The Data Game

In this blog I will formulate my answer to the question: should I continue to be active on social media and am I willing to pay the cost (or my perception of the cost)?

The Game
In 1997 I saw the movie: “The Game”, starring Michael Douglas and Sean Penn, amongst others, directed by David Fincher. The following scene is relevant to the first point I want to make. It’s the scene in which protagonist Nicholas Van Orton (Douglas) finds a life-size clown doll in his driveway, puts it in a chair in his mansion and then finds out how his privacy is compromised. The scene is available in the iTunes trailer: https://itun.es/nl/HOMLP

Like Van Orton, I say, we too have embraced smart phones, tablets and apps that look like fun and indeed are fun, but, at the same time also have a more ugly face. It’s the apps and the features we like and adopt to in our lives. It’s the connected way of living where we use available information with small financial costs to make better informed decisions as to what time to leave and which route to take to a certain destination and avoid traffic jams, when to bring an umbrella or sunglasses. Or to connect to people on Instagram you don’t actually know in person and admire their pictures and views on reality.

Brian Solis: Engage!
From the user perspective, Brian Solis, especially with his 2010 book Engage! and his Conversation Prism made it clear that social media not merely facilitate connecting people, but have the potential of actively engaging people for all kinds of purposes, using all kinds of social media. Solis wrote from a business / marketing perspective and analysed succesful ways in which companies put people first again. It was an eye opener for me.

Today I still see Solis as the evangelist of the mutual benefits and added values for people and businesses by using social media. But I see more clearly now the gap between the apps we like so much and the companies that run the apps. And more clearly the benefits for the companies as well as the cost for the people using social media and sharing their data.

The gap between the app and the company
Many people have pointed out the gap between the intention of our voluntary sharing of data on social media and Governments demanding these data for reasons of preventing unlawful acts – before they even take place – as well as acting in the interest of National security in general.
One documentary, to me, stands out in demonstrating this fact and I recommend watching it: Terms and Conditions May Apply, by Cullen Hoback (2013). See here for the trailer. The documentary is available on Netflix and Vimeo. On YouTube an interview with Hoback is available in which selections of his documentary are showed and discussed.

The Third Party
The effect of the documentary, and many alike, to me, is the awareness that the corporations behind the apps we use, are in the business of collecting citizen’s data, more efficiently and on a larger scale than, for instance, a secret service could wish for. And since we provide this information to a Third Party, not to our Government directly, we feel safe doing so. At the same time however we trust our Government to protect us and our privacy – not to invade the latter. With respect to protecting the citizen’s privacy on social platforms like Facebook and Google, only Germany really stands out in Europe. See for instance their position on Google collecting data for the Street View service leading to a fine, as reported in the NYT. Although the much awaited European Privacy Act is soon to be expected. For the Dutch people it was perhaps an inconvenient find to see the mentioning of the Netherlands in the Hoback documentary in the case of TomTom. TomTom is a Dutch company that provides real-time traffic information and GPS based route instructions. The company said sorry to its customers after it became clear that TomTom had sold user traffic data to the Dutch Police. The TomTom CEO:

We are now aware that the police have used traffic information that you have helped to create to place speed cameras at dangerous locations where the average speed is higher than the legally allowed speed limit. We are aware a lot of our customers do not like the idea and we will look at if we should allow this type of usage.

Our data can backfire at us in ways we didn’t imagine. It backfires because we seem to fit in a risk profile set up by someone somewhere, based on which we are suddenly treated as a risk or threat. Examples of this; real consequences for social media users, users of online banking services and credit cards, are many and convincing in the Hoback documentary.

The downside of documentaries like Terms and Conditions May Apply, to me, is the shift of the debate to the hackers and wiki leaks reality, which is a bit too much for most and at least not my cup if tea. It is the world of conspiracies and underground movements and taking a stance. It does seem a bit awkward to identify with hackers and their illegal activities on the basis of a common understanding of privacy worth protecting. The matter blows up in our faces, as it were.

A social media decision tree
As a response I reconsidered my own activity on social media. And I like to share this with you to hear you thoughts.

I am now aware of the fact that the data I upload on social media platforms are ways of interacting and engaging with friends and people I share interests with and at the same time will never leave the companies’ servers, even if I request such a thing by permanently deleting my account.
So, for personal use of social media, I made this decision tree:

This is a way in which one can, knowingly and in steps, decide to post something online or not. With which audience do you want to share your public / private / secret thoughts and do you trust companies with this information? Companies who can figure out the private, based on the public. And the secret, based on the private and public. And the false, based on incorrect profiles, thus connecting the dots all wrong.

Finally
The remaining aspect is the fact that we currently are so poorly protected online. That we have to accept terms and conditions at all for services rendered. That we have no choice between a free account and a paid, privacy secure, account.
Hoback calculated it takes a month each year to read all of the terms and conditions we are asked to agree with. European law will perhaps make a difference, but law, by nature, follows reality. So there will allways be a gap for individual people to bridge themselves wisely.
I will explore alternative routes to the model where my data ‘lives’ on a server abroad. I intend to use my www.domingus.com domain more often (Dutch server accessible for me via good old FTP) and try social platforms like Ello (a Public Benefit Corporation, that made it a point not to sell adds or user data).
And finally I will read more closely the terms and conditions of services provided and decide when enough is enough and I should permanently delete my account(s).

