Privacy is a basic human right and is enshrined in the legislation of many of the world’s most democratic countries. However, until recently, digital privacy has not been considered important at all. With the introduction of the EU GDPR in May 2018, the spotlight changed and digital privacy has now become the next frontier in human rights. Indeed, there are those who would say we have already long- missed the boat in this regard.
First and foremost, I believe we need to understand why we make a distinction between privacy and digital privacy? It could be argued that one is tangible and another intangible? What we can’t see ourselves others can’t see. However, this is certainly far from the case when it comes to digital privacy and is folly in my view.
Consider this: do we really want everyone in the cyber-world to know everything we do, everywhere we go, have access to our personal health and wealth information? Indeed, knowing everything we do down to the most mundane activities of daily living? Without realizing the value of the data jigsaw that makes up our lives we are actually creating and extending our digital persona every time we use technology whether intentionally or not. For example, when we want to set up a new account we’re asked to login with, for instance, our Facebook credentials. It’s convenient, great …… but is it too convenient and how many of us actually know what is going on behind the scenes? In reality, we are being “road mapped” in cyberspace with the vast majority of us not even know it is happening! Our desire for instant access comes without us thinking about what the overall personal consequences and implications of providing our digital footprint will be later on. As we become a more ‘connected society’ there are those who passionately believe there is without doubt a blurring of the lines of what is good, proportionate and appropriate when technology is used to collect private information.
I believe securing the privacy of every human being is paramount to realising the full potential of our very future. So, what do we need to do to rebalance the blurry lines? I believe we need to empower people to be at the centre of gravity of the internet as a way of ensuring they will always control their own data. Personal data given, albeit freely, over the Internet or stored in devices connected to the Internet, remains the property of, and is solely governed by, the individual and should not be used without the express consent of that individual, whether it is claimed to be in the public domain or not. The independence and rights of every individual must be uppermost in achieving our ultimate future potential. An example of this is a U.S. company called Clearview that is capturing billions of faces from people on the internet to create a giant database that is currently being used by over 600 law enforcement agencies to detect people suspected of committing crimes. Is it right to create a surveillance state where every law-abiding citizen now has their personal data being used in this way? Is it appropriate and proportional? Should it be regulated? These are questions we urgently need to be addressed by our lawmakers.
Digital data, in whatever form, obtained by whatever means, without the absolute consent of its unequivocal data owner, should not be used by any “repository” for research, inducement, incentive nor as a bargaining tool without the explicit, revocable and informed permission of the data owner. Yet this is exactly what is happening. Being respectful and placing value on every human being’s data should be foremost in securing our digital future.
The converse of having our digital footprint used positively can start off innocently enough and with the best of intentions; however, what if someone told you that the very information you provide freely could be used to influence your social or political views and in turn influence how you vote for new legislation or even as to who governs a country? And again, in the world of criminality our footprint in the wrong hands can have a devastating outcome on our finances, let alone the consequences of financing criminality, abuses and wars. So, we all need to be very cognisant of the choices we make regarding the impact of the trade-off that convenience has with respect to our digital privacy.
With respect to our digital identity, everyone, everywhere has the right to be known and validated through the possession of a government-issued form of identification, which can be securely verified and used only by its owner. But what is the right information that government and business leaders need to provide to navigate this data ocean? Most technologists immediately rush to the pieces surrounding the data; storage, transfer, interaction, visualization, analytics, etc. These are all important, but the harder pieces to tackle are data privacy and data security.
We all recognise and acknowledge that data is the currency of government. Vast amounts of data are being collected, stored and manipulated by every government agency every hour of every day. With the rise of the Internet of Things (IoT) the amount of personal data being collected and shared is exploding. As a consequence, this creates issues for government in both the way they manage data and around the public policy they enact to regulate it.
Technology leaders are seeing an unprecedented amount of information sharing applications, personal cloud storage, analytic tools and collaboration software that users can download and deploy. Technology has certainly improved aspects of our lives, but the digital generation has grown-up in a society where technology provides convenience first and foremost with data security and privacy being secondary or worse, completely ignored.
So, if digital privacy is the next frontier of human rights then investment is needed in cyber security as this is the tax that society will have to pay for the use and convenience of the internet. When we truly understand this, only then can government start to address the complex issues that the Internet of Things brings to our society. What governments need to do is invest in a multi-pronged strategy; invest and recognise that technology solves the business needs of the citizens and the state; invest in data privacy policies that clearly articulate the potential problems and provide flexible solutions for those problems that we know about now and future proof against those yet to be discovered. In other words, involve all stakeholders so that collaborative buy-in is achieved covering security infrastructure, policies, technologies and the people impacted.
A cause of real concern currently is the lack of security focus on critical infrastructure and items of significant importance that would cause us all serious challenges if anything happened to them. This failure endangers our entire economy, our national security and the continuity of commerce. The technology strategies to keep our data safe will change over time, but keeping the data safe from bad actors associated with organized crime, unfriendly governments and others must always be a priority.
Corporate leaders now need to think outside the box when looking for methods to protect our organisations and to secure our corporate assets. The traditional approach to infrastructure being IT governed, IT provisioned, and IT owned is no longer sufficient.
Our company, Sedicii, is at the forefront of helping organisations ethically and confidentially verify information without ever having sight or knowledge of the information being verified. We believe in the right of an individual to own and manage their own data but also completely accept that trust must be established between parties in order that the digital world can work effectively. We will always be respectful and cognisant of the information owners’ right to complete and total privacy and ownership of their own digital persona.
We all must recognize the need to offer solutions that are easy to work with securely and difficult to use insecurely. No matter how the data is delivered, it is the data itself that needs to be secure. We should keep in mind that technology will continue to develop very rapidly but let’s not lose sight of the fact that it is there to serve the people and not the other way round.
Privacy really matters!