| |
| META TOPICPARENT | name="WebPreferences" |
|---|
| |
<
< | Hacking as Spectacle | >
> | Maya Uchima
What to Learn From the European Union’s Recent Reforms on Data Privacy | | | | |
>
> | The Privacy Infringement Problem in the US
It has become more and more apparent in today’s society that the concept of privacy has been eroded, redefined, and curtailed as the power of corporations have dominated. Consumers must actively and aggressively opt-out from having private information logged and stored by websites. Oftentimes, consumers are not given the option to prevent companies from collecting data from them. For example, EPIC’s lawsuit against Google, alleging that Google has been tracking in-store purchases by gathering information from credit card transactions and using that data to target ads specific to each consumer. Not only can purchases (on and offline) reveal one’s tastes and interests, but searches on the internet or viewing trends logged by a cable box can provide valuable data that can be used in profitable marketing strategies. There is an argument that these targeted ads serve only to make life easier, more convenient, and tailored. Nevertheless, with no choice given to the consumer, the discomfort one feels due to the ruthless invasion of private life far outweighs the possible benefit of finding out about a sale at a preferred shoe store. It feels like the fight for privacy has succumbed to the allure of a blinded trust in these mega corporations. | | | | |
>
> | Insufficient Protections
The US is not without any protections for the consumer. The Fourth Amendment outlines broadly the right against unreasonable search and seizures. This sets the foundation for arguing for the consumer’s right to protect his data and his online choices. There exist also the Wiretap Laws, Electronic Communications Privacy Act, and most importantly, the FTC Act of 1914, which seeks to protect consumers from unfair or unreasonable business practices. The FTC is granted the power to pursue a corporation for questionable behavior, but unless the FTC deems the behavior worthy of an investigation, the private consumer is left with scant recourse. Other regulations tend to be too specific, such as a regulation on just medical data disclosure or just financial data protection. So what can the US do to begin providing more coverage for the consumer? | | | | |
<
< | Introduction | >
> | Possible Pointers in the EU
The EU’s recent policies may shed some light for possible next steps. Regulation 679 (2016), also known as GDPR, will go into effect across the member states of the EU (including the UK) in May 2018. It hopes to strengthen supervision and protection of consumer data. These new policies apply to both “controllers” and “processors” of data who work in conjunction to carry out any activity concerning the usage of personal data. The regulation sets out higher punishments if there is a breach and increased legal compliance regulations, including keeping more strict activity logs. It also defines “personal data” more broadly, now including IP addresses, where before it only recognized personally identifiable information (names, social security, etc.). The EU also issued Directive 680 (2016), the Law Enforcement Directive, last year. Directives, although not treated as immediate and binding legislation as regulations are, act as general guidelines for member states, which in turn create internal policies to fall into compliance with the overarching goal of the directive. It states that data can only be used in the process of preventing or investigating crimes and proceeds to define the limitations and scope of what constitutes a crime more clearly. Administrative agencies will provide independent supervision over law enforcement actions and certain remedies will be made available for the infringement of privacy if it is breached unfairly or disproportionately. | | | | |
<
< | At current, a large portion of consumers are unaware of the extent to which software companies are “selling” or giving away their personal information by accepting user agreements found in most major “free” programs like GoogleMail? or Apple’s iCloud. Therefore, the question we must address is not how to reach sophisticated users of technology, but rather in mobilizing the masses or the casual users. From this perspective, the exposure of software deficiencies as spectacle through hacking may be an effective means of undermining programs structured to take advantage of it’s unwitting users.
Despite the fact that the practice of “hacking” means and functions in many different ways for many different people, over the years, the term “hacker” or “hacking” has become increasingly demonized. As discussed in class, hacking can be characterized as the ability to use creative means to make power move or be shifted in directions it was not originally intended. In a more positive light, hacking can also be described as a means of expressing dissatisfaction with a current system or a form of civil disobedience. Applying Henry David Thoreau philosophy from his 1848 essay on Civil Disobedience and applying it to consumer software, users should not permit systems to overrule or atrophy their consciences, and they have a duty to avoid allowing such acquiescence to enable said systems to make them the agents of injustice. Most importantly, hacking as spectacle can provide an effective means of advertising the necessity for greater open-source software to improve the dissemination of information in a more transparent manner. It is not enough to merely undermine the system, but hacking as spectacle should illustrate how unconscionable many programs and systems are to both privacy and autonomy.
