Positive Privacy & Open Consent: Opportunities in Sousveillance
by Mark Lizar
Abstract
Commercial industry has run
rampant with abuse of personal information, circumventing laws, being opaque
about data sharing and surveillance practices.
Much of this is a result of poor regulatory enforcement, the terrible
accountability of government and dismal security oversight. As such, a rational approach to ‘Media
Agenda-Building, National Security, Trust & Forced Transparency" is
the development of trust and forced transparency in commercial practices
through bridging the legal requirements found in notice and consent laws. (See Appendix.)
Summary
Positive Privacy is
aggressive transparency, personal data control, withdrawal of consent to
process, the objection to profile. These
are opportunities in sousveillance, just like the tracking of police and public
figures can produce accountability, a strengthening of personal security and,
result in positive moves towards privacy, like what we have seen companies like
Google in terms of privacy transparency.
Positive Privacy, as opposed
to protectionisms like data protection, is about transparency, data control and
watching those that profile and watch us.
As surveillance, the tracking
of people, gets more ubiquitous and omnipotent, the systemic barriers to
sousveillance become weaker. The demand
for control of personal data by people become stronger, the market for
transparency becomes more lucrative and opportunities for sousveillance
increase.
Closed Consent: An Old Problem
The requirements for notice,
consent and openness are universal in privacy principles.
Even so, privacy policies
online are closed because they are customized, with no common format, hidden in
different places and often change without warning or a chance to consent to
their changes. These policies are used
to drive data surveillance practices that strip people of their data and
privacy.
Not only are people expected
to agree to policies that they don’t read, are held to terms of services they
can’t negotiate. People are expected to
pay twice, once with their money and a second time with their data.
The current system forces
people to login to each service provider separately; forces people to spread
personal information everywhere, share secret passwords and most abhorrently
maintain personal profiles of personal information for companies.
The systems of law that portend
to give peoples rights are implemented to do the opposite.
Open Consent: A new Sousveillance Solution
Open Notice is an effort to
create a common meta format for opening privacy notices by providing people
with consent receipts
so that people don’t need to read or understand long policy and terms documents. Or, login to each company to administer and
control their own data. Open Consent is
about enabling people with sousveillance; transparency over companies and their
data surveillance and sharing policies. Through transparency, holding
organisations accountable for these policies, enabling people to track company
data sharing practices, withdraw consent, block profiling; stop automatic decision-making
and critically enable people to manage consent on aggregate, i.e. withdraw
10,000 consents with one click of a button.
Open Consent is about setting
up a deep system of systematic sousveillance that can be applied aggressively
by everyday people. As policies are
required to be open, people can scrape consents to create consent records
independently. People can use consent
receipts with existing and emerging law to manage consent, block profiling, crowd
source opinion, and to make data sharing practices open and social. Whether companies participate or not!
As technologies have evolved
rapidly, corporate policies also rapidly evolve. It is estimated that more than 80%-90% of
consents are not compliant with consent regulation as they are out-dated, leaving
companies and governments liable in the dawning age of systemic transparency. Material changes in policies mean that consent
is not informed, and like Google’s change of privacy policies, our data is shared without consent.
Opening consent notices
create a defacto framework that opens not only corporate practices, but the
ability for people to independently control data and establish trust.
Conclusion
The greater the surveillance
pressures on society, the more transparent society, and the greater the
backlash, the pushback, and the demand for personal control of data from
people.
Technology is the great leveller. We have a lot of faith in Positive Privacy,
faith in systemic transparency, personal data control and the intelligent will
of the masses.
A society equipped with
wearables, sensor driven appliances, sousveillance, and personal data control
is a much more intelligent society. A
society that can evolve humans into a Smarter Species.
Appendix
In 2010, my MSc thesis, which
was published,
started when I came across some CCTV research that
indicated that in 2002, 82% of the surveillance notices were not compliant with
basic consent and notice requirements in the UK Data Protection Act.
From here I submitted a freedom
of information request to every borough in London for the location of
surveillance cameras. A couple of
boroughs refused, but Hammersmith and Fulham were aggressive in their refusal. As a result the complaint was escalated to
the information commissioner and the focus of my research became the compliance
of CCTV notice and its implied consent on a small street in the centre of the
borough.
The result, the compliance of
notices for surveillance was lower in 2010, with 91% not compliant and the
Information Commissioner's Office ruled against Hammersmith and Fulham council
forcing them to publish the location of the surveillance cameras. Today, every council camera location is now
published across the country, but the notice obligation requirements in Data
Protection Act go unenforced.
As a result, the concept of
Positive Privacy was conceived
No comments:
Post a Comment