Consumers in the era of big data and rampant social networking are increasingly aware of the threat to privacy and data confidentiality posed by the largely anonymous and unregulated collection, analysis and sale of data for commercial and political gain. Data ownership, rights and responsibilities remain unclear and largely unenforceable; absolute privacy or security is impossible. Building transparency and trust frameworks, limiting exposure and empowering the end user should enable data to flow with acceptable security, driving new business models and increased participation in the broadband world.

  • Concern over data privacy and lack of trust have grown as consumer participation in Internet and social media services increases globally:
    • Images and other data are used without prior explicit consent.
    • There is no guarantee that data can be deleted satisfactorily in a viral age; inaccurate, outdated and inappropriate material may remain permanently with harmful consequences.
    • Interpretation of data is highly subjective and potentially damaging.
    • Targeted advertising may be disruptive and intrusively personal.
    • Personalized searches and behavioural analyses return limited data, decrease exposure to new information and world knowledge.
    • Data is held, distributed and analyzed globally rather than locally; there is no clear jurisdiction or applicable regulatory framework to deal with any disputes.
  • Different cultural and economic contexts, and differing paradigms of the individual in society, mean that attitudes to privacy and data confidentiality vary greatly across governments, corporations, online behaviour and attitudes, calling for cultural sensitivity. In the Confucian culture, community is more important than the individual.
  • Different cultures and backgrounds are also giving rise to different solutions for identity, ranging from stringent PKI-based smart card identity to open identity ecosystems.
  • Crowdsourcing applications have demonstrated that people can be willing to reveal personal data and present real identity when they believe they are doing something of greater good.
  • As 45% of the world’s population is under 25, and children go online at an ever younger age, differing generational attitudes to privacy are emerging. Digital natives share personal data far more freely (and naively); are more exposed to predators and criminals; and may not support privacy regulation in the same form or degree as older generations.
  • No technology is completely secure, in particular as humans are always involved. Managing data flow and privacy involves creating a balanced risk model of checks and controls:
    • Freedom of expression versus government policy.
    • Security interests (monitoring, tracking) versus human rights, liberty and dignity.
    • Commercial use of data versus privacy.
    • Consumer ease of use and services versus privacy (as happens already for example in banking).
    • Regulation and security versus innovation, economic growth, free flow of knowledge.
  • Meaningful and informed consent to enable the consumer to control data disclosure on a sliding scale in exchange for value services – or to opt out entirely.
  • Establish a technological architecture and framework of rights and responsibilities between individual and entity with accountability, clear code of practice and enforceable penalties in the event of a breach. Individuals should accept personal responsibility for data, be aware of potential risks (information shared for commercial, political ends) and participate in a form of digital citizenship, building a culture of responsibility that takes offline values and transfers them online.
  • Transparency in terms of why data is collected, what purposes it is used for, when it is disclosed and where it is stored or deleted to establish a trust framework. Educate end-users to understand privacy policies, contracts and potential (mis)use of data; parents and children to understand responsible online behaviour, strategies, dangers and long-term consequences of actions; teach children to swim successfully online as well as providing lifeguards.
  • Tackle increasing consumer uneasiness and mistrust by taking criticism seriously and engaging in open dialogue with all stakeholders and users to build trust. Cross-sector, cross-border cooperation and collaboration to produce international consensus on best practice and principles to audit and control realistically across jurisdictions.
  • Services where personal data is the currency, sold on for commercial gain, are hugely popular. Cyber citizens of the world using these social media services are the ones driving the privacy rules; it may be too late for regulation.
  • A Bill of Rights could be the way forward, stating principles that are universally accepted as the basis of a global framework for international jurisdiction.