We live in an online world, where increasingly the value proposition as users is a trade of our information and attention. In exchange for our time and attention – we receive this value – the free-use of innovative, fun or useful services online. I’ve mentioned this issue of “Data Harm” previously, and briefly in my “Read Our Lips: You Are The Product” Post.
In my “Snowden 101” post, I mentioned the idea of narrowing in further on what actual harms can come to individuals as Data Subjects as an interesting privacy issue on its’ own.
It may be that the issues of Data Privacy get co-mingled with those of Data Security issues, relative to end user harm. I don’t think there is any question that Data Security issues are more clearly correlated with risk and harm. If my financial account credentials are stolen, I can lose specific property and assets. Data Security events lead to things well defined under law, such as “theft”, where the “harms” are very clear.
Data Privacy issues however are different, and squishier – yet it seems as users we are no less vocal about them. Even more vocal in some ways.
With Data Privacy issues, it’s a question of the impacts to us on how our data is used. The use of our data related to our activities on line. When we interact with websites, we are either anonymously tracked and profiled, or discretely and uniquely tracked for this purpose. We get creeped out by the idea that we are being “tracked and profiled”. No doubt, the offline analogies to that are very concerning. But online, anonymously, are the impacts as impactful or dangerous?
What is the intent of online tracking and profiling though? Primarily, it’s for serving more relevant and targeted advertising. And, to that end, what could the harm be in that? Is there harm in serving a more targeted advertisement? Should users be creeped out by this?
As you can tell, I’ve not clearly constructed the issues for a good dialog – but I’m writing here about it, because I’m starting to.
I’ll be attending this event in early 2014:
The New Frontiers of Privacy Harm
A Center for Law, Technology, and Entrepreneurship at the University of Colorado
Here’s the overview:
What harms are privacy laws designed to prevent? How are people injured when corporations, governments, or other individuals collect, disclose, or use information about them in ways that defy expectations, prior agreements, formal rules, or settled norms? How has technology changed the nature of privacy harm?
I find this issue fascinating – and as we continue to steam ahead as an online-enabled society – making determinations in this area are critical.
I’m hopeful of a day where the concepts of Fair Information Principles (see references from Wikipedia or EPIC) are connected end-to-end, from the up front management of user expectations, with Notice and Choice and other disclosures made clear upon the initiation of a relationship – through the execution of those promises.
There still seems to be a lot of concern, some noise and hyperbole no doubt, and much legitimate, about online tracking. Despite that, I’m not sure the line has been drawn all the way to the end, clearly enumerating the types of actual “harm” that can come to an end user or consumer.
What do you worry about online with regard to behavioral tracking for advertising? Are you creeped out? Is it a fair exchange for access to things like Facebook, Twitter or Linked In?
Let me know, I’d love to know what people think!