The head of an international privacy think tank has condemned corporations and developers ‘app permissions’ and privacy policies as a mask over an unregulated 'Wild West' data landscape that must be tamed.
“The existence of privacy policies – which should be called surveillance policies as they are an explanation of everything that is done to you and your data when it is handed over to a company – shouldn’t matter because underneath there should be a law to protect you,” said Privacy International CEO Dr Gus Hosein, speaking at Teradata event yesterday.
Using the example of data regulations in the US, or lack thereof, Hosein said “it is a bit of Wild West, and everyone knows it needs to be fixed but doesn't know what the solution is. But we shouldn’t revel in that.”
Hosein condemned the UK government for favouring "innovation instead of fair rules”. He said regulation would eventually filter through – but most likely from new markets like India and China where huge investments arebeing made in smart cities and tech firms are beginning to set up shop. Both of these markets currently have no, or limited data protection laws, he added.
'Jurisdiction isn't very effective'
With a new European data protection regulation on the horizon, firms are in a data collection limbo, added Stephen Brobst, storage vendor Teradata’s CTO (and former member of Barack Obama’s President’s Innovation and Technology Advisory Committee).
“Making privacy policies simpler doesn’t help very much – I click ‘I agree’ dozens of times a day. It is important that they are precise", he said. However, he added: “jurisdiction, when it does exist, is very ineffective.”
Brobst went further, saying countries with strict data regulation are at a competitive disadvantage.
“If I look at places where there has been significant regulation on surveillance, there are countries that do not allow enterprises keep data for a certain amount of months - even in the consumer would allow it. That means they can’t do relevant pricing and recommendations - and those companies are at a huge disadvantage.”
Confusion from corporations and device manufacturers over data collection
The fact that device makers often do not know how and where information comes from is another cause for concern, Brobst said during the event at the Shard in London yesterday.
For example, when Edward Snowden famously leaked NSA and GCHQ intelligence that revealed how governments were collecting citizen data, it became clear that information was transmitted from users even when their device was turned off.
After the revelations, Privacy International contacted all device manufacturers to understand how this was possible, and found that the majority were unsure, but pointed to the chips which are purchased from their suppliers. They were unable to tell how the data was being used or pulled off by the chips when the device was not in use, Hosein said.