Personal data privacy has become a major concern for people across the globe. When corporations amass personal data, many things can happen. Recently, in California, a murderer was brought to justice all because private companies had collected data from a wide swath of people and made it available.
Now, there are two things to say here first:
- It is great news that the Golden State Killer has been brought to justice after a crime spree that started in 1975, continued for years and was unsolved for decades;
- and everybody should be considering how their data is used when it is centralized by corporations.
In the United States, for years, the collection of personal information has been anathema to the sense of Freedom and Liberty declared as the highest goals of the Founding Fathers. Gun rights advocates have fought tirelessly to make sure there is no State or Federal database of gun owners, fearing that one day jack-booted government thugs would come around to take them.
The foundation of this is the 4th Amendment in the Bill of Rights against Unreasonable Search and Seizure. In the United States the government authorities cannot round-up people while searching for a criminal. This kind of drag-net violates the rights of Americans. In order to be detained, or even investigated, there must be some evidence of transgression of the law.
Yet, this case was cracked using ‘forensic genealogy’. Police in Sacramento submitted a decades old DNA sample to a private database, using a fake account. The genealogy website allows private citizens to voluntarily submit their own genetic data to identify potential blood-relatives. Once the police identified genetic relatives of the suspect, they were able to narrow the field of potential suspects, and eventually capture their criminal.
This leads to a slew of data privacy issues
One of them is that NONE of the people who contributed their genetic material to this website did so for this purpose. It is also doubtful that the acceptable use agreement you must accept before creating an account would allow for ‘fake accounts’ – and, if submitting someone else’s DNA without permission is not disallowed, it probably should be, as it’s a major personal data privacy violation.
Typically, in the United States, evidence gathered through an illegal search cannot be used during the prosecution of a crime, but this obviously went through. The morality of conducting drag-net DNA searches is dubious. So is the ownership of personal data held by these corporations.
Most of the time you have to forfeit most of your rights to gain access to their service, game, or whatever they are peddling to you. Additionally, these online companies (Facebook, Twitter, Google, Amazon, etc.) reserve the right to change their policy at any time. In fact, they do change their policies all the time; many annually. Or, at least they send you a note with about 20-50 words telling you it is being changed (updated), CLICK HERE TO ACCEPT.
But the problem is that the 20-50 words represent, often 1,000s of words of legal contract regarding your rights, or the limit therewith, over ‘your’ data. After all, their point of view is that once you load it on to _their_ platform they get to claim some kind of ownership over it.
The other thing that is a little disturbing is that these companies also reserve the right to ‘retroactively’ apply the new policy to data already submitted. Most of law does not work this way. If taxes are changed, they are changed going forward. If a new criminal law is passed, you cannot be prosecuted for something that was not a crime when you did it. You have to know the rules _before_ you can be held accountable to them.
Not in this ‘private’ relationship, though.
It feels that ALL of the power rests with the corporations. The consumer can either use the service or product, or not. But is that really fair?
In the ‘old days’ governments controlled the monopoly of telephone communications. Often this was in an attempt to prevent the exploitation of the consumer by a monopoly. It also, in the United States, was a tool to protect ‘the people’ from ‘the State’. Authorities required permission to violate someone’s privacy with a wiretap, and it was/is a crime for private people to ‘tap’ other’s private conversations. These laws are still on the books, but are woefully inadequate for the digital world we live in.
Today, some companies have the ability to read your email, documents, chats and posts. Typically, their goal is to monetize you by using automated tools to discover your interests and advertise to you. Those advertisements are their revenue stream, the advertiser is the customer, you are the product and the game/app/service is the incentive to relinquish your rights and allow them to monetize YOU.
This is not an old issue. When Google first announced that they were going to read people’s ‘free’ Gmail, there was an outcry over data privacy. It seems they backed down on that; who really knows if they read your email or not. Who cares? In the end, Google has far more useful and valuable ways to monitor your online interests and activities, primarily through their advertising and marketing analytics tools that are nearly ubiquitous in the online industry.
But what about new tools and new services – data privacy isn’t an issue, right?
Amazon has admitted to recording the audio stream from their Alex devices, but claim they keep it for only a short time, and for the purpose of improving their service. What is a short time? Why record it at all? And… Why would ANYONE want an open microphone to some commercial entity that has a purpose of making money off of them. Why would anyone purposefully allow a massive corporation to spy on their home and listen to every word spoken and every sound.
Sure, they have a privacy policy that _says_ they are not keeping recordings. Does it say they don’t make and keep transcripts? Or ‘word-clouds’, which would be incredibly useful for targeted advertising. What about the video and audio from millions of doorbells?
We would not allow our government to do that, but we surrender willingly, in fact we pay, to allow corporations with budgets and revenue streams larger than many small countries do pretty much anything they want.
At what point is it too much?
The problem is, there is often no (easy) way to do what you want to do without selling out. You want home security? Pay a service to come in and install it or do it yourself. If you do it yourself, what are the tools on the market? What are the easiest or most complete?
Right now those are the ones that drag all of your data back to a central ‘authority’ that you have granted the right to spy on you. The fact is, technology can be developed to put the power of convenience and security in your own hands. Someone just needs to build it.