If you have come this far in this blog – thanks!
Please share your thoughts on these matters. I am curious to learn from you.

PS Mark Zuckerberg admits in the New Yorker (2010), at age 26, to having called FB users “Dumb Fucks” for trusting him with their data, in the early days of FB, at age 19. As was documented in the Hoback documentary.

My open letter to Mark Zuckerberg

Dear Mark Zuckerberg,

I applaude your sense of humor. The new Facebook Privacy Basics and new terms and policies are announced a few days before Christmas, taking effect on January 1, 2015.
In these Privacy Basics one will look in vain for clear and transparant passages on how Facebook users will have control over what will happen with their data, on every occasion and before it takes place. The principles, in short, of ‘transparancy’ and ‘user control’, basic elements of privacy.

I can see Facebook announcing on Christmas eve that the new Facebook Privacy Basics are, of course, a hoax, and part of the largest social experiments known to man. For Facebook is undeniably very a effective social platform and fun experience. I am in touch with many people I care for in a way that was not possible before you brought us Facebook.

Max Schrems, the Viennese lawyer and data privacy activist, you know so well as the claimant of the extensive civil suit called ‘Europe versus Facebook‘, will wear a smile during next Christmas, as will the 25.000 users from more than 100 countries who have assigned their claims for the class action.

For your withdrawal of the supposedly new Facebook terms and policies will prevent the European citizens to act against the European privacy principles, designed to protect their privacy. A strong message you will be sending!

I foresee the new Facebook terms and policies, in which Facebook will act as a broker between users and companies and in which citizens, willing to take a part in a company’s advertisement campaign, will receive credits of some kind, for services rendered, in full explicit agreement. I can also imagine paying an annual fee for my Facebook account, in which my privacy is secure.

Kind regards,

Marlon Domingus
December 21 2014

PS. In the unlikely event it is not at all a joke, I will, of course, delete my Facebook account permanently before January 1, 2015 and will advise my friends to do the same.

Update (Dutch only)

Update mbt mijn toekomst op Facebook.

Ik heb mijn stappenplan gereed. Mijn FBgegevens downloaden als archief en vervolgens mijn account permanent verwijderen. Voor 1 januari as. FB zal mijn gegevens dan verwijderen (heeft daar enige tijd voor nodig, maar die gegevens vallen dan niet onder de regelingen die geldig zijn per 1 januari 2015). Dan heb ik een redelijkerwijs te verwachten inbreuk op *mijn* privacy voorkomen en de zeggenschap over *mijn* data geborgd.
Het College bescherming persoonsgegevens (CBP) pakt het bredere punt op – zie evt hieronder. Er kunnen op basis van de uitspraak van het CBP 2 dingen gebeuren: ik kan me vinden in de uitspraak van het CBP en wacht de ontwikkelingen verder af en hou mijn FBaccount aan of ik doe alsnog zoals gepland. Scenario 1 is het meest waarschijnlijke. Zie ook het nieuwsbericht onderaan.

CBP
Staatssecretaris Teeven (Veiligheid en Justitie) heeft recentelijk overigens een wetsvoorstel naar de Tweede Kamer gestuurd. Het College bescherming persoonsgegevens (CBP) krijgt in dit voorstel zowel een nieuwe naam: Autoriteit persoonsgegevens als meer bevoegdheden (hogere boetes uitdelen aan overtreders van privacyregels). De voorgestelde maatregel beoogt de bescherming van persoonsgegevens te verbeteren.

Bron: http://www.rijksoverheid.nl/nieuws/2014/11/24/teeven-cbp-mag-in-meer-gevallen-bestuurlijke-boetes-opleggen.html

——

Bron: https://cbpweb.nl/nl/nieuws/cbp-onderzoekt-nieuwe-privacyvoorwaarden-facebook

CBP onderzoekt nieuwe privacyvoorwaarden Facebook
Persbericht/16 december 2014

Het College bescherming persoonsgegevens (CBP) heeft besloten om het door Facebook aangekondigde nieuwe privacybeleid te onderzoeken. Aanleiding is de recente aankondiging van het bedrijf dat per 1 januari 2015 nieuwe privacyvoorwaarden zullen gelden voor Facebook-gebruikers. De privacyvoorwaarden geven Facebook onder meer het recht om gegevens en foto’s uit Facebook-profielen te gebruiken voor commerciële doeleinden. Het CBP heeft Facebook in een brief verzocht te wachten met het doorvoeren van het nieuwe privacybeleid tot de resultaten van het onderzoek bekend zijn.

