data privacy regulations and discussions.

While there is still a debate on who owns personal data, it is very clear that as individuals we have to start taking ownership of our data and its access that we grant to others. It is also important that we keep this conversation going till such time citizens, companies and regulators realise their respective role in data privacy and act responsibly when it comes to usage of personal data.

Do you have some other suggestions? Share your thoughts and comments below.