Is there anything Google doesn’t know about me?
My thoughts about (digital) privacy
When was the last time you gave a piece of personal information to Google? Did it bother you?
I’m almost sure you didn’t even think about giving Google access to your location when you were late for that appointment and trying to find the fastest way to get there.
What is (digital) privacy after all?
Everyone talks about privacy, but do you know what digital privacy really means? You hear about Google, Facebook and so on violating our privacy all the time, but can someone actually clarify why — and if so, how — all these companies are violating your privacy?
You can find millions of definitions for privacy, but let’s not go into this endless list. In my humble opinion, none of these definitions are clear enough — or understandable for that matter.
For me privacy is about control; it’s about giving (data) control to the individual. I believe that this is a very simple definition that embraces all privacy related issues.
To understand why, let’s consider some examples.
When acting according to legislation, the government is able to request any of your personal information. This is conceivable and even acceptable. You are integrated in a society and implicitly giving consent to governmental agencies for collecting your personal data.
You’ve grown up trusting that the government will never misuse your personal data to harm you and that’s enough to make you feel safe. That is, you don’t feel that the government is invading your privacy, as long as you are not asked to provide more information than anyone else.
If, for instance, you are asked by the local government for your home or work addresses, you find it acceptable. However, if the local government asks you where you had dinner yesterday, you might feel intimidated and suspicious.
We are obliged to give some control to the government and we are resigned with this situation. We believe that if anyone in the government tries to misuse our personal data, this person is going to be condemned and someone will act upon this. Moreover, we trust in everyone’s good will to not misuse any of the information that doesn’t belong to them.
So, on the one hand we trust that our personal information is in good hands — to a certain extent of course. On the other hand, this digital world can stress the feeling that ‘Big Brother’ is watching us, sometimes even controlling us; several companies seem to know so much about us that it might feel they have a certain potential power over us.
How do you feel about Google knowing where you are, Facebook knowing with whom you are and being presented with conspicuously accurate advertisements all the time?
You probably don’t mind that much — or even aren’t aware of them anymore.
However, you don’t find acceptable that someone comes to your bank and asks for all your financial information without your knowledge or at least without your consent. Am I right?
If this happens and that random person gets access to your bank information, you feel that your privacy is being invaded. Essentially, you feel you’re losing control over your own data. You feel you’re vulnerable and probably under someone else’s control. You’re not comfortable — possibly afraid — because you don’t know if that person is going to use that information to harm you.
Your privacy has been violated.
Let’s now think about Google. This is an example of an organisation with whom you have no legal obligation.
Google owns a lot of personal data. Is it really data that belongs to Google itself or it’s your own personal data? Did you consciously give consent to Google to collect all the data Google has about you? Do you even know which information Google stores about you and how is it processed? Well, I guess the answer is clear, I don’t know and you don’t know either (even if you’re a Google employee or the Google CEO).
Now, how bad is it that Big Brother is watching us? Are you comfortable with it?
I guess if we aren’t aware of how dangerous this situation might become, we don’t even think about it. However, some smart people believe that this can’t go on forever. We must stop empowering all these companies and governments with all our personal data. The reason is simple: history has shown that when a single entity is able to control everything bad things happen (history is full of sad episodes that I’m not going to mention right now).
Can we really control our personal data? Can we get it (control) back? Would that make our lives better?
In my opinion the answer is yes. It requires effort though, but this is the way to enforce privacy. Privacy is the right to control who, how and when someone can access your data. That’s why it is so important to enforce it, why it’s so important to be aware and be aware about what privacy actually means.
In short, there is a fine line between privacy and data protection, and that line often is rather subjective too. These two concepts are being used interchangeable to refer to the same idea. And although they are closely related, privacy is NOT data protection and definitely not information security. Privacy is about control and about keeping it or giving it away.
Let’s build a more privacy-friendly world.
Let’s claim control over our own personal data and foster privacy by design and by default when building software systems.
At SIG, we are committed to help technology leaders to enforce privacy in software systems, by giving them a roadmap to implement privacy by design and by default from the early stages of the software development lifecycle.
Special thanks to Evelyn van Kelle for her valuable comments and suggestions to improve the content of this post.