Law in the Internet Society

Can we find a win-win way in data using?

-- By ChengyuTan - 09 Oct 2020

By collecting customers' data, some companies start to provide customers with convenient services, and some people can even be benefited from that. But how can we keep a balance between privacy protection and the new development?

My Privacy, Their Profit

Cab Company’s New Business Method

Ten years ago, when I need a cab service, I need to call the cab company, and it would send its contract driver to my designated place. Now, I only need to send a message via the app the cab company will automatically send a cab to my location. Sounds convenient, right? On the other hand, the contract driver only needs to pay the cab company $3 per month, which is a mere 3% of their previous contractual fee (In Taiwan, the driver has to pay a monthly service fee of $100 to the company to enjoy the customers-introduce service.) What's a miracle! Why is the cab company willing to give up 97% of its income?

The Advertisement Business

The cab company finds a new way to fill up its pocket. By tracking my cellphone, the cab company can obtain my current location, my route and my destination. Then, the cab company can send me the targeted advertisings that focus on that data. Advertisers may be a cafe shop near my current location, or a gift shop around my destination. The advertisement income can totally cover its previous loss.

Do I lose my privacy?

The answer is clear. In order to market its advertising service to advertisers, the cab company will definitely need to demonstrate the efficiency of its targeted advertising - it can always display the advertisement that may appeal to me. To reach that goal, the cab company, without debate, will collect all data it received, including my age, gender, location, destination, the time I took the cab and my payment method, so that it can infer my domicile, workplace, work time, even my preferences, traits and interests. The more data is collected by the company, the more the company knows about me. But my privacy was lost slowly during this practice.

In Search of Lost Privacy

It is true that my privacy was lost in the cab company's new business method; however, the new method reduces the driver's monthly service fee, which benefits a great number of drivers. Moreover, by using the GPS system, the route will be recorded and can be reviewed afterward, meaning that detour and overcharging disputes can be reduced, since the reviewable record will deter the driver from doing that. In my opinion, we should not abandon this new business method, since it is a progress which benefits either driver and ourselves. But it doesn't mean that we should continue allowing the cab company to exploit our data without limitation. Instead, we should try to find a way to create a win-win situation. Below is some of my idea:

Transparency and Right to Request to Delete

The data that the company collects involves our privacy rights which should be considered as a part of "human dignity and the free development of personality". And the protection of human dignity and respect for the free development of personality is the core values of a free and constitutional democracy. To protect human dignity from the intrusion of others, self-determination of personal data should take a major role in that. Under the self-determination of personal data, the people have a right to determine whether or not, to what extent, in what method, at what time and to whom to disclose their personal data. Follow the thinking, we, the customer and "actual owner" of the data, should have a right to know what data the cab company has collected. Furthermore, we should also be granted a right to control over the use, maintain or deletion of those data; otherwise, the self-determination of personal data is castles in the air, which will never succeed. The right to review and delete, or you can say "the freedom to choose," is a proper and necessary way that we must purchase.

Regulating the data collecting and using

Ensuring the transparency or right to request to delete may be a good way; however, the actual problem has its origin in data collecting and using. If our purpose is not to forbid the company to collect or use our data entirely, how can we ensure that our data will not be exploited by the company? Firstly, the data that the company collected should be properly and reasonably related to the purpose of the original business operation, and any random or arbitrary data collecting should be prohibited. In order to provide the most attractive advertising service to advertisers, the cab company will collect and analyze all data it can reach, but not all of them are properly and reasonably related to the purpose of their original business operation, which is providing a driving service. The data the cab company can collect should be limited in the scope of that service. Secondly, the company should not be allowed to keep and use the data forever, namely, a time limitation is necessary. Since the main purpose of the data collecting is to provide a driving service, the cab company should be responsible to delete those data in a reasonable after the service is provided. The cab company can still provide targeted advertising services to advertisers, but it can only count on the data of the single ride.

All these ways may let the cab company's advertising service become less attractive, but these are the necessary means to protect our privacy.

I'm not sure that the use of a single illustration, whether about a taxicab or any other single business activity, is a sufficient basis in fact for any social, legal, or technical analysis. I don't understand, within that scope of a single illustration, why substituting "human dignity" for privacy helps the analysis.

First, I think the claim that this business is a taxicab business is merely incorrect. The business is behavior collection, using mobile sensors called automobiles driven (at least temporarily) by humans who are workers. That this business presents itself as a taxicab company is essentially camouflage. So talking about limiting its behavior collection to what is required for its business, which is collecting behavior, is an empty tautology.

Nor is it sufficient to say that the right at issue is "dignity." The right at issue is privacy, specifically the form of privacy called anonymity. The question for people is whether they should have the right to move around without registering their identity at every streetcorner or at every ride. I can get into a NYC taxicab, pay with cash, and not be photographed. I can buy a MetroCard for cash, destroy it at the end of the ride, and have travelled on mass transit anonymously. But if there are facial-recognition cameras installed in the stations, the train cars, and the vehicles I lose the right of private (that is, anonymous) movement, and power follows me (and everyone else) everywhere.

The "win-win" is an illusion unless it is based on an unsparing assessment of the rights and powers involved in whatever you are calling a "win." Whether Pareto superiority is actually a meaningful test for public policy depends on whether "wins" are rhetorical, or are factually and ethically grounded in the experience of people in their daily lives, which in turn depends on what it is that people think "the good" consists of. The route to improving the draft, and to having the writing bring you more learning and satisfaction in learning, is to demand more specificity about the rights, and more diversity about the illustrations. People's lives don't consist of cab rides and everything else, so an account that captures aspects of their lives one app or one business at a time is not fully helpful. Thinking about infrastructure like payment systems, transport, health care, which apply across more areas of life, is one way to get more richness and power into the analysis. Being more granular about rights, and in particular being more responsive to the analytical components of privacy—secrecy, anonymity, and autonomy—is the other best route.


Webs Webs

r2 - 05 Nov 2020 - 13:43:51 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM