After countless data breaches and scandals relating to major tech behemoths’ cavalier usage of our personal data, it would seem natural to assume that Brits have decided to police their own privacy with much greater intent. On the contrary, post-Cambridge Analytica and the #DeleteFacebook movement, UK user numbers have grown over the last year, passing 40 million for the first time (around 60 per cent of the UK population).
Furthermore, the rate at which people accept default options and blindly accept T&Cs and privacy policies only increases as our digital lives become more cluttered. According to a survey by Deloitte, 90% of consumers accept legal terms and conditions without reading them.
If we can’t help ourselves as consumers, who will?
- Data Protection Day 2019: Privacy firmly in the limelight
- Data privacy: will it be as in vogue as it was in 2018?
- A new era in data awareness
Enter Her Majesty’s Government. It seems that various factions across Government have come to the conclusion, almost in unison, that greater consumer protections are needed. With GDPR still the soundtrack to last summer that’s ringing in our ears, a slew of Government activity is underway to crack down on big tech companies, and some is directed specifically at ensuring greater privacy protections.
Recently, Jeremy Wright, the Digital secretary, unveiled that the newly founded Centre for Data Ethics and Innovation would conduct an inquiry into online targeting techniques. This is in addition to DCMS’s soon to be published White Paper on online harms, calling for a “digital super-regulator”. To add to that was a HM Treasury’s report on Unlocking Digital Competition conducted by Jason Furman, which culminated in the Chancellor ordering the Competition and Markets Authority (CMA) to investigate online advertising. That was quite a couple of weeks in the midst of Brexit chaos!
It is worth noting that the House of Lords committee report specifically suggested that services ought to default to strictest privacy and safety settings. Obviously, we greeted that with cheers at Viber, but more broadly tech companies can start to see the outline of what the Government wants to see the industry do.
Regulation - where and by whom?
In the UK, it’s not yet clear who might regulate the privacy practices of tech firms. GDPR is policed by the ICO, but a lot relies around consent, and that isn’t hard for firms to obtain as we have seen. Then there’s the CMA looking at online advertising and potentially with the power to disrupt monopolies. Others have advocated for Ofcom to take on a larger role in digital media and tech.
The regulatory picture in the UK is far from clear, and how that fits into a global regulatory framework for managing tech companies is anybody’s guess. In an increasingly global world, how fragmented can the rules for tech companies be before it damages the value they bring to users?
A third way
Perhaps the choice between the privacy Wild West and the over-zealous sheriff is a false one? Can the tech industry create a code of conduct that polices behavior while also setting the bar for consumers as to what is fair use of their data?
We believe strongly that companies within social media, digital communications and messaging can meet governments’ wish lists by moving to a privacy-focused mindset, with several key promises to users:
- No reading or storing of any private chats
- No listening or recording of any private calls
- No scanning of any private media exchanged (pictures or video)
- No listening of live conversations through the microphone of a mobile phone
- By default, all settings (like end-to-end encryption) will be set to the most secure option. If needed the users will have to unlock those security features themselves and give explicit consent.
Clearly, sacrifices will have to be made by data hungry platforms in terms of monetisation. However, brands have been waking up to the idea that, as much as consumers tick the T&Cs eagerly and sign away their data, it doesn’t necessarily mean that a brand following them all over their digital footprint with creepy levels of targeting is what they want to see. The cost of protecting users’ privacy may not turn out to be as steep as many tech firms have feared.
Doing the right thing
Ultimately, it might not matter much who moves first, the private or public sector. What is certain, however, is that we will see a change in how the tech industry handles user data. It would send the right signal though if efforts were made to clean up practices before the hammer comes down. It will signal to users that more apps and services are focused on protecting their interests, not just the shareholders.
Cristina Constandache, Chief Revenue Officer at Viber
- Protect your privacy online with the best VPN