Law in the Internet Society

View   r3  >  r2  ...
DaphneLSecondEssay 3 - 02 Feb 2020 - Main.DaphneL
Line: 1 to 1
 
META TOPICPARENT name="SecondEssay"
Line: 9 to 9
 

The Problem

Changed:
<
<

The People

>
>
I conceptualize the fight to transform user privacy in many of the same ways I think about combatting global warming. The everyday person can be taught to recycle, to use less plastic, and to be more conscious of their emissions. Now, (many) children are instructed from an early age to consider these activities as part of their daily routine. However, there is still a large swath of the US – and the world – that does not want to contribute or does not believe their contribution will make a difference. On the latter they have a point, it seems increasingly likely that without significant government regulation over the biggest polluters and a monumental shift in the way users consume products, we cannot reverse the effects of global warming. Both business actors and individual users need the incentives to change because either they do not appropriately grasp the imminent danger, or they prioritize the short term over the more abstract long term.
 
Changed:
<
<
A quick skim of newspaper headlines or even holiday dinner table conversations makes it seem evident that privacy in the digital age is an issue of concern to more people than ever before. Some do not care that their Alexa may be listening (“who cares, I don’t have anything to hide”) while others are perturbed but aren’t quite sure what to do. The latter group often seems to view the infringement on their privacy as inevitable – if they delete Facebook, it’ll be Google, or Amazon, or someone else – so what good does changing their habits do.
>
>
Privacy often evokes a similar reaction in people. Some do not care that their Alexa may be listening (“who cares, I don’t have anything to hide”) while others are perturbed but aren’t quite sure what to do. Some, like me, are increasingly alarmed and enact some change – a secure email provider, dumping Facebook etc. – but feel like they need to do more.
 
Changed:
<
<
Even if after this semester I am better ‘armed’ to protect my privacy than ever before – I joined a secure email server, can send encrypted messages from my Columbia email, and try to diligently screen the apps I use – I understand the feeling of helplessness. For example, after reading a New York Times article on my ‘secret consumer score’ I felt indignant that third-party companies were aggregating this information and that my interactions were somehow being graded. But, as I filled out the forms to ‘take back’ my information, I realized there was nothing I could do to make them delete it and stop keeping tabs on me. Even as an above-average skilled user with plenty of willpower, there are just certain steps that cannot be taken without more robust protections from the law.
>
>
Regulation is similarly lagging. We spoke at length in class about how the legislative approach to privacy should evolve to begin treating it as a public danger, but also how unlikely it is that such an approach would be adopted anytime soon. As long as most people do not view the collection of personal information as an inherent danger, and most governments find it to be a useful tool in policing, such a complete shift is unlikely.
 
Added:
>
>
This is compounded by the enormous influences of the large tech companies – companies such as Facebook and Google have been allowed to be their own standard makers and continue to steer and shape the majority of the conversations in the US. The current GDPR regime appears to be the more realistic regime falling into place, and some it is having some ripple effects with countries across the world adopting similar legislation. However, it does not address the core issue - most people will still mindlessly click away the consent pop-up mindlessly and give up any protections they may have.
 
Deleted:
<
<

The Law

 
Changed:
<
<
We spoke at length in class about how the legislative approach to privacy should evolve to begin treating it as a public danger, putting up barriers to prevent users from giving up certain information or acting in a certain way. We also spoke about how it is unlikely that the US, or most legislatures around the world would evolve around that. As long as most people do not view the collection of personal information as an inherent danger, and most governments find it to be a useful tool in policing, then such a complete shift seems unlikely. This is compounded by the enormous influences of the large tech companies – companies such as Facebook and Google have been allowed to be their own standard makers and continue to steer and shape the majority of the conversations in the US. The current GDPR regime appears to be the more realistic regime falling into place. While the EU continues to be a major economic power the trend GDPR-type regulations will continue to seep into other countries and even companies such as Facebook, however, it does not address the core issue - most people will still mindlessly click away the consent pop-up mindlessly and give up any protections they may have.
>
>

An Optimistic Search of Possible Avenues of Change

 
Added:
>
>
One of the key obstacles to enacting the necessary action to combat climate change is how intangible and far away the effects today can feel to some people (however false that may be). Here is where I would argue that enacting significant changes to data privacy can, and should, be easier. The abstract doomsday people shrug off when it comes to the environment should be incredibly pressing and clear in the case of data privacy after Cambridge Analytica, Snowden, and the crackdowns in Hong Kong and India. The increasing public scrutiny around this issue and the continued revelations help create the pressure on companies and legislatures that can cause change, though not without hurdles.
 
Changed:
<
<

In Search of A Solution

>
>
One hurdle is convenience. There is no doubt that there are alternatives for every Google or Facebook product out there, some of which will share the features without the data gobbling. If they don’t, enough user demand will undoubtedly drive more innovation in the space and allow free software to become a more viable alternative to even the least savvy tech user. However, it is not just about individuals – from the moment that universities and employers rely heavily on these products and force their employees to use them it is unlikely that there will be large scale change. There needs to be change on a more institutional level to allow the leveraging of these tools, and these tools in turn need to support the needs of such institutions. This change can come from the employees up, or the top down, but given how much time is spent at work and the blurred lines of home and work such a shift would be a significant contributor to changing user preferences.
 
