Siân Brooke, researcher at the Oxford Internet Institute, University of Oxford, explores the challenges of a data driven economy and the impact on our personal privacy in the digital age. Here she talks about her role in an exciting project involving global data and privacy experts including OII colleague Dr Joss Wright.

Data and the digital economy

Data is the main fuel of our digital economies. Our financial transactions, movements, communications, relationships and interactions with governments and businesses, both online and off, generate data that is collected, bought and sold by data brokers and corporations interested in profiling individuals. Right now, governments and technology companies across the world are developing and deploying new ways of using data to help manage – and emerge from – the COVID-19 pandemic.

As the collection and analysis of data becomes more sophisticated and accurate, and as data sets grow to become Big Data, the opportunities ahead seem infinite. The risks, however, are also great, as the information being handled about individuals is extremely sensitive.

Rise of communication technologies and impact on privacy

Getting privacy right is one of the biggest challenges of this new decade of the 21st century. The past years have shown that there is still much work to be done on privacy to tame the darkest aspects of the data economy.

Today our privacy is under near constant scrutiny. Many modern communication technologies promise security, but the last few decades have been characterised by a progressive erosion of privacy. Two phenomena have converged to give rise to an economy where our most private information is available for purchase. Metadata – or traces left by our interactions with technology – have been used to develop personalised advertising, and used by authorities to police us in the name of security.

In her latest project, ‘Data, Privacy, and the Individual’ Oxford Internet Institute researcher Siân Brooke together with a team of international researchers join forces under the auspices of the Centre for the Governance of Change (CGC) to gain a better understanding of the importance of privacy and how we can better protect personal data in the era of the data economy.

The project explores some of the key ethical questions posed by today’s emerging technologies, and analyses new technical methods that governments and companies can use to profit from information while respecting regulations and maintaining the trust of both their clients and citizens.

Public opinion and privacy

As part of the research project, Oxford Internet Institute researcher Siân Brooke and Dr Carissa Carissa Véliz, University of Oxford, conducted an online survey of 1,107 people, mostly Americans and Europeans, about their views on privacy.

The headline findings reveal that people care about their privacy. Across continents, age, gender, and levels of education, people think privacy is important. An overwhelming 82% of respondents deem privacy extremely or very important, and only 1% deem privacy unimportant.

Another key finding from the survey shows that privacy-related negative experiences online are extremely common, with nearly a quarter (23%) of people experiencing unauthorised access to their accounts.

Furthermore, trust in online platforms and internet companies is remarkably low, with only two of the most trusted brands, Amazon and Apple, just reaching the halfway mark on our satisfaction scale below.

Trust in companies in Europe (0 to 10 ranking scale): Bar chart shows most trusted and least trusted online platforms and internet companies, with Facebook ranking lowest levels of trust scoring 2 out of ten with Amazon rated the most highly scoring 5 out of ten amongst survey respondents.

Bar chart summarising trust in tech companies.

Source: ‘Data, Privacy and the Individual’, Centre for The Governance of Change

The survey explores public opinion on the role of government in relation to data collection. In looking to governments, the majority of people believe that governments should not be allowed to collect everyone’s personal data. Over half of respondents (55%) think that governments should only be allowed to collect the data of criminal suspects, as opposed to everyone’s data, with Europeans being slightly more likely than Americans to find some uses of bulk data collection acceptable.

Future recommendations for policymakers

Both ethicists and the public agree that privacy is a right that deserves strong protection. Citizens are unsatisfied with how their data is being used by both companies and governments. Institutions wanting to regain people’s trust need to better protect citizens’ privacy. As data scandals continue to emerge, questions abound as to how to interpret and enforce regulation, how to design new and better laws, how to complement regulation with better ethics, and how to find technical solutions to data problems.

The report, ‘Data, Privacy, and the Individual’, proposes a series of data principles for companies and governments, based on seven individual research papers on privacy. Each paper offers a set of reflections and recommendations for policymakers to implement with best practices regarding privacy. The proposed data principles include fundamental measures such as; collecting as little data as possible, and collecting the least sensitive data possible, having a plan to delete data and storing data for as little time as possible and not selling or sharing data with third parties without the explicit consent of data subjects. Although no amount of principles can replace the judgment of an adequate ethics committee when assessing the ethics of privacy in a particular context, the recommendations included in the report can serve as a start to policymakers looking to develop better data practices.