For the Love of Privacy

Thoughts for the Organizers of Privacy Forums

With the New Year upon us, we look back on 2018 as the year the conversation around digital privacy went mainstream. In the second half of 2018, we attended several privacy conferences here in Europe. Here are some reflections and comments:

The first question we have is this: What were these conferences trying to achieve? Was it to educate the public about GDPR … to provide law consultants with business opportunities around GDPR compliance? Or, was the purpose to draw attention to the privacy issues and to urge people, the industry and politicians to really take responsibility and do something about those issues?

As we see it, GDPR has been a good first step in Europe. However, in practice, it has not changed how much Facebook and Google continue to monitor and surveil us on and offline. We now also know, after recent revelations, that Facebook is sharing large amounts of user information to many other companies including mobile manufacturers. This makes it very likely that many governments also have access to a lot of user information. And anyone can see what risks that kind of exposure carries.

A large part of the Internet is ad-based today, which means that user data is the Internet’s greatest asset. Knowledge of the user, in other words, has enormous value, and is the most important capital for the ad-based economy. A multitude of businesses with whom we have no agreement, collect our data both online and offline, and sell it (without our consent) to companies like Facebook, Google and others.

All this to suggest that a primary aim of a privacy conference should be to inform and educate the audience on how the whole of this ad-driven economy works, and what impact it has on the individual and on democracy. A Privacy forum should really drive change around the issues discussed. We are not sure we have seen adequate ambition here.

To be more specific, at several of the conferences, representatives from both Facebook and Google were invited to speak. The messages were similar: “We are good guys and there is nothing to worry about” was the gist of it. For us, inviting the likes of Google and Facebook to speak on the subject of privacy is a bit like inviting Philip Morris to a cancer conference to talk about cigarettes as the cure for cancer. We know, after all the hearings and investigations that have taken place, that these organizations don´t necessarily tell the truth, or they hide the truth. Instead of addressing the issues and specific questions around protecting users’ privacy, for example, they tend to skirt them by making empty statements like “at [my company] we are very concerned about privacy.” As an audience member, I found the lack of transparency to be mildly insulting.

The truth is: we are quickly losing our rights to freedom and privacy across the globe – surveilled by businesses and governments to a degree we never have experienced before. It is my view that you, the organizers of privacy forums, have a unique opportunity in 2019 and beyond – and a responsibility – to lead and encourage meaningful discussion around the issues, to educate people and society on the problems and the dangers associated with this ad-based economy, to help make people aware of the impact it has and will have on our private lives and on democracy, and ultimately to drive critical change.