Privacy policies are dead, says Fran Maier, President of privacy auditing firm TrustE, and it’s time for the web to move into an era of “just in time” notifications whenever new types of data are being collected or when our data is being used in new ways.
At a time when online data about individuals and our actions is growing exponentially, when the potential for that data to drive innovation and monetization is just beginning to be understood, when users are wrestling to take control over new forms of communication and when government is looking to take action to protect the complex interests of its citizens – Maier’s forward looking statements, well informed by the history of online privacy practices, are well worth paying attention to.
Sponsor
Maier’s statements were included in a 14 minute TedX talk posted on the TrustE company blog this week. (Full video embedded below as well.)
In the talk, Maier provided an overview of evolving understandings of privacy from Match.com’s 1995 creation of a privacy policy before the practice was widespread, through Facebook’s controversial but highly granular policies today, the emerging European practice of notifying citizens when they enter an area watched by surveillance cameras and a future characterized by an Internet of Things, where user data is held not just online, but in our phones, our cameras, our electrical grid and elsewhere.
Maier says we’ll soon start to see a system called a Forward Eye in advertisements online, which will tell us what information about us is being captured and how it will be used. We’ll then be given an option to opt-out.
The constant throughout all these developments, Maier argues, is that privacy violations occur when people are unable to trust that the their expectations will be met with regard to the outcome of someone else accessing their information. Privacy, TrustE says, is a system that provides transparency, choice and accountability. “It’s not an end-state of your information being held, and in a lock-box that nobody can get, it’s a system,” Maier says.
There is a place for government and regulation in all of this she says, because there are bad actors in the world. Her hope is that the governments will focus on the bad actors and “allow tech innovation, and self-regulation and this system of transparency & accountability and choice to really grow and foster, so that it doesn’t shut down the promise of information sharing.”
Certifying privacy policies is what TrustE built its business on, Maier says, but such policies are no longer sufficient. “Privacy policy is dead. What we’ve got to move into is just-in-time notices that give us choices and lead fundamentally to accountability.”
Maier says it will be possible to be private in a public world, but it will require individual accountability, corporate accountability and possibly a backstop of law and regulation.
Does this jive with your understanding of privacy, your hopes and expectations for privacy in the future of the internet? Let us know in comments.
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.