Don't Remove The Voiceless From The Privacy Discussion

by on under tech-policy
2 minute read

Chris Hoofnagle of UC Berkeley recently did a Q & A with the San Francisco Chronicle about federal policy regarding online privacy. He highlighted the rapid changes that occur in tracking practices and the great disadvantage most users experience in protecting their privacy online. Noting that when a user performs a privacy protecting action many sites either work around the protection or just completely ignore the user's desire, Hoofnagle argues that federal policy should turn its attention towards data retention limits as a means of establishing privacy as an online default. I agree that retention limits should be implemented in some form, but I must respectfully disagree with the implied belief that it is time to give up on user involvement in privacy protection.

As new technology continues to challenge our definition and valuation of privacy, our society needs to have a public discussion on how privacy should react to technology and vice verse. In order to match our democratic values, this discussion needs to be as inclusive as possible. To this end, federal policy needs to raise public awareness of online privacy issues and educate citizens about new threats to privacy, as well as the benefits and consequences of lost privacy. If federal policy shifts to focus on regulations defined by law and rule makers, citizens will lose their place in the discussion of privacy and technology. Furthermore, by giving up on the idea that citizens are involved in creating their online privacy environment via choice and consent, they will be deprived of one of the only situations in which citizens are educated about online privacy and asked to think critically about its value. Our society is still coming to terms with the degradation of an important value. It is all the more important that as many people as possible develop a thoroughly considered opinion on privacy and be able to voice that opinion. Defining what privacy means as a social norm in this nation, and how regulation will reflect that norm, needs to be a nationwide effort, not the function of a handful of industry and government representatives.

The fact that companies disregard the voiced privacy choices of users should not be an impetus for removing users from the privacy protection system; it should be the subject of policy initiatives that fix the broken system. Many FTC enforcement actions regarding privacy have punished deceptive actions. In my opinion, a company action that disregards a voiced privacy choice by a user is just as deceptive as a company action that contradict its own privacy policy because users have a reasonable expectation that if a company offers opt-outs and accepts P3P or Do-Not-Track messages then it will respect the voiced privacy decisions of a user. P3P failed not because of technical limitations. It failed because companies were not punished for lying to users via the protocol. This type of behavior should not be tolerated in matters of commercial interaction nor matters of privacy.

So lets keep our focus on P3P and Do-Not-Track. When companies choose to ignore those technical solutions lets not call that a failure of technology. Lets recognize it for what it is, companies hearing consumers and ignoring their voices.

Consumer Rights, Democratic Social Norm, Do-Not-Track, P3P, Privacy
comments powered by Disqus