How policymakers can restore public trust in data privacy
The digital and data-driven economy has had a significant impact on our privacy. Siân Brooke from the Oxford Internet Institute at the University of Oxford examines how policy professionals should respond.
In her latest project with Dr. Carissa Véliz, ‘Data, Privacy, and the Individual’, Oxford Internet Institute doctoral student Siân Brooke, together with a team of international researchers, joined forces under the auspices of the Center for the Governance of Change (CGC) to gain a better understanding of the importance of privacy and how policymakers can better protect personal data in the era of the data economy.
Ethicists and the public agree that privacy is a right that deserves strong protection.
Citizens are unsatisfied with how their data is being used by both companies and governments. Institutions wanting to regain people’s trust need to better protect citizens’ privacy. As data scandals continue to emerge, questions abound as to how to interpret and enforce regulation, how to design new and better laws, how to complement regulation with better ethics, and how to find technical solutions to data problems.
Our recent project explored some of the key ethical questions posed by today’s emerging technologies, and analyses new technical methods that governments and companies can use to profit from information while respecting regulations and maintaining the trust of both their clients and citizens.
The report proposes a series of data principles for companies and governments, based on seven individual research papers on privacy. Each paper offers a set of reflections and recommendations for policymakers to implement with best practices regarding privacy. The proposed data principles include fundamental measures such as; collecting as little data as possible, and collecting the least sensitive data possible; having a plan to delete data and storing data for as little time as possible; and not selling or sharing data with third parties without the explicit consent of data subjects. Other recommendations include informing data subjects of an organisations’ data practices and ensuring data subjects are aware of the risks involved when giving up their data.
Two phenomena have converged to give rise to an economy where our most private information is available for purchase. Metadata have been used to develop personalised advertising, and used by authorities to police us in the name of security.
Getting privacy right is one of the biggest challenges of this new decade. The past years have shown that there is still much work to be done on privacy to tame the darkest aspects of the data economy.
Today our privacy is under near-constant scrutiny. Many modern communication technologies promise security, but the last few decades have been characterised by a progressive erosion of privacy. Two phenomena have converged to give rise to an economy where our most private information is available for purchase. Metadata – or traces left by our interactions with technology – have been used to develop personalised advertising, and used by authorities to police us in the name of security.
Public opinion and privacy
As part of our research project, we conducted an online survey of 1,107 people, mostly Americans and Europeans, about their views on privacy.
The headline findings reveal that people care.
Across continents, age, gender, and levels of education, people think privacy is important. An overwhelming 82% of respondents deem privacy extremely or very important, and only 1% deem it unimportant.
Another key finding from the survey shows that privacy-related negative experiences online are extremely common, with nearly a quarter – 23% – of people experiencing unauthorised access to their accounts.
Furthermore, trust in online platforms and internet companies is remarkably low, with only two of the most trusted brands just reaching the halfway mark on a satisfaction scale in which they were marked from 1-10 (pictured right).
The survey also explores public opinion on the role of government in relation to data collection.
The majority of people believe that governments should not be allowed to collect all citizens’ personal data. Over half of respondents (55%) think that governments should only be allowed to collect the data of criminal suspects, as opposed to everyone’s data, with Europeans being slightly more likely than Americans to find some uses of bulk data collection acceptable.
Data and the digital economy
Today more than ever, data is the main fuel of our digital economies. Our financial transactions, movements, communications, relationships and interactions with governments and businesses, both online and off, generate data that is collected, bought and sold by data brokers and corporations interested in profiling individuals.
Right now, governments and technology companies across the world are developing and deploying new ways of using data to help manage – and emerge from – the Covid-19 pandemic.
As the collection and analysis of data becomes more sophisticated and accurate, and as data sets grow to become big data, the opportunities for the future seem infinite. The risks, however, will also continue to increase as information being handled about individuals is likely to be extremely sensitive.
Although no amount of principles can replace the judgment of an adequate ethics committee for policymakers assessing the ethics of privacy in a particular context, the recommendations set out in our report can serve as a start for those looking to develop better data practices.
A major government-commissioned study found that about half of UK organisations are lacking basic security skills. PublicTechnology talks to the researchers behind it to find out where...
We are approaching the fourth anniversary of the foundation of the NCSC and the threats it was created to respond to loom larger than ever. PublicTechnology examines the growth of the UK’...
The UK has tended to only introduce data-protection laws in conjunction with EU legislation and, according to Ray Walsh from ProPrivacy, the post-Brexit world may see the country prioritise...
Introducing a dedicated week of features, interviews and exclusive research
CyberArk's David Higgins explores the cyber risks of hiring independent contractors
PublicTechnology talks to Rich Turner about why organisations need to adopt a ‘risk-based approach’ to security – but first make sure they get the basics right
CyberArk's John Hurst looks at the true cost of GDPR breaches