Privacy Is Not Your Responsibility
The idea that you have control is an insidious illusion.
Privacy invasion is the subject of an excellent article last week from The Times’s newsroom about an app from the University of Alabama that’s “using location-tracking technology from students’ phones” at football games “to see who skips out and who stays.” Basically: Alabama’s football team routinely obliterates weak competitors at home games; students leave the stadium early to go drink; the school wants them to stay. So they built an app that issues rewards points for staying, which, in turn, gives users access to better tickets for the big games at the end of the year.
It’s an interesting example of a truly consenting privacy invasion. The students know their location is being monitored and are getting something in return. This ostensibly straightforward exchange of goods and services is probably why Alabama’s athletic director told The Times that “privacy concerns rarely came up when the program was being discussed with other departments and student groups.”
It may seem as if there are no real losers here, but as Adam Schwartz, a lawyer for the Electronic Frontier Foundation, said in the article, the app sets a bad precedent by offering an incentive for students to give up their privacy. “A public university is a teacher, telling students what is proper in a democratic society,” he argued.
I’ve been thinking a lot about Schwartz’s critique in recent days and how it could apply broadly to Silicon Valley, advertisers, and those who seek to exploit data. Whether it’s downloading an app or monitoring browsing behavior with cookies or pixel trackers, the decision to use this technology is framed as something you opt into. It’s a choice. But when technology is everywhere, it’s hard to know how much free will we really have. Over at OneZero, Colin Horgan makes this argument eloquently:
The more indispensable an internet connection becomes, the less choice we have, which means we have less and less autonomy, a key element of being capable of exercising control over our lives. It’s difficult to expect someone to gain control over something they’ve never had the option to control in the first place.
Privacy is too often framed around choice and consent by those who are doing the invading. It puts the onus on the user. But the more I write and report on the issue, the more unfair this “personal responsibility” frame seems. We frequently present privacy as something you can protect yourself (see: this letter’s “tips of the week” section). But often tips like password managers or ad blockers feel like applying a Band-Aid to a gunshot wound. Even with privacy best practices, engaging with most technology and living life online means having your data exploited constantly — there’s no choice.
To really change the privacy conversation, the burden of data protection needs to move from individuals to institutions. Horgan argues that to do this, we need to shed the language of traditional tech marketing, which depicts users as being in control of their data (meanwhile, it’s the technology that’s described as “vulnerable” when it is hacked, exposing our information). “We need to realize it’s not technology that is vulnerable; it’s us,” he writes. “Every discussion of privacy has to begin there: We have no control. We are powerless and alone.”
That illusion of control is insidious.
The University of Alabama app may seem a minor thing, but it’s representative of the way bigger institutions offer incentives to exploit the very people they ought to protect. We deserve better. In the University of Alabama’s case, this means not putting students in a position where they’ll be rewarded if they sacrifice their location data with better seats at bowl games. For tech companies, it means not making us hand over our data as a requirement for participation in today’s internet.
From the Archives: “Privacy Policy Notices Are Called Too Common and Too Confusing”
This week’s archive pick is an article on analog (meaning, printed out on actual paper) privacy policies from May 2001. Turns out, before they were long online documents you accepted without reading, banks used to send them out in the mail. Guess what? Nobody liked them then either!
Many consumers, if they notice the notices at all, say they are unimpressed.
Dick Mills, a software engineer in West Charlton, N.Y., said that he read through the notices and found that despite banks’ promises to diligently protect his privacy, the kinds of third parties with whom they would share his data was disturbingly broad.
Some things never change. A lawyer and financial privacy expert, L. Richard Fischer, was asked by a reporter if the notices did anything to help consumers safeguard their privacy, and he was dubious:
‘’The honest answer is no, the notices themselves don’t,’‘ Mr. Fischer said. ‘’I’m going to be real shocked if the average American sits down and reads and compares 25 of them. I don’t, and I’ve got a morbid curiosity that leads me to do that. Hopefully, they’ve got more productive lives.’‘
Tip of the Week: Secure Your Digital Life in 7 (Easy) Days
Most weeks I round up a tip for you all — occasionally, it’s passed on by my excellent colleagues at Wirecutter or in the newsroom. I’ve received a lot of good feedback on this segment and one of the things I hear frequently is that, even with the best intentions, it’s hard to stay vigilant about keeping your information safe online. If you’re one of those people, I think you’re going to love this next tip, brought to you by a Privacy Project guest author, Thorin Klosowski.
It’s called Secure Your Digital Life in 7 (Easy) Days. The weeklong plan is designed with real people in mind, so you don’t need to be a privacy wonk. And the best part is that you’ll be reminded each day to accomplish your tasks — accountability! Here’s the full description in Thorin’s words:
We’ll send you a daily email with a simple step you can take that will improve your online security. We’ll teach you how to set up a password manager, enable automatic updates on your devices and secure your laptop so if you do lose it, a thief won’t be able to access your data. We promise it will be easy — no web-lingo, techy software or long hours spent staring into the internet void. Do it once, and you can be protected far into the future.
Check it out here.
What I’m Reading:
The first newsletter from the soon-to-launch The Markup savages the state of email newsletter tracking.
Is New York State about to gut its student data privacy law?
We’re living in an era of digital feudalism. Here’s how to take your data and identity back.
Post a Comment