In the Future We Have No Privacy

Which would you guess is our privacy future?

Sorry privacy advocates, according to some of the best minds in privacy, option #1 is the correct answer.

Earlier this week I participated in discussions on the future of the privacy profession. The intentionally provocative presentations laid out a utopian future where big data is solving world problems, employees collaboratively interact with data, and corporate traveling moms get intimate time with their children from remote locales. All thanks to future technologies.

We’ve all seen these scenarios before, and they are entertaining to consider, but what struck me in the larger context of the presentations was the absence of any sense of hesitation on the part of the “future” user to share just about everything they do with some unknown corporate entity. In fact, that specific aspect was of particular importance to some parts of this utopian vision: Without the participant’s willingness to freely share their personal data, the future scenario just didn’t exist.

More surprising however were the discussions following the presentations. The group discussed what that vision would mean to the privacy professional. Among the chatter was the clear consensus that the concepts of notice and consent (e.g. privacy policies and obtaining permissions from users) were summarily dismissed as an outdated notion.

Whoa! Consider that the people in the room were many of the thought leaders in the fields of data privacy and governance. These are the professionals whose job it is to assure the appropriate use and security of personal data within their organizations. Many of these folks report directly to the CEO—these are not low level compliance and audit employees, these are strategy leaders.

Granted all of that was speculative talk of the future, not our present reality. The current reality is that the FTC is getting tougher with enforcement on privacy violations, President Obama recently announced a Privacy Bill of Rights and the EU is attempting to strengthen it’s already stringent Data Directive. This dovetails with a growing sentiment among the general public who increasingly disapprove of things like the use of personal data for corporate profit as well as fears over big data analytics.

Though, dashing the hopes of those individuals who are counting on laws, regulations and enforcement to protect their privacy, Wired just published a scathing article detailing why the FTC is not likely to be much help. You should read the article, but this quote from Jonathan Mayer sums it up nicely: “The FTC doesn’t strike fear into the heart of tech companies. They know that as long as they stay within lax boundaries, it’s unlikely the FTC will bring enforcement actions against them.”

Enforcement in the US is weak. Adoption of the EU Data Directive is haphazard and difficult to enforce. Leading thinkers in data privacy believe notice and consent is outdated and unworkable. The promise of big data looms which will further erode privacy. Biometrics are improving at a breakneck pace which also erode the ability to remain anonymous. All roads are pointing to a world where privacy won’t be an option and we are all going to have to accept "option #1” whether we want to or not.

Happy Independence Day!

 
0
Kudos
 
0
Kudos

Now read this

Calls from EU Will Fall On Deaf Ears

The European Commission published a press release today expressing its desire to begin negotiating for more international representation on the functions that governs the Internet. I think the intent of the release is something worth... Continue →