We’re losing the war against surveillance capitalism | Salon

Source: We’re losing the war against surveillance capitalism | Salon, by Michael Corn

Many headlines call out the demise of privacy, but what they really mean is that some of your personal information is being sold, or stolen, or simply misused. The two concepts are not quite the same. It is reasonable to consider the loss of personal information under the general heading of privacy, but separating the two concepts opens the door to a more effective conversation about how to protect them both.

When we read about Facebook or Google (or our own government) wanting to listen in on your phone calls, read your emails, or review your Facebook feed, we’re talking about privacy, pure and simple. Privacy in this case means freedom to engage in conversation or thought without unwanted or unknown surveillance.

Protecting one’s personal information takes us into a different realm with more everyday practical implications. When I give Google my phone number in exchange for a Gmail or Google Voice account, I’m exchanging my data for a service. And I suspect most of us are fine with this type of value-based trade-off. Google needs to know where to route my Google Voice phone calls or how to text me an alert related to my account. It’s Google’s subsequent reuse of this information where things start to go awry.

What does it mean to see privacy as a civil rights struggle? The collapse of our privacy is exposing each of us to palpable risks: the erosion of the right to pray, to study, to congregate, or to participate in our democracy. In a digital world, privacy is the barrier between civil society and racial, political, or religious profiling writ large. … Privacy violations are a gateway to identity-based targeting, which singles out individuals by race, religion, or gender identity.

Oppression originates whenever one group marks another group as “other,” then uses that “otherness” to isolate, discriminate, and disempower. Often the markers for discriminatory behavior are obvious: darker skin, for example, or observation of gender. But what if every marker of your individuality were known and sold, accessible to advertisers without your knowledge? The potential for manipulation or oppression is palpable, as one could easily use personal information for these suspect marking purposes.

All of the regulations imposed on the major data brokers suffer from one fatal flaw: they reflect a belief that a statutory, regulatory response to this problem can succeed. … none of these proposals fundamentally address when it is permissible to collect personal information and what can be done with it.

Imagine you come to work one day, and find someone has put a nude picture of you on the wall. You quickly have it removed but the embarrassment and anger lingers. Eventually, even that fades — maybe you even move to a new job where no one knows you as “the naked person.” Embarrassing, but you recover. For those who have had their personal information stolen, there is no “but you recover.” It is impossible to fully remove published information from the digital web. Even if you could miraculously convince every legitimate web service to remove your data, you can never convince those who illicitly deal in personal data to erase it. This immutability of stolen personal data is part of the horror of modern crimes such as revenge porn.

This is again why an incremental, regulatory based approach to protecting personal information will always fail: because a wound to our digital privacy never heals. We can’t wait for a loss, then regulate the circumstances that led to it. By then it is too late.

Imagine a world where we didn’t have to figure out how to reign in Facebook. Where creating a set of regulations wasn’t something we had to do, but rather Facebook (or Google, or the furniture store down the street) had to figure out how to operate with the principle that personal information may not be bought or sold. That is, we preserve our privacy by simply forbidding our personal information from being used as a commodity. Would this eliminate the need for statutes protecting our personal information? No, we’d still want to regulate how and when a service provider could ask for and how they must secure your personal data. But we’d have a principled floor — a bright line not to be crossed — eliminating some of the worst abuses.

Preventing the sale of our personal information is the only effective tool left to preserve our civil rights as they are assailed by both commercial and governmental bodies. People are not a commodity, and we need to legislate that it is wrong to imbue humans with attributes we reserve for property. It is deeply saddening that we need to call for laws to say: I am not for sale.