We Know the Problem, But Is There A Solution?

-- By DaphneL - 26 Dec 2019

The Problem

I conceptualize the fight to transform user privacy in many of the same ways I think about combatting global warming. The everyday person can be taught to recycle, to use less plastic, and to be more conscious of their emissions. Now, (many) children are instructed from an early age to consider these activities as part of their daily routine. However, there is still a large swath of the US – and the world – that does not want to contribute or does not believe their contribution will make a difference. On the latter they have a point, it seems increasingly likely that without significant government regulation over the biggest polluters and a monumental shift in the way users consume products, we cannot reverse the effects of global warming. Both business actors and individual users need the incentives to change because either they do not appropriately grasp the imminent danger, or they prioritize the short term over the more abstract long term.

Privacy often evokes a similar reaction in people. Some do not care that their Alexa may be listening (“who cares, I don’t have anything to hide”) while others are perturbed but aren’t quite sure what to do. Some, like me, are increasingly alarmed and enact some change – a secure email provider, dumping Facebook etc. – but feel like they need to do more.

Regulation is similarly lagging. We spoke at length in class about how the legislative approach to privacy should evolve to begin treating it as a public danger, but also how unlikely it is that such an approach would be adopted anytime soon. As long as most people do not view the collection of personal information as an inherent danger, and most governments find it to be a useful tool in policing, such a complete shift is unlikely.

This is compounded by the enormous influences of the large tech companies – companies such as Facebook and Google have been allowed to be their own standard makers and continue to steer and shape the majority of the conversations in the US. The current GDPR regime appears to be the more realistic regime falling into place, and some it is having some ripple effects with countries across the world adopting similar legislation. However, it does not address the core issue - most people will still mindlessly click away the consent pop-up mindlessly and give up any protections they may have.

An Optimistic Search of Possible Avenues of Change

One of the key obstacles to enacting the necessary action to combat climate change is how intangible and far away the effects today can feel to some people (however false that may be). Here is where I would argue that enacting significant changes to data privacy can, and should, be easier. The abstract doomsday people shrug off when it comes to the environment should be incredibly pressing and clear in the case of data privacy after Cambridge Analytica, Snowden, and the crackdowns in Hong Kong and India. The increasing public scrutiny around this issue and the continued revelations help create the pressure on companies and legislatures that can cause change, though not without hurdles.

One hurdle is convenience. There is no doubt that there are alternatives for every Google or Facebook product out there, some of which will share the features without the data gobbling. If they don’t, enough user demand will undoubtedly drive more innovation in the space and allow free software to become a more viable alternative to even the least savvy tech user. However, it is not just about individuals – from the moment that universities and employers rely heavily on these products and force their employees to use them it is unlikely that there will be large scale change. There needs to be change on a more institutional level to allow the leveraging of these tools, and these tools in turn need to support the needs of such institutions. This change can come from the employees up, or the top down, but given how much time is spent at work and the blurred lines of home and work such a shift would be a significant contributor to changing user preferences.

Another hurdle is education. It is critically important to foster a more informed and positive relationship between children and computers. Beyond teaching typing and basic computer skills, schools should teach children about the implications and complexities of the internet they engage with and encourage them to be an engine for change. They can further have a profound effect on how their parents and others conceptualize their privacy and what they demand from the products they use.

However, I can’t help but also consider the role that regulation can play in tandem. We now have an entire generation of young people who have grown up with Youtube, Instagram etc. and view them as fundamental to their day to day. Creating such significant shifts in mentality is difficult and time consuming – though I would argue, possible. However, we have to consider if in the meantime we are willing to allow the status quo to continue or if stricter regulation needs to be put in place to act alongside education as an agent of change. Of course, there is no doubt that both this education shift and regulation are in some ways aspirational. But as the severe dangers that accompany our current data privacy ecosystem become more tangible for consumers, it is likely that some form of both will be put in place.


Climate change provides an apt analogy in my opinion because it highlights the complexity of fighting a larger than life evil that requires both institutional and systematic change, and a mindset change across ages, demographics, and geographies. Strong education and allowing users to engage privacy-friendly tools in all aspects of their lives can go a long way in shifting attitudes. Furthermore, even though the necessary legislation is unlikely in the current climate, with a shift in user preferences as well as increased scrutiny, it is conceivable that a legislative shift may follow as well.