The significance of spectacle
Hacking as spectacle has the potential to serve multiple purposes. It can both create national dialogues on questions of surveillance and privacy, but may also provide solutions or reform to remedy the privacy issues identified. Hackers have long played a vital role in improving both software and hardware issues. For instance, as it relates to open source software development, hackers are indispensible for both innovation and their ability to continually improve and repurpose software code. Even developers of proprietary or copyrighted software hire “white hat hackers” to test the security and functionality of web sites or new software.
Moving forward, hackers will play an increasingly important role in bringing to light deficiencies in “privacy” protocols, website surveillance, and other security mechanisms that are purposely hidden from the majority of technology users. Two recent examples have demonstrated how strategic hacking and the use of internet leaks can bring the question of privacy front and center in national and global debate. In the first instance, Edward Snowden, a former NSA contractor, leaked documents outlining numerous global surveillance programs being run by the NSA with the cooperation of telecommunication companies and European governments. Through these leaks, Snowden not only brought to light the practices of the NSA, but more importantly, his actions sparked an international dialogue on internet security, privacy, and government surveillance. On a smaller scale, the celebrity nude photo leaks from Apple’s iCloud this fall have similarly sparked public concern over privacy and the security of cloud computing, with a particular emphasis on their use to store sensitive or private information. While Apple’s iCloud leak did not have the same National Security implications or backlash as Mr. Snowden’s work, these leaks were an effective means of demonstrating the deficiencies of broad based cloud computing to the general public.
As illustrated in the aforementioned examples, hacking as spectacle can be an efficient means of affecting change because the efforts have low marginal costs. This low marginal costs mean that in theory, the practice cannot be “outspent” by capitalism. Similarly, like open source software, the practice of hacking as spectacle, because of it’s low marginal costs, will be superior to the efforts of capitalism as it will be constantly improved through collaboration. Along with this, the distribution of the information on the practice will also be superior, given the low marginal costs. With this in mind, if attacking sites and programs like iCloud, Gmail, or the Facebook server become pervasive enough, less consumers would use them. If this is to happen, there will likely be changes in these programs that will address the concerns of users, or free/open source alternatives will be created to satisfy the new demand for more secure applications.
Redefining and repossessing rights
Under these circumstances, hacking can help expose the way that privacy has turned from a right that the government must be justified in violating, to one that individuals must affirmatively defend. As stated by Edward Snowden in an interview as a part of the New Yorker Festival, people say they don’t have anything to hide and when that happens, the model of responsibility for how rights work is inverted. “When you say, ‘I have nothing to hide,’ you’re saying, ‘I don’t care about this right.’ You’re saying, ‘I don’t have this right, because I’ve got to the point where I have to justify it.’ The way rights work is, the government has to justify its intrusion into your rights.” Hacking can also introduce costs that have long been unrecognized by mass consumers of so-called “free-applications” and re-introduce questions of how privacy should function in the Internet age. This dialogue will be increasingly important as the “Facebook” generation transitions into positions of influence with a skewed sense of privacy, as a premium is currently being placed on the ability to volunteer your location, activities, relationships, spending habits, job experience, and other personal information to the general public. The movement from the era of the written word to the era of technology is an ongoing trial, which hacking as spectacle may improve down the road, although no one can truly be sure of what social results will come from this hap hazardous experiment with social media and internet surveillance,
-- WyattLittles - 16 Oct 2014
| | | \ No newline at end of file | |
>
> | Not a Perfect System
The EU’s continued interest in protecting consumers stems most likely from a stronger belief that privacy is a fundamental human right, a value not quite shared yet in the US. There have been many theories for why Europeans in general tend to want to shield their private lives more so than citizens in the US. One of the most dominant theories states that the trauma from during the Holocaust when Nazi officials would use school and bank records to find the names and addresses of Jewish people in the area has strengthened the necessity of protections for personal information.
However, the EU system is not perfect. Their policies work mainly because of a heightened sense of trust among citizens in their individual member states’ governments. The US government has struggled with its citizens to maintain a semblance of respect for privacy and with the reveal in 2013 of PRISM being used by the NSA to monitor and track the data from internet transactions, the people’s distrust of the government has skyrocketed. To call for US citizens to all of the sudden embrace government regulation and surveillance as guardians of their data against corporations would be too large a bridge to gap, and would, in fact, lead to many other problems, as the government and its subsidiaries have proven to be a dubious and mysterious entity when it comes to maintaining boundaries with its citizens. The key takeaway from the EU reforms would be the shift in mentality towards viewing privacy as a fundamental right to be protected at all costs. The EU has instituted independent bodies to oversee the uses of data and has ensured steep remedies for breaches. These steps will not end the problems with private data infringement, but may begin the deterring process. |
|