What happens to our personal information when we put it online, wherever that may be?
It is a question that affects virtually all companies – businesses that handle customer data in any way can now expect questions on the privacy of their users online. Is my data stored securely? Who can see my personal information? Can businesses see it? Can governments see it?
Online privacy is not a new issue – Edward Snowden’s disclosure of the scale of global and domestic surveillance programmes in 2013 sparked a fierce debate on government access to private information, even in the name of national security or fighting crime.
With recent events in the United States following the San Bernardino shootings, however, this debate has escalated dramatically, leading to a standoff between some of the world’s largest technology companies and the US government. The US government has demanded that a smartphone’s security features be disabled so as to provide access to the device and the information stored both on it and online.
Liberty and security
For privacy advocates, the idea that anyone else – be they corporation, government or individual – could gain access to that information is an unacceptable intrusion of privacy.
Online privacy is seen to be as fundamental as privacy in real terms, as freedom of speech and thought – just as you would not provide a key to your home to the government, you would not give them a way to access your personal life online.
For governments and others, access to data is often framed in terms of national security or law enforcement: encrypted data and communications can protect wrongdoers, who use encrypted methods to communicate with each other and plan illegal activities.
Those in favour of allowing government access to data argue that it is necessary to protect the wellbeing and safety of citizens, not to infringe on the right to privacy.
It is an increasingly bitter and inflamed debate – one that touches on deeply held values in Western democracies on liberty and civil rights. For advocates, government demands for access to data carries worryingly Orwellian tones. On the other side, those who encourage encryption and the blocking of that access are labelled criminals, traitors or worse.
The age of distrust…
The Edelman Trust Barometer 2016 provides insights into why the debate on online privacy has taken the polarising form it currently has. The first finding is that, across ‘Western’ liberal democracies around the world, businesses are generally more trusted than governments. In the US, 51% of the general population trust businesses compared to 39% for government. Similarly in the UK, 46% of the general population trust businesses compared to 36% for government.
Interestingly, US public opinion falls along similar lines with regards to the aforementioned government demand: in a Reuters poll, 46% of respondents agreed with the firm’s decision, 35% disagreed (indicating support for the government position) and 20% said they did not know.
Where is online privacy in this? Following disclosures on secretive surveillance programmes such as PRISM, citizens trust governments significantly less when it comes to their personal data. While governments have good reason to avoid publicising these programmes, this has created a trust deficit as citizens demand to know what else has been hidden from them.
A deeper look at why trust in business has risen in 2016 presents more findings: amongst the general population, 8 in 10 believe that CEOs should be personally visible in discussing social issues. For those who said their trust in business had risen, 45% stated that it was due to those businesses contributing towards the greater good.
The same technology companies advocating for online privacy appear to be rising up to this challenge – from CEO letters publicly denouncing government demands to resistance of court orders, several companies have undoubtedly established themselves as leaders in this debate. Whilst they have their detractors, such positions are likely to have greatly improved their overall standing with citizens.
…and the age of acceptance
The relatively broad support for businesses is reflected in the different attitudes on online privacy with companies compared to governments.
A Pew Research Centre poll in 2014 found that, even as Americans expressed concern about the privacy of their data, 55% of respondents were willing to share their personal information with companies in order to use online services, or gain greater benefits from them.
From basic web forms to providing often-detailed insights into likes, dislikes and more, consumers often provide their personal information when there is some perceived advantage to doing so.
It would be dangerous to presume that this is a trend that will continue, however. In general, citizens are becoming increasingly aware of risks to their online privacy from governments, but this does not mean that businesses are getting a free pass. Some have already caused uproar, with social media sites accused of excessively manipulating what content we see and, by extension, how we feel.
Governments are currently subject to the most intense scrutiny; businesses may soon find themselves subject to the same and discover their advantage in trust to be short-lived.
The future of online privacy
In the US, the current debate on privacy and the security of information will likely only reach a conclusion when the Supreme Court makes a decision on the matter. Even then, it will hardly be the end of the road for the privacy debate on either side.
In the UK, the revised Draft Communications Data Bill will be read in Parliament again today, 14 March, to continued opposition from advocacy groups and even Members of Parliament.
In France, the tragedy of the recent Paris shootings has prompted the swift – critics would say rushed – passage of unprecedented surveillance powers for law enforcement authorities.
Perhaps one reason why people are becoming more passionate about online privacy is because there are few means to avoid a life increasingly led online – many of the services and products we use today are dependent on our data being hosted somewhere in the internet. Businesses retain trust – for now. To presume that this will continue to be the case would be dangerous.
There is no simple binary choice between liberty and security, nor is there a straightforward balance between the two to be struck. As long as that balance is unresolved, the battle for online privacy is here to stay.