Privacy – a luxury or a human right?

By Samah Rahman

While at one time, blurring of the online and offline space was the sensation, the age of ‘hey Google/hi Siri/excuse me, Alexa’ is experiencing a significant tech-backlash. In 2017, we learned that Facebook allowed Cambridge Analytica to leverage user data to manipulate public sentiment around major world events. There is now a newly cultivated air of caution among consumers who use “quantified self” devices (think smart watches and fitness trackers) to learn more about themselves. These machines serve as a platform to diarize and measure daily exercise, nightly sleep, and other routines. This also means that manufacturers of these products are privy to sensitive data about users and their habits. Consumers are now demanding answers to questions about their privacy: how is this data stored; who has access to this data; how is this data used; and how is consumer privacy protected?

The Human Data Commons Foundation, a nonprofit organization seeking to build an equitable digital future, responded to such queries in their third annual Quantified Self Report Card. The Report reviewed 18 leading companies on how the makers handle sensitive data generated by their users. The Report Card graded companies out of 30 on their protocols surrounding: a) legal rights, b) data collection and sharing, c) data access, and d) security protocols.

The results of the Report revealed that despite the climate of consumer distrust and caution, these companies lag behind in addressing the holes in their privacy policies. It was found that many companies combine fitness data with information from social media, to create habit portfolios. Such data is then shared with third parties such as insurance companies, or the police, in aid of investigations. As a securities measure, some companies have attempted to implement the European Union’s General Data Protection Regulation which allows for a “right to erasure” or a “right to be forgotten”, which means users can request their personal data be deleted. However, the consensus in the Reports is that it is increasingly difficult for users to opt out of, or protect against these privacy breaches. Long story short: companies are still not doing enough to protect their users.

As an exception to these findings, the Report ranked Apple in first place, with a mark of 25/30. Greg McMullen, co-author of the Report noted that Apple’s attempt to harness privacy as a competitive advantage is good for their users. Of course, not everyone can afford Apple products to invest in their privacy. McMullen warned of the risks that come with using privacy as a marketing tool; “privacy should not be a luxury, privacy is a human right,” he said. Samsung and Moov, arguably more “affordable” brands, finished at the bottom of the class with marks of 6/30. Both companies had aggressive data collection and sharing practices. On this disparity, the Report stated that: “in addition to excluding people who can’t afford the price of privacy, this risks creating a class of people who feel insulated from the negative effects of surveillance capitalism and are less concerned about creating effective legal protections.”

To undercut this “protected class,” consumers should leverage their purchasing power to demand protections against the misuse of their personal data, and the legal profession in turn, should advocate for changes in policies and legislation in support of this goal.