Privacyvoorwaarden
Facebook heeft eind november aangekondigd per 1 januari 2015 wereldwijd nieuwe privacyvoorwaarden door te voeren. Het CBP wil weten welke gevolgen dit heeft voor de privacy van Facebook-gebruikers in Nederland, onder meer hoe toestemming wordt verkregen voor het gebruiken van hun persoonsgegevens.

Nederlandse vestiging
Facebook heeft een vestiging in Nederland, verwerkt persoonsgegevens van inwoners in Nederland en het CBP is bevoegd om als toezichthouder op te treden. Dit is in lijn met een uitspraak van het Europese Hof van Justitie in de zaak Google tegen Spanje van 13 mei 2014.

The Right to Privacy: Warren en Brandeis

In de literatuur over privacy wordt veelal verwezen naar: Warren and Brandeis, The Right to Privacy, Harvard Law Review, Vol. IV, December 15, 1890. No. 5. Warren en Brandeis benoemen als eersten het recht op privacy en verbinden dit aan de bescherming van de immuniteit van het individu.

Warren en Brandeis maken inzichtelijk hoe het recht zelf in de loop der tijd ontwikkeld is en een toenemend aantal aspecten beschermt van het individu. Eerst was er de bescherming van lichaam en eigendom tegen “force and arms” (vi et armis). Het ‘recht op leven’ was in deze periode een bescherming tegen mishandeling en diefstal. Later ontwikkelde ‘het recht op leven’ tot: “the right to enjoy life,—the right to be let alone” (Warren and Brandeis, p. 194).

In feite beschrijven Warren en Brandeis hiermee dat ‘het recht op leven’ voor het individu allereerst een negatieve vrijheid betekende en uiteindelijk een positieve vrijheid. Deze manieren om naar vrijheid te kijken is gangbaar in filosofie en sociologie. Hiermee wordt uitgedrukt dat vrijheid ofwel ontstaat door de afwezigheid van iets (negatief) of de aanwezigheid van iets (positief). Negatieve vrijheid is de “vrijheid van invloed van anderen”, een vorm van bevrijding. Positieve vrijheid is de “vrijheid tot het inzetten van je eigen vermogen”.

Warren en Brandeis duiden voorts het motief voor de ontwikkeling van ‘het recht op leven’, of, zoals zij dit ook noemen: ‘full protection in person and in property’. Vanwege de erkenning namelijk van ‘man’s spiritual nature, of his feelings and his intellect‘ (Warren and Brandeis, p. 194) en de wens deze te beschermen, werd de reikwijdte van het recht steeds breder. Zo werd bescherming van eigendom bijvoorbeeld niet langer beperkt tot tastbaar bezit, maar werd dit ook van kracht voor immateriële goederen.

The right to be let alone.
Terug naar Warren en Brandeis. Voor het recht ‘to be let alone’ verwijzen zij naar: T.M. Cooley, A Treatise on the Law of Torts or the Wrongs that Arise Independent of Contract. Chicago, Callaghan, 1880. Cooley verwoordt namelijk in zijn verhandeling het begrip “personal immunity” als volgt:

“The right to one´s person may be said to be a right of complete immunity, to be let alone.” (Cooley, p. 255)

T.M. Cooley

What is whispered in the closet shall be not proclaimed from the house-tops.
Warren en Brandeis verbinden het recht ‘to be let alone’ vervolgens aan ‘the right to privacy’.  De redenering verloopt via een aantal stappen. In het citaat hieronder wordt duidelijk dat het hen voor wat betreft het recht op privacy gaat om bescherming tegen het publiekelijk verspreiden van informatie (waaronder foto’s) die is verkregen op basis van het binnendringen in de privésfeer of de beslotenheid van de huiselijke omgeving van iemand.

Recent inventions and business methods call attention (…) for the protection of the person, and for securing to the individual what Judge Cooley calls the right “to be let alone”. Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life; and numerous mechanical devices threaten to make good the prediction that “what is whispered in the closet shall be proclaimed from the house-tops.” (Warren and Brandeis, p. 196)

Warren en Brandeis zien vervolgens dat binnen de bestaande wetgeving het principe van bescherming van privacy al bestaat, namelijk in de bescherming van ongewenste publicatie van persoonlijke geschriften. Om die reden, zo is de redenering, verdient dit principe van privacy een zelfstandig recht om beschermd te worden: het recht op bescherming van privacy.

(…) the protection afforded to thoughts, sentiments, and emotions, expressed through the medium of writing or of the arts, so far as it consists in preventing publication, is merely an instance of the enforcement of the more general right of the individual to be let alone. (Warren and Brandeis, p. 205)

(…) the existing law affords a principle which may be invoked to protect the privacy of the individual from invasion either by the too enterprising press, the photographer, or the possessor of any other modern device for recording or reproducing scenes or sounds. (Warren and Brandeis, p. 206)

The principle which protects personal writings and any other productions of the intellect or of the emotions, is the right to privacy, and the law has no new principle to formulate when it extends this protection to the personal appearance, sayings, acts, and to personal relation, domestic or otherwise. (Warren and Brandeis, p. 213)