Date: Apr 17, 2018
Source: The Daily Star
Shaping a different future for online privacy
Jeffrey D. Sachs

Chris Hughes, a co-founder of Facebook, recently noted that the public scrutiny of Facebook is “very much overdue,” declaring that “it’s shocking to me that they didn’t have to answer more of these questions earlier on.” Leaders in the information technology sector, especially in Europe, have been warning of the abuses by Facebook (and other portals) for years. Their insights and practical recommendations are especially urgent now.

Facebook CEO Mark Zuckerberg’s testimony before the U.S. Senate did little to shore up public confidence in a company that traffics in its users’ personal data.

The most telling moment of testimony came when Illinois Sen. Richard Durbin asked whether Zuckerberg would be comfortable sharing the name of his hotel and the people he had messaged that week, exactly the kind of data tracked and used by Facebook. Zuckerberg replied that he would not be comfortable providing the information. “I think that may be what this is all about,” Durbin said. “Your right to privacy.”

Critics of Facebook have been making this point for years. Stefano Quintarelli, one of Europe’s top information technology experts and a leading advocate for online privacy (and, until recently, a member of the Italian Parliament), has been a persistent and prophetic critic of Facebook’s abuse of its market position and misuse of online personal data. He has long championed a powerful idea: that each of us should retain control of our online profile, which should be readily transferable across portals.

If we decide we don’t like Facebook, we should be able to shift to a competitor without losing the links to contacts who remain on Facebook.

For Quintarelli, Cambridge Analytica’s abuse of data acquired from Facebook was an inevitable consequence of Facebook’s irresponsible business model.

Facebook has now acknowledged that Cambridge Analytica was not alone in having exploited personal profiles acquired from Facebook.

In personal communications with me, Quintarelli says that the European Union’s General Data Protection Regulation, which takes effect on May 25, following six years of preparation and debate, “can serve as guidance in some aspects.” Under the GDPR, he notes, “noncompliant organizations can face heavy fines, up to 4 percent of their revenues. Had the GDPR already been in place, Facebook, in order to avoid such fines, would have had to notify the authorities of the data leak as soon as the company became aware of it, well in advance of the last U.S. election.”

Quintarelli emphasizes that “effective competition is a powerful tool to increase and defend biodiversity in the digital space.” And here, the GDPR should help, because it “introduces the concept of profile portability, whereby a user can move her profile from one service provider to another, like we do when porting our telephone profile – the mobile phone number – from one operator to another.”

But “this form of ownership of one’s own profile data,” Quintarelli continues, “is certainly not enough.” Just as important is “interconnection: The operator to which we port our profile should be interconnected to the source operator so that we don’t lose contact with our online friends. This is possible today thanks to technologies like IPFS and Solid, developed by the web inventor Tim Berners-Lee.”

Sarah Spiekermann, a professor at the Vienna University of Economics and Business (WU) and chair of its Institute for Management Information Systems, is another pioneer of online privacy who has long warned about the type of abuses seen with Facebook. Spiekermann, a global authority on the trafficking of our online identities for purposes of targeted advertising, political propaganda, public and private surveillance or other nefarious purposes, emphasizes the need to crack down on “personal data markets.”

“Ever since the World Economic Forum started to discuss personal data as a new asset class in 2011,” she told me, “personal data markets have thrived on the idea that personal data might be the ‘new oil’ of the digital economy as well as – so it seems – of politics.” As a result, “more than a thousand companies are now involved in a digital information value chain that harvests data from any online activity and delivers targeted content to online or mobile users within roughly 36 seconds of their entry into the digital realm.” Nor is it “just Facebook and Google, Apple or Amazon that harvest and use our data for any purpose one might think of,” Spiekermann says.

“‘Data management platforms’ such as those operated by Acxiom or Oracle BlueKai possess thousands of personal attributes and socio-psychological profiles about hundreds of millions of users.”

While Spiekermann thinks “personal data markets and the use of the data within them should be forbidden in their current form,” she thinks the GDPR “is a good motivator for companies around the world to question their personal data sharing practices.” She also notes that “a rich ecosystem of privacy-friendly online services is starting to be up and running.” A study by a class of WU graduate students “benchmarked the data collection practices of our top online services (such as Google, Facebook or Apple) and compared them to their new privacy-friendly competitors.”

The study, she says, “gives everyone a chance to switch services on the spot.”

Facebook’s immense lobbying power has so far mostly fended off the practical ideas of Quintarelli, Spiekermann and their fellow campaigners.

The recent scandal, however, has opened the public’s eyes to the threat that inaction poses to democracy itself.

The EU has taken the lead in responding, thanks to its new privacy standards and proposed greater taxation of Facebook and other peddlers of online personal data. Yet more is needed and feasible. Quintarelli, Spiekermann and their fellow champions of online ethics offer us a practical path to an internet that is transparent, fair, democratic and respectful of personal rights.

Jeffrey D. Sachs, university professor at Columbia University, is director of Columbia’s Center for Sustainable Development and the U.N. Sustainable Development Solutions Network. THE DAILY STAR publishes this commentary in collaboration with Project Syndicate © (www.project-syndicate.org).
 
A version of this article appeared in the print edition of The Daily Star on April 17, 2018, on page 7.