Privacy vs User Data Control

We talk about privacy a lot around here and we talk about users having control over their own data. In some ways those feel like different conversations, but I’m wondering if much of our privacy concerns are just a special case of having control over where our data is seen/stored/shared. Where is that true and where does that not hold up?

I don’t understand this part. Did you mean to use what/where instead, or do you mean, “having control over who sees” it? In my view the answers are separate but there is some overlap depending on what you’re saying.

I meant “where”, and I thank you for catching the typo. I’m going to fix it now, and your message will just sit here confusing readers for all eternity.

2 Likes

In general, privacy is a fundamental human right to individual freedom, free from scrutiny, interference or intrusion by others including the state. So, an individual has the right to make decisions concerning personal, private matters, seems critical. Information privacy, in particular, is the right of individuals’ to have some control – right to make decisions – over how their personal information (data) is collected and used.

Thinking of Project Liberty, “User Data Control” seems more a manifestation, implementation of the more abstract “Privacy” where the individual controls and can decide to selectively disclose, depending on context, any piece of personal or other information as they see fit, unilaterally. It seems that “User Data Control” is the tangible, technical implementation of “Privacy”?

This ruling has set a far-reaching precedent for “Privacy” and “User Data Control”:

Meta fined €17m over EU data breaches (computerweekly.com)

€17m is not likely to upset Meta but it is the infringement of Article 5(1) which in effect makes the covert aggregation, harvesting and retention of personal data without explicitly, specified, legitimate business purpose(s) and so forth, illegal. That impacts the underlying business models and practices for all current social platforms (AdTech):

Meta fined €17m over EU data breaches (computerweekly.com)

Hope this is helpful to Project Liberty.

Kind Regards,

Patrick

1 Like

I like that framing. User data control is, in part, an implementation of privacy values. What parts of privacy aren’t implemented through user data controls?

1 Like

I can only think of a platform e2e encryption implementation, like Whatsapp, that provides some privacy from silent, 3rd party intrusion / interference. This aspect of privacy is unlikely to be implemented as user data controls but rather as a standard blockchain (DSNP) default feature as blockchains are, I believe. Can’t think of others?

1 Like

Returning to the opening remark in this thread by @James: “having control over where our data is seen/stored/shared…where does that not hold up?” It does not hold up here:
Attack of the clones: the rise of identity theft on social media (computerweekly.com)

The article does overlook the fact that it is a criminal offence to steal/assume another person’s identity by, for example, presenting documents that belong to another and claiming that identity but the difficulty is proving it. Identity theft occurs silently on social platforms and only discovered long after the consequences have surfaced – too little, too late. The reality is that the incumbent platforms rely on the unfortunate victims of identity abuse to report it:
Attack of the clones: the rise of identity theft on social media (computerweekly.com)

Tangible evidence of identity theft can be established when a person actually presents various identity attestations in their possession. If a person is not the genuine owner of the identity attestations in their possession, and claims the identity of another person, this CAN be prosecuted as a criminal offence of identity theft, IF substantive evidence is available to prove it.

A pre-emptive strategy where each of us can claim, lock-down, control our own identity data asset has to be better than suffering the consequences of identity theft. Project Liberty is once again informed by the failings (Privacy AND User Data Control) by current social platforms. Hope this helps.
Kind Regards,
Patrick

1 Like

The Apple CEO first mentioned the impact of the “data industrial complex” on privacy at the same event, back 2018 (Brussels):

Tim Cook privacy speech to the IAPP sticks to generalities - 9to5Mac

He again cautions about one of the most essential battles of our time: “…the other [reality] where technology is exploited to rob humanity of that which is foundational: our privacy itself.” This all helps Project Liberty. Kind Regards, Patrick.

Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED

The “data minimisation” principle – among others – draws on the GDPR that paves the way for decentralised personal data (1st party). The odds look good for this Federal legislation. Thoughts?
Kind Regards,
Patrick

Project Liberty is a crucial to liberation from endless aggregation, centralisation and abuse of personal data and/or abuse of market power. It is encouraging that regulatory enforcement is now clearing some space for more democratic innovations. Regulators in the EU have often been criticised for ineffective enforcement against violations ranging from anti-competitive conduct to infringements of data protection (privacy) regulations. That has changed recently. Violations by ANY online service, including EU services, now attracts record fines e.g.:

Google loses appeal over record EU anti-trust Android fine - BBC News

Google faces €25bn legal action in UK and the EU - BBC News

Instagram fined €405m over children’s data privacy - BBC News

To my knowledge, this is a first. The prospect alone of criminal liability for executives will weigh heavily on many boardrooms:

Uber’s ex-security chief faces landmark trial over data breach that hit 57m users | Uber | The Guardian

Every success with this year’s event :blush::

News | Unfinished Live to Convene Thousands in NYC this Fall for Immersive Event Focused on Building a Better Digital Future (mccourt.com)

Kind Regards,
Patrick

1 Like

Thanks for the good wishes, Patrick!!