A new deal: Privacy must always come before profit

23 Apr 2019

Image: © fgnopporn/Stock.adobe.com

The threats will never go away, but the approach to privacy and security needs to be led by the very pinnacles of the tech industry, writes John Kennedy.

Do you sometimes feel a tremor of fear when you retrieve cash from an ATM, wondering if there is some secret recording device ready to clone your card? Do you recoil in horror when you click on a link in an email fearing you might have just fallen foul of a phishing attack? Do you ever wonder about those pictures of Facebook CEO Mark Zuckerberg a few years ago with tape over the webcam and mic on his laptop, as if he knew something you didn’t?

Life is stressful enough without these niggles but is it not ironic that the tech world, which has been so enriched over the past decade or two thanks to us, the people, has failed to adequately protect us.

‘We are for privacy. Your information is yours and you should keep it’

Let’s be honest, this internet thing for most of us is only 20 or so years old, but it has been the agent of disruption on so many levels, shaking up entire industries and livelihoods, and creating new social norms and threats at such a speed that we can barely comprehend the true scale of it.

Last week, I shook my head in disbelief when it emerged that Facebook updated a post from March to reveal that millions rather than thousands of Instagram passwords were stored in plaintext for the social network’s employees to potentially access.

What the hell is going on at Facebook, I asked myself, reasoning that surely a multibillion-dollar tech giant could not be making such rookie mistakes. And then I remembered the Cambridge Analytica scandal more than a year ago, where the very notion of democracy was threatened by a slick consultancy’s ability to game third-party app access to Facebook’s data.

I remembered the countless times I told radio interviewers that when it comes to the internet, there is no such thing as a free lunch. That when you sign up to use digital services and they are free, you are the product. You and your very existence, and the way you do things daily and online, are the fodder to feed the horses that drag the wagons of gold to Silicon Valley.

Privacy needs to be baked in for all future digital products

Last year, a bitter war of words emerged between Apple CEO Tim Cook and Zuckerberg that showed how polarised tech has become around privacy.

In media interviews, when asked what he would do if he were in Zuckerberg’s shoes, Cook said he “wouldn’t be in this situation”. Zuckerberg responded by describing Cook’s comments as “extremely glib”, adding that “an advertising-supported model is the only rational model that can support building this service to reach people. If you want to build a service which is not just serving rich people, then you need to have something that people can afford.”

But afford at what cost?

Last year, Cook addressed a conference of European privacy commissioners in Brussels and warned of the emergence of the surveillance economy.

“Today, that trade has exploded into a data industrial complex. Our own information, from the everyday to the deeply personal, is being weaponised against us with military efficiency. Every day, billions of dollars change hands and countless decisions are made on the basis of our likes and dislikes, our friends and families, our relationships and conversations, our wishes and fears, our hopes and dreams. These scraps of data, each one harmless enough on its own, are carefully assembled, synthesised, traded and sold. Taken to its extreme, this process creates an enduring digital profile and lets companies know you better than you may know yourself.”

Zuckerberg recently announced that Facebook will shift its focus away from public posts to encrypted, ephemeral communications. Does this mean that something is changing?

Because something has to change. Rather than taking potshots, perhaps Facebook can take a leaf from Apple’s stance that privacy is a human right.

The truth is that people do not realise the extent to which they are now being tracked. Cognisant of this, Apple recently introduced Intelligent Tracking Prevention in Safari, which limits tracking as you browse the web and minimises the data sent to search engines. On-device machine learning prevents photos leaving your phone to be processed. Those blue bubbles on your iPhone mean that each message is encrypted and cannot be read by anyone except the sender and receiver. The Secure Enclave chip on iPhone devices ensures that credit card numbers and fingerprint or facial data never leave the device.

About four years ago, Apple ran the gauntlet of US law when it refused to provide the FBI with a backdoor to its encryption. Addressing students at Trinity College Dublin in 2015, Cook said: “Your personal information is yours, not ours. We don’t own your data. We don’t collect it. We don’t feel we should have your personal data; you are not our product. If we convince you to buy our iPhone, we will make a bit of money, but we don’t want to know the juicy bits about your life. We are for privacy. Your information is yours and you should keep it. We intend to encrypt end to end with no backdoor.”

The reality is that the speed of change of the past two decades may be nothing compared to what lies ahead. If you are confused about privacy and security today, it could be bewildering five years from now.

But it doesn’t have to be that way. Privacy should be baked in to all future products and services, from Facebook to Google to Apple and beyond.

It’s time for a new deal promising a less bewildering future.

The tech giants have our money, but with that should come a responsibility to protect us, the people.

It really is about placing the principle of privacy before profit.

Want stories like this and more direct to your inbox? Sign up for Tech Trends, Silicon Republic’s weekly digest of need-to-know tech news.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years