Changed:
<
<
The key disconnect between the growing public alarm about data privacy and the lack of support for significantly more stringent reform is particularly troubling - even with mounting evidence coming out of Snowden, Cambridge Analytica, and the 2018 election. Furthermore, even with reports coming out of India and Hong Kong that highlight the dangers associated with liberally giving away personal information, it does not hit home to many that with every online interaction there is the possibility of someone collecting a piece of your data that may be used to identify or manipulate you. While this may be a particularly sinister way of looking at the world – most of the third-party data aggregated likely will not be material or identifiable – but perhaps only such a view will impart change.
>
>
Another hurdle is education. It is critically important to foster a more informed and positive relationship between children and computers. Beyond teaching typing and basic computer skills, schools should teach children about the implications and complexities of the internet they engage with and encourage them to be an engine for change. They can further have a profound effect on how their parents and others conceptualize their privacy and what they demand from the products they use.
 
Changed:
<
<
A secondary hurdle is seemingly convenience. While we dismissed convenience many a time, any effective solution to the mass use of today’s software and hardware is to provide appropriate alternatives. One simple example is Google Calendar – a deviant yet incredibly user friendly and helpful tool. While I do not doubt a safer, open source, version can be created, I have not come across any that comes close to the same functionality.
>
>
However, I can’t help but also consider the role that regulation can play in tandem. We now have an entire generation of young people who have grown up with Youtube, Instagram etc. and view them as fundamental to their day to day. Creating such significant shifts in mentality is difficult and time consuming – though I would argue, possible. However, we have to consider if in the meantime we are willing to allow the status quo to continue or if stricter regulation needs to be put in place to act alongside education as an agent of change. Of course, there is no doubt that both this education shift and regulation are in some ways aspirational. But as the severe dangers that accompany our current data privacy ecosystem become more tangible for consumers, it is likely that some form of both will be put in place.
 
Changed:
<
<
It depends what functionality you are talking about. FreedomBox used Radicale for quite a while, and now we expect to use the calendaring built into NextCloud. You might take a look at those. Calendaring, needless to say, is important in a law practice. My law practice is built around our own CalDAV server. How can a law practice share its calendar with some third-party data platform, let alone one that surveils user content? So think of that as Google Calendar's back end replaced by a server that I run. The front is whatever free software CalDAV client each user prefers. (Almost everyone uses Thunderbird. I use GNU Emacs, its calendar, and some elisp called Planner that no one else in the world cares about anymore. Sometimes people prefer Emacs Org mode, which is very powerful.

In short, my guess is that you haven't been presented with anything like a real set of alternatives. If you don't know what you could have, you don't know what to want. I can't think of a single reason on earth why I would want to use Google Calendar, even if I didn't have to offset that against all the reasons never to use services with spying on the back end.

As long as the average person (or company) does not view Google reading their calendar threat to their safety, they will choose to keep using it despite being aware of the privacy infringement. It will be significantly easier to help save people from themselves with the appropriate tools to make it feel less like a trade-off of the intangible to them (data) with the tangible (every day productivity) and even the playing field.

>
>

Conclusion

 
Changed:
<
<
A third hurdle is education. When it comes to children – even parents who are well informed and take precautions concerning their data privacy allow their kids to have apps such as TikTok? . The peer pressure children face, and accompanying guilt parents face, often allow them to make concessions to the most vulnerable population we face. The importance of privacy and implications of data sharing should be a key part of the curriculum from a young age, allowing children to grow up with an awareness of the implications of their actions. Children have historically always been better protected by the law – for example COPA is more restrictive than other forms of data protection – but there is still inadequate understanding and fear about the dangers of having an entire generation be mapped from their infancy. The Cambridge Analytica-type social engineering that can occur is likely much more dangerous than most of us can grasp. While this area of the law is more likely to evolve, a more holistic approach using education and appropriate parental guidance may be the only alternative.
>
>
Climate change provides an apt analogy in my opinion because it highlights the complexity of fighting a larger than life evil that requires both institutional and systematic change, and a mindset change across ages, demographics, and geographies. Strong education and allowing users to engage privacy-friendly tools in all aspects of their lives can go a long way in shifting attitudes. Furthermore, even though the necessary legislation is unlikely in the current climate, with a shift in user preferences as well as increased scrutiny, it is conceivable that a legislative shift may follow as well.
 
Deleted:
<
<
It might be better to teach children to have wonderful, positive relationships with computing, in which they would come to appreciate their digital freedom and to see its relation to their political freedom organically, as part of growing up with good computers behaving ethically, as I did. Then they can evolve for themselves the values that associate freedom of one kind with that of another. This is hardly theoretical, inasmuch as all the individual people I know who grew up to join the free software movement came this way. And I have seen what happens when, in Kerala, children are taught free software ideas from late in primary school. Once we have put in every child's hand a tiny server computer costing, say, $10 (like today's Orange Pi, but more powerful, like today's Raspberry Pi), and shown her how she can do anything she wants with it, we will have completed the education that leads where you want people to go. And we will have made them very powerful in the global knowledge economy, as well. Well-off parents, as well as parents in slums living on the edge of subsistence, would like their children to have educations like that.
 
Deleted:
<
<

Conclusion

 
Deleted:
<
<
In order to change today's paradigm, it seems that people, tools, and the law all have to change. While there is progress on all fronts, it is countered by incredibly heavy influence and market penetration by the major technology companies, as well as government interest in data collection. It then seems only natural that progress has been slow and piece-meal. Unfortunately, it is likely that only more scandals and incidents that are tangible and harmful to individuals will cause the tide to change.
 
Deleted:
<
<
This is not a very specific conclusion; its durability rests on its immense generality. The best route to improvement of the draft is, I think, to sharpen the idea, so that the place you are reaching with it is better lit and we have a better idea what to do there, besides waiting for scandals and harm.
 

Revision 3r3 - 02 Feb 2020 - 22:20:41 - DaphneL
Revision 2r2 - 12 Jan 2020 - 12:30:35 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM