The biggest lie in Internet history

The act of lying is inherent in human behavior. In all social fields, lies occupy a space of manipulation of reality, which can be expressed by an omission, by the selective choice of facts or by the simple creation of them. The ethics behind a lie is always controversial: Should we tell a harsh, cruel truth to someone or lie to avoid conflict and suffering?

Although it is the will of the authors to embark on a philosophical debate of this theme, we will speak specifically of a lie told daily, dictated by the vast majority of Internet users. It is said by those who write this text and also by those who read it. We can even say that this is the biggest lie in Internet history. We are talking about the Terms of Use here.

Anxious to use an application in question, we always tell a lie by pointing to the small box at the end of the registration or installation that says “I have read and accept the Terms of Use”. It does not look like it, but we are signing a little contract, which explains how our interaction with that platform will take place from that moment on. It is necessary, in a certain sense, to have legal security both from the company and the user about these interactions.

The concept of terms of use is relatively new. Before, we did not need to sign any terms of use when using a refrigerator or a telephone line. With the advent and popularization of the Internet, however, it was necessary to have greater control over the interactions that were made on a platform. After all, how on the Internet no one knows if you are a dog, how to ensure that rights and duties can be applied to certain users on a platform?

From this need, a new business model emerged, coined by the american sociologist Shoshanna Zuboff as “Surveillance Capitalism.” In this model, all the monitoring and collection of data through digitalized services are monetized, generally serving for targeted advertisement. However, in the logic of this model, the more the data is collected, the more one knows about the user, the more conclusions can be made and the more money comes into play. In this way, the appetite for data becomes insatiable for this model, putting at risk the privacy of its users. Hence, most of the problems that privacy activists warn of are validated.

In a legal sense, such a contract is totally valid, in a model called “Notice and Consent”, that is, notify the user about how the relationship will occur and ask for their consent. Not reading a contract before signing it is always viewed as dangerous. Therefore, in this model, it would totally be the user’s fault if a violation of privacy occurs, for signing a contract that he is not reading. However, are the conditions that this architecture subject the users fair?

By that date it would have taken an average of 20 full days reading all the small letters of these contracts. Do we have time for this? What’s more, terms of use often have vague language and do not clarify to users exactly what will be done with their information. Finally, users are required to sign the terms of use to use the application, thus leaving consumers in an imbalance relationship with businesses.

In a scenario in which our privacy relationships with digital platforms are governed by contracts we do not have time to read, we do not know exactly what they say and what we are obliged to agree to use these platforms, what solutions are on the horizon? Well, for Brazil, because it is a relationship established directly between users and company, a solution of great impact would be the approval of a General Law of Data Protection, which would establish rights and duties of how the data collected by these companies Must be treated, forcing them to ensure greater transparency in the Terms of Use. It is important to state that there is no regulatory vacuum in the country on this matter. There are several sectoral laws dealing with the subject, such as the Positive Registration Law, the Consumer Defense Code, the Law on Access to Information and the Civil Internet Framework itself. However, these laws do not provide a satisfactory level of protection for the personal data implied in the Terms of Use.

We have nowadays in the Chamber the dispute between different sectors so that this law receives a final essay. On the one hand, companies want a more lenient law that allows for a deeper exploration of the data collected. On the other hand, activists and NGOs come together for greater oversight and control over this information, thus protecting users’ privacy.

While this discussion does not progress, we remain unsure about what the terms of use say and about which agreement we are signing. We are also insecure about how our identity is shaped and treated based on program decisions that we do not understand and do not have access to, increasingly concentrated in a small conglomerate of companies. While we do not have the truth, we continue to lie.

Article written by Marina Arvigo and Victor Veloso, members of Nucleum of Studies in Technology and Society (nets) of USP.

Marina Arvigo is a law student at USP and research trainee at Internetlab. She is currently coordinator of the Nucleum of Studies in Technology and Society (nets) of USP.

Victor Veloso is International Relations student at USP and researcher on different topics related to technology and society. His research mainly involves topics such as Vigilantism, Algorithm Governance, Freedom of Expression on the Internet and Cyberwar. He was a representative of Brazilian youth at the IGF 2016 and is currently a intern in the area of Digital Rights of the Brazilian Institute of Consumer Protection (Idec). He is also one of the co-founders and coordinators of the Nucleum of Studies in Technology and Society (nets) of USP.