Caring about Your Data is Caring about Yourself

We need to talk about data protection and why it matters. It’s about you.

“I don’t care about my personal data, it’s not interesting.”
“What does it matter what happens to my data, I don’t care what people see.”

Your personal data is hot property, but some people’s dismissal of it as such harms its protection and people’s rights.

We create so much data online, and yet, it is often considered ‘useless’ by the very people who generate it. Why?

Photo credit: Pixabay

Insert Personal Information Here

In a time when data protection and privacy are in the spotlight, there are still too many people who say they are indifferent to what happens to their information online. Unauthorised access? This is the standard now. A bug allowed personal details to leak? So what, it’s just your name and email address. Password guessed? No problem, just create a new one.

The truth is that 2018 has been as much a winning year for data protection as it has been a parade of the lack thereof. On the one hand, emails from all corners of the web have flown to and clogged inboxes, with firms trying to comply with the General Data Protection Regulation, GDPR, and to keep you as a source of data.

On the other hand, household names from Facebook, Amazon and Uber, to British Airways, Google+ and Bupa, have suffered data breaches, compromising users’ personal data; sacrificing my and your personal information in the course of their business.

While individuals think their data is uninteresting, organisations rush to collect and analyse it — so shrugging our shoulders at its protection is not the answer.

What Is There to Worry about?

Yourself
The argument “I don’t care about my personal information” ignores the fact that your online activity is essentially your identity. It represents who you are through photos of you and your friends, where you are from based on your check-ins, and even how wealthy you are judging from the device you are using. If you look at the list of characteristics Google includes in your “citizen profile”, you will see why.

But it’s only human to want to keep certain things private although you might think they appear dull for others to examine. What we should care about is the attitude that dismisses data privacy and its protection as valuable. In no way does caring, however, mean that people who use it to hurt others should be left alone. Allowing government agencies to use proportionate powers to tackle such threats is part of letting privacy and its limitations function properly in a healthy democracy.

Setting aside cases of national security, privacy for you and me just means some alone time where you’re undisturbed and unwatched. The fact that the information you generate on Facebook or on a travel website looking for a holiday is readily available to be collected doesn’t automatically mean it should be.

The fact that that it might not be the most interesting thing to read doesn’t mean it should be collected because it’s free; or processed without you knowing.

Decisions You Can’t Contest
You should care who has access to your personal data — you might become the conclusion a machine makes based on many different sets of data you have produced over time. The predictions made by smart algorithms might be accurate enough based on the information you have generated, but misleading and detrimental to you in real life.

Once you are flagged as X because you do Y online, how do you change an unknown system’s conclusion about you? Knowing you might be judged on your unusual and yet innocuous searches changes the way you behave — and this is not right. People who say don’t care quickly change their mind when you ask them to look at something they consider private.

  • You might not care if an online retailer collects data about your purchases and makes recommendations you like based on that;
  • But would you give your email password to someone for them to have a look at some point and, for example, judge you based on the purchases you have made?

If You Don’t Care, Noone Else Will
Your personal data is yours, after all — like a bag with all your things inside that someone can steal, just intangible. If you don’t care about it, no one else will. More importantly, you should care about it because the companies that hold it won’t.

Taking Care of Your Own Data Goes Further

Establishing Good Data Practice
In an era where Big Data, The Internet of Things, Smart Cities and many more technology developments run and will continue to run on the personal data generated, the people who create it should decide what is acceptable and what isn’t. Information law always lags behind technology, but legal developments like the GDPR are the much needed update for the digital world. Although it is early days to evaluate its success, it is a step in the right direction.

We should embrace all good things that technology brings us, with a pinch of salt. It’s great that we can reap the benefits of it because it’s great paying for travel on the London underground with a bank card. Establishing good practice about what happens with that data, who uses it and why, is where the information society needs to work.

For Your Convenience
Netflix shows, Amazon purchases, personal assistants feeding you information you seek — all things that are just right for you are such because you exchanged personal data for convenience. The more personalised something is, the better.

That’s great as long as users acknowledge it and understand what it means. That all data we exchange is stored somewhere and could be used for another purpose without notice, could leak and expose the most private thoughts.

This is out of our personal control, but perhaps one day deciding against convenience for the benefit of keeping some personal details unshared is the caring for data privacy we need.

Understanding Privacy and Its Limitations
Some say they don’t care about privacy because they would rather relinquish it for the promise of safety from attacks; or because the right to privacy has given the same impression general human rights have — that only bad people use them to escape justice.

Understanding privacy and its limitations will help everyone see that it’s not an absolute human right and can be lawfully breached in certain circumstances, for example to protect another more pressing right on balance, or for national security. It’s not just used to hide something wrong.

We can have the right to information privacy and still set it aside when there are more important issues to deal with. This is why there is a running dialogue between governments, security services, and human rights organisations which try to find the right balance.

Your Privacy Is Yours to Keep
Laws like the GDPR will be nothing if individuals don’t bring them to life and use them. The GDPR shifts focus on to you from companies. We should welcome this.

Making a subject data access request is one of the privacy rights the GDPR has introduced. In the unequal balance of power between you and the business, these rights tip the balance in your favour and give you the power of information. Why not use it?

Developments in the data protection and privacy world, from the revelations of Edward Snowden to the Cambridge Analytica scandal, have made questioning the practices surrounding information privacy and data protection okay. We should at least try to understand them, to understand what’s happening to us online.

Taking Responsibility for Data
Treating data privacy with respect can minimise the chances of compromising it. Does accepting an email receipt mean signing up to
marketing activity you don’t know about? Do you really need a loyalty card for a shop you like but don’t use often? Do you know the data sharing agreements between a social media network you use to sing in to another website?

Privacy Policies and Terms and Conditions
Scroll, scroll, scroll, agree.

If there is one thing we should pay close attention to when agreeing to policies, let it be the data protection section. The chances of changing it are minimal, but this is a source of knowledge. Knowing who to contact if something goes wrong or who you want to ask about your personal data can only be useful. Getting to know the company’s data practices says a lot about their etiquette and you can decide whether or not you want to use their services.

Spreading the Word
How long can the statement “I don’t care about my personal data” last? People who say it fall silent when you ask them to see something trivial but they consider private. We all care although might not realise it right away because of general misconceptions. Standing up for your own data protection will produce ripples elsewhere where there are none. It might just make people consider that their information privacy is valuable. That’s all we need.

Privacy advocate writing about data protection and travel. International millennial inspired by music and the sea.