Are you listening Alexa? Yes! And so are Siri, Google Home, and all our other smart home and smartphone devices. What’s more, they are listening consistently and cleverly, gathering vast amounts of data, too. Properly used, according to keynote speaker Kemal Huseinovic, Chief of the Digital Networks & Society Department, ITU, this data could enhance quality of life, but it could be misused too. Is data collected used to improve services, or for other purposes? he asked. It is also a question of how the data is collected and whether its usage is in line with the key principles of privacy. Countries are equipping themselves with laws on privacy, he noted, but awareness needs to be increased on a global level, an approach ITU is advocating in its daily work.
The panel gave insights into the challenges around security and privacy, awareness, impact of new technologies on data generation and the idea of data as an asset.
People love connected devices, said Serge Abiteboul, Executive Board Member, ARCEP, and are happy to use them freely, with or without awareness of what’s actually being done with their data. The first issue should be protecting private data. Market forces also come into play here, as manufacturers are under so much pressure to get devices to market that their focus may be on the functionality of the device rather than its security.
For Grenoble École de Management’s Nathalie Devillier, it is also about awareness; users may not be aware of just how much data is collected on them. Alluding back to smart speakers, such as Alexa, she noted that we may be so eager to get started that we neglect to wade through 10 pages of privacy information. Security is a major concern for her, and corporations should be addressing it “Data is a corporate asset,” she explained, “so why shouldn’t data security be considered as a competitive advantage?”
ErnieApp CEO, CSO and Founder Isabella De Michelis, finds data an asset, and as such it is government who has a responsibility to say how it will manage the asset of its nation.
For Lina María Duque, Legal Counsel and Dispute Resolution Coordinator, CTC, the industry needs to “self-regulate” more. It should be more aware of only gathering the data it really needs to gather in order to improve devices.
Awareness and education
As consumers it is hard to appreciate just how much of our data is collected and used and what we should do about it. And because consumers don’t understand the problem, said Jordan, the industry doesn’t want to talk about it – they may want to just “keep the consumer space unaware” Or maybe users understand the risk, added moderator, Miklós Danka, Product Manager and Developer, Palantir Technologies, but are in such haste to get started with an app that they just wade through the privacy information without paying sufficient attention to it.
Incentivising users and companies to confront and address privacy issues is one way to deal with the issue, according to Danka. The industry is making products that are more secure. But governments need to make more regulations to protect the user. And the users themselves must also play their part. Greater education for users is needed, explaining what they are doing and why, and users need time to think. Essential privacy and transparency information needs to be simplified, said De Michelis, possibly including a gamification element to encourage users to engage with processes. Companies need to be mindful of the differences between their users; there is a big difference between IoT for enterprise and IoT for consumers.
Companies may bombard users with information and interfaces which are difficult to navigate, explained De Michelis. Government and regulation is needed to make sure companies provide users with accessible, easy to use interfaces, providing users with clear opt in/opt out options. We buy products globally, added Duque, so privacy regulation, too, needs to be global to match.
Inferred data is data that can be inferred from, for example your shopping habits, music taste or even online searches. This kind of data could be used to predict behaviour and outcome – and if needed, tailor advertisements to match. On the upside, it could, for example, help a health tracker app predict heart attack; but on the downside, it might tell Facebook your relationship is going to breakdown. Can this help us or not? asked Danka
For De Michelis, it’s a simple question of rights. At present, although laws may say you can choose the purpose for which your data is collected, this may not work in practice where the end purpose is not always clear, particularly when a company such as Google owns so many overlapping products. Users may not realise all are ultimately owned by Google and that data given to one product, such as Waze, also connects with Google maps and more. Harmonizing interfaces on how consent is given, and for what purpose, would clarify this for users, she explained. Users need to be clear that their data is being collected for transparent purposes, said Devillier, which is not the case now.
The proliferation of online advertisements thrust in front of consumers based on their geographic location, music, food or any other preferences they exhibit could mean decisions are effectively removed from user’s hands. No need to choose a restaurant or music for example, when it can be done for you. Is this positive, does it help us make better decisions, asked Danka? Panelists felt that it depended on the context; in the home for example, freedom of choice is important; users need to be in control of the decisions they make. Elsewhere however, input into the decision may be helpful – in selecting medicine for example – although good AI is needed so users can make good quality, beneficial decisions.