Imagine for a moment that I am looking over your shoulder at your computer screen. I can see you, but you can’t see me. Sure, you might know I’m there, but you don’t really think about it – perhaps you’ve forgotten about me, or just grew used to my presence.
On your screen, I can see your complete browser history – every website you’ve ever visited, even the ones viewed with “incognito mode” turned on. I also know your name, date of birth, sexual orientation, every place you’ve ever lived, everyone you contact, and everything you buy, online and off. I can also see your smartphone, which tells me where you’ve been, who you call or text, which apps you use, and more. All told, I know more than a thousand tidbits about your life.
I have all of this information collected into files about you. Sometimes I share those files with other people. Sometimes they pay me for that information.
One day, you realize what I’ve been up to. So you stop by my house and ask to see your files. “Oh, I just can’t do that,” I tell you. “That would simply be too much trouble.” Besides, I say, there is no law that requires that I tell you what I know about your life. And that information was given to me voluntarily – you agreed to hand it over when we first met, remember? You don’t, but tough luck. Now leave me alone.
Stranger than fiction
This is a true story. Rather than me looking over your shoulder, however, it’s thousands of companies – advertising networks, Facebook and Facebook apps, mobile apps, Google and Google apps, data brokers, and more. And while some of these companies do allow you to find out what information they’ve collected about your life, you remain at their mercy – gaining access to your file, if possible, usually isn’t easy, and sometimes carries a fee. Other times the information you receive is only a fraction of what the company has on you. Most of the time, access is simply not an option.
If this doesn’t make you angry, it should. And it’s long past time for this imbalance of power over our information to come to an end.
Think about the issue of user data collection and use in terms of “control” – not just control over the data, but control over our lives.
Like other consumer rights advocates, including the Electronic Frontier Foundation and the American Civil Liberties Union, I strongly support “Right to Know.” Problem is, we need precisely this kind of law at the federal level – and for now, it doesn’t look like that’s going to happen.
Privacy vs. control
Debates about data collection inevitably center around “privacy.” While privacy is important, it is also a problematic concept – privacy likely means different things to each of us, rendering discussions about its importance meaningless. Instead, let’s think about the issue of user data collection and use in terms of “control” – not just control over the data, but control over our lives.
Here’s the thing: The life details collected about us are not just used for serving targeted ads and search results; they are defining who we are to the world at large. In turn, the world is placing us in an increasing number of boxes – safe and risky, big spenders and low spenders, high performers and underachievers, on and on. These details are used to determine all types of important decisions: whether we should qualify for loans, whether we deserve to get a job, or even how much we should pay for a particular product or service.
The problem here is not that companies are using data and algorithms to figure out which customers to target or with whom to do business; it’s that many of us have no way of knowing that our information will be used in this way; and far too often, the information is entirely incorrect.
Barriers to entry
Because the U.S. currently lacks privacy laws like “Right to Know,” we are left completely ignorant to the ways in which our data is used to define us, and completely powerless to change incorrect data. This must change.
Our politicians know the status quo is broken. In February 2012, the Obama administration proposed a “Consumer Bill of Rights,” which puts us firmly in control over our data. This was soon followed by a list of policy recommendations by the Federal Trade Commission (PDF), which offered further remedies to the problem of data collection and dissemination. Despite this, not a single new federal law has come to our rescue.
This inaction likely stems from opposition in the business sector. Businesses are not happy about “Right to Know,” for example. According to the Wall Street Journal, a coalition of powerful trade groups, including the Internet Alliance, TechNet, and TechAmerica, sent a letter to the bill’s author, Democratic assemblywoman Bonnie Lowenthal, arguing that the bill would leave technology companies vulnerable to lawsuits. Some say the bill’s requirements would add crippling burdens on companies, which would hurt innovation and kill jobs.
It is difficult for me to care about these woes. Thanks to European privacy laws, any company that has customers and users within the European Union already does business in this way. If new businesses need to learn how to disclose our data properly and cheaply, there are professionals in this world who can walk them through the process. Furthermore, these companies are often getting our data for free, so if they have to hire a whole team of people to deal with requests for our data, that seems like a fair trade.
What is not fair is allowing anyone to peek over our collective shoulder, and then refuse to even tell us what they saw. What is not fair is categorizing people based on information they don’t know they have shared – or, worse, information that is entirely false – which can have profound effects on their lives. What is not fair is allowing this imbalance of power to exist.
For Californians, “Right to Know” is a step in the right direction. It’s time for our leaders in Washington to let the rest of America walk along with them.