Personal Data, Privacy, Tech

Toward data dignity: How we lost our privacy to Big Tech

There’s a New Yorker cartoon from the early 90’s that you may have seen. A dog, perched at a desktop computer keyboard, explains to his fellow canine: “On the Internet, nobody knows you’re a dog.” Back then, the internet was synonymous with anonymity, and privacy wasn’t an issue because the tools to track every click and pixel of a user’s activity didn’t exist yet. If that cartoon were revised today, it might read, “On the internet, everybody knows what brand of kibble you eat and every time you sniff another dog’s butt.”

dealistic origins

At its inception, the internet’s promise of the free flow of information to and from every corner of the world was exhilarating. Today, companies know more about us than perhaps our closest family members and friends do, and the lack of privacy is suffocating. We don’t control our own data online: Big Tech companies do, and our government refuses to do anything about it. Increasingly, many technologists are advocating for “data dignity” or the idea that we deserve more control over the use of our personal data.

It is still possible to forge a better path for our digital future. We formed EthicalTech to transform technology as a force for good and accelerate the development of a better internet for everyone. EthicalTech is a multidisciplinary coalition that builds standards for an ethical internet with privacy at its core.

Paradise lost

The journey to rediscovering the internet as it was meant to be and reasserting our data dignity starts with understanding how we got here. Despite taxpayer dollars funding key internet components and breakthroughs through public institutions, the government chose to leave the web essentially unregulated. The idealistic promise envisioned by early adopters was steamrolled by businesses doing what businesses do best: generate returns for shareholders and putting our privacy second.

The laissez faire approach soon gave rise to the most valuable digital currency of all: the cookie. First-party cookies—premised on the idea that if you visit a website, you’re in a first-party, or direct, relationship with that site’s owner—allowed the site owner to cater to your needs. Third-party cookies, or those created by a business different from the website you’re visiting, extended personalization and utility across the internet but also opened the door to tracking us everywhere we go online. It’s a phenomenon we made worse when, bamboozled by the lure of social media, we turned over our data for free products and services, not realizing that we—or at least our data—had become the product.

As it turns out, the same market dynamics and network effects that lure a critical mass of users to a platform like Facebook or Google also result in few big winners. The internet economy consolidated around these behemoths, who used cookies to seize control over the data economy and maintained market power at the expense of your privacy. Now, when the regulators come knocking, Big Tech turns regulation on its head. For example, Google’s announcement that it would deprecate third-party cookies wasn’t, despite its claims, about respecting privacy. Instead, it was a bait-and-switch for Google to simply prioritize their own first-party cookies over competitor first-party data. Such oligopolistic data dominance is no better than a competitive market when it comes to privacy. True privacy and data dignity is when the people control their own data.

Demanding data dignity

Can Big Tech change its ways? All along, companies insisted they had policies to respect privacy and empower people to make their own choices. Facebook, at its launch, even sought to distinguish itself from MySpace by emphasizing that it would put privacy first. It didn’t. After all, no Facebook policies were breached when, in 2016, it facilitated Cambridge Analytica’s harvesting of privacy data from more than 87 million Facebook users. And Facebook was not alone; an endless number of companies skim our data without our knowledge or consent.

On the regulatory side, government has been slow and clumsy. Efforts like the European Union’s General Data Protection Regulation, or GDPR, and California’s Privacy Rights Act, or CPRA, have attempted to define new rules of the road. The problem is that tech firms move faster than governments and often operate in spaces where they have a significant information advantage over regulators. As a result, even as awareness of data dignity builds, Big Tech remains free to track our movements, gather information about us, and sell those insights as they wish.

Our collective awareness is increasing; now we need to turn that awareness into collective action. EthicalTech is bringing together experts and leaders from the private, public, and non-profit sectors to find common sense solutions for enacting data dignity. Together, we can create the infrastructure for an ethical internet where privacy standards are built in. It is up to us to recapture the initial promise of the internet and allow future generations to trust they can interact, co-create, and exist in a digital world with their privacy intact.