In the age of mass surveillance, much has been written in terms of what privacy means at a time when personal data may be captured and used in exchange for ‘free’ internet services. As we celebrate the 25th anniversary of the World Wide Web (WWW), we reflect on where we are on digital privacy protection today and what the future holds for us.
Our first observation is that although the internet has been there for a while, it’s still very much in its infancy when it comes to privacy protection. As consumers of the global network, we often feel as if companies are experimenting with our private information either for targeted advertising, personalised promotion or just to sketch-down a new potential customer profile.
While data-driven companies argue that customers benefit from a tailored user experience that also enables new sources of value creation, research suggests that internet users generally feel they have lost control over how personal information is collected and used by third-parties.
Some privacy activists, such as Julia Angwin, who led a “Wall Street Journal” investigation into tracking software and how it is used by companies to target consumers, have attempted a concerted effort to protect their digital privacy. However, the reality is that “being let alone”, as Judge Cooley would put it, takes an amount of energy and determination most consumers are unwilling to make, particularly those reluctant to forfeit their usage of popular internet services.
At Delta Partners Capital, we have seen a proliferation of apps, smartphones and mobile operating systems targeting either corporate or consumer clients whose value proposition revolves around protecting users’ privacy. When taking into consideration cost-free privacy apps such as Telegram or WhatsApp’s encrypted voice and messaging available to users, we contemplate about how many users will actually be willing to pay in order to safeguard their privacy?
We believe that today even the most privacy-conscious users operate in “silos of privacy”. Some engage on a secure conversation via WhatsApp, navigate the surface internet through Tor browser, or even send PGP emails and have a burner phone to post classifieds on Craigslist. But, they lack a holistic privacy solution that covers their entire digital life.
Even enterprise-grade encryption and deep permission management solutions such as Silent Circle only protect users’ communications through their dedicated smartphone, a limited subset of today users’ multiscreen digital experience. Cross-device tracking techniques allowing companies to reconcile profiling data captured from multiple access points further complicate consumers’ quest for anonymity.
Moreover, new developments in deep learning and natural language processing will likely put additional strains on the users’ ability to keep their conversations away from prying ears.
We argue that we live in the worst time in history when it comes to consumer privacy protection and that users may well feel they are being treated like guinea pigs by certain internet companies exploring ingenious uses of personal data. However, the blend of slow-moving regulators, lack of awareness as to how personal information is being used in ways that would not be acceptable in an offline world, and never-read Terms & Conditions giving legal protection to abusive developers suggests that legislative changes are likely to take some time.
Nevertheless, we also recognise that consumer rights are being traded off for innovative business models, some of which may also provide compelling customer benefits, and that stringent privacy regulation may slow down the pace of innovation — a conscious decision that as a society, we may or may not be willing to make.
We feel optimistic that the current market imbalance between demand and supply of data privacy will fade overtime. This will be driven by intensified users’ wariness of how their information is being exploited and secured (following recent high-profile data breaches) and consumer advocate groups pushing regulation that protects the privacy of private life.
More specifically, administrations should require digital apps to publish some sort of simplified version of their current T&Cs. To exemplify, just as it is mandatory for pharma ads to demonstrate the key risks of a drug, telecom ads must disclose associated fees, and retail investment offerings should be drafted in clear language and include essential information to help customers decide whether to buy a financial product.
Although we acknowledge that it may be tricky for a tech start-up to be the first mover in the suggested T&C streamlining effort, some goodwill may be generated by doing so, as by bringing back customer loyalty and fostering engagement among reassured users, customers would subsequently enjoy more transparency on how their data is being treated.
Eventually, we believe that certain market forces will come into play to seal the gap between consumer privacy and corporate data acquisition, particularly with today’s existing privacy silos and rising user concerns — there is surely an untapped market opportunity to implement unified online privacy mechanisms.