From Mirrors to Data: The 21st Century Digital Barter
Probably, every Brazilian who studied the first years of Brazilian history knows the meaning of the term “barter”. Nowadays, we find inadmissible that colonizers negotiated with native objects of small value in exchange for one of the most valuable and coveted commodities in Europe at that time. However, a few centuries have passed, and with the development of a data-driven economy, we now provide important information about ourselves in exchange for things like services, public Wi-Fi or discounts on medicines. In recent years, our data, more valuable than any shipment of spices in the sixteenth century, were easily collected and processed by various companies and often inadvertently transferred to third parties, that is, we did not even know the face of our dealer.
Thus, although also related to navigation, this time related to the Internet, the collectors of our wealth were not the great navigators of the sixteenth century, but companies that use data-driven technologies. In the age of surveillance capitalism, examples such as the possibility of discrimination by facial recognition data are publicized by the Brazilian media and investigated by the Public Prosecutor’s Office, as well as the unauthorized collection and transfer of personal data by pharmacy networks to third parties.
Fortunately, the implementation of the European General Data Protection Regulation (GDPR) in May 2018 has had a number of repercussions on the right to privacy and the protection of data throughout the world. In Brazil, its effects are verified through the recent promulgation of the Brazilian General Data Protection Law (LGPD). Despite the worrying presidential vetoes regarding aspects such as the existence of a Data Protection Authority, the law represents a significant victory for privacy in Brazil. However, LGPD should not be the only way to protect the privacy and data of Brazilian citizens today.
To share or not to share? that is the question
According to studies by members of the Oxford Internet Institute, threats to privacy are seen not only because young people share content online with little understanding of the risks. On the contrary, data show that young people tend to be more dedicated to protecting their online privacy than older users. However, the privacy dilemma arises with the conception of a social life that is now conducted in a connected way where social networks and online services did not provide – at least until the advent of GDPR – users with tools that would allow them properly control of their privacy.
Relearning how to navigate is necessary
Often this incoherent behaviour happens due to the lack of a greater knowledge, not only of the risks, but of the means and alternatives that guarantee a greater security to the user. It is perceived the need for what some call “privacy literacy”. At first glance it seems to us that the process of privacy literacy is related to “digital literacy”. However, as Christina L. Wissenger of the University of Pennsylvania states, the two mean different things. While digital literacy seeks to develop the user’s ability to create and transmit information in the online environment, privacy study is associated with understanding the consequences and responsibilities associated with sharing information. Privacy literacy seeks to develop critical thinking so the user can build a better understanding of sharing information on the network. It is necessary for the user to understand that the sense of anonymity provided by the Internet is often unreal. The web, social networks and the Internet of things, for example, while providing a certain sense of security and distancing from the real world, can act as very effective mechanisms for user-tracking.
General Data Protection Laws x privacy paradox
It is safe to say that the introduction of a general data protection law benefits both, companies and users. In addition to the greater protection offered to the privacy of companies’ customers, by complying with the rules of the new law, companies not only become compliant with international patterns but also benefit by principles such as privacy by design and others that focus on the purpose of data collection (purpose limitation) and its necessity (data minimization), for example. These principles contribute to a decrease in the risk of data breaches and to a higher level of protection and security of the data stored, thus attracting customers seeking services and products that offer a greater protection of their information.
Despite its extreme relevance, it is not yet known, in a concrete way, how general data protection laws encourage users to seek information regarding measures that ensure their privacy. A study by Shailesh Balla of the University of Rotterdam attempted to investigate the influence of GDPR on the behaviour of Dutch consumers. The study sought to compare the importance given to privacy by those who were instructed about the laws in force, those who studied the new Regulation and those who remained unaware of any legal content related to the subject. However, the study was inconclusive regarding significant behavioural changes due to the new law. It is believed that the study was inconclusive because it was conducted in December 2017, during the GDPR vacatio legis, in order other words, the law was not enforceable yet.
Allied tools in the quest for privacy protection
Terms and Conditions May Apply – Cullen Hoback
Panopticon – Peter Vlemmix
Power of Privacy – The Guardian
Privacidade na era da Internet – Quebrando o Tabu
Mapa da Informação
Especial Apps do Governo – Internet Lab
The House That Spied on Me – Kashmir Hill e Surya Mattu