Right to Liberty and Security (and Data Privacy?) #12

Share on linkedin
Share on twitter
Share on whatsapp
Share on facebook
Share on reddit
Share on email

In today’s digital world, the right to liberty and security depends on your right to data privacy. If you can’t own your data, then you’re unable to exercise this right.


It’s fair to say, that data privacy is your basic human right? It surely can’t be as important as freedom of speech or the right to life?


Every right isn’t created equal; however, they’re equally as important. Breaching some is life-threatening whilst others impact our core values as a society. Eroding some is a step in the direction of eroding others.


Take, for example, the regular ban of the internet to avoid people orchestrating a public protest. This happened in India, Myanmar and Belarus, the snowball effect of which led to regular breaches of other human rights.


Why tell you all this?

Because, in this week’s blog, I want to share three lessons on Data Privacy which are definitely worth pondering over:

#1 What do human rights mean? And how does data fit in?


#2 Why “Right To Own Your Data” is important?


#3 How does “Data Rights” work?


Let’s dive into each of these:

#1 What do human rights mean? And how does data fit in?

Of course, we’ve all heard of Human Rights and the European Convention of Human Rights (ECHR) includes various articles:


  • Right to life
  • Prohibition of torture
  • Prohibition of slavery and forced labour
  • Right to liberty and security

To name just a few!


Human rights are basic rights and freedoms that belong to every person in the world, from birth until death.


But with society evolving into the digital age, these rights need to be updated.


There are over 4.6 billion active users of the internet. And there are almost 3 billion smartphone users.


The world is digitising faster than ever with the majority of our lives now lived online. So, isn’t it time these “rights” are extended to include data and the internet?


As these are the two main things used, consumed, bought and sold.


But we have GDPR (General Data Protection Regulation) and various regulations for internet usage, I hear you cry.


These are simply regulations/law on how you should and shouldn’t conduct yourselves on the internet. Or how you should collect, use and dispose of data.


These are not basic rights!


Take, for example, Article 1 of the ECHR, you have the “Right to Life”. We’ve also created a legal framework around this to punish people who breach or attempt to breach this right.


On the other hand, we have Data Privacy where a regulatory framework like GDPR gives you the “Right to Erasure” i.e. deletion of your data. And this punishes organisations that are non-compliant with it.


But what it doesn’t give you is “Right to Own Your Data” or maybe just “Right to Data”


Let’s expand further on this idea.

It’s all very one-sided; the person that signs up to these services makes zero money from their data being used......💭

#2 Why “Right To Own Your Data” is important?

There are two schools of thought here:


  • Data should be owned by the person creating it and can be traded.
  • Data Privacy is inherently a basic right and can’t be traded.

Bear in mind, both are based on the person owning their data, not a third party or big tech.


Data should be owned by the person creating it and can be traded.


This model partly exists in today’s digital world. This is where we trade our data for free services like email or a Facebook account.


Of course, these companies are not charities, providing free services out of the goodness of their hearts. See also why data is a valuable asset


This model is currently very one-sided, where the free service obtained is limited to that particular application. However, the data is sold to a multitude of advertisers and other downstream corporations.


Yes, you can limit this, using some of your GDPR rights. But, no one is declining those cookie requests or declining T&Cs when signing up.


It’s also one-sided because the person that signs up to these services makes zero money from this data being used.


Data Privacy is inherently a basic right and can’t be traded.


This model believes that, like you cannot trade the freedom of expression or right to life for money, you shouldn’t trade your data privacy.


In today’s world, anything with a £ sign attached to it immediately creates a tier system. People who can afford “not to sell” data can enjoy privacy. Whereas the poor of society would be forced to trade data for money.


This is just like where everyone has a right to own possessions, not everyone can afford to own one.


Although this model is honourable in its intentions; it’s a difficult feat to achieve in today’s digital society.

#3 How does “Data Rights” work?

So, what’s the solution to these problems?


Unfortunately, it’s not a one size fits all approach. This needs more thought leadership so here are my two pence.


GDPR, other regulations and providing regulatory framework all come in to play after the user has parted with their data.


The user in this case is none the wiser of their rights or what they’ve signed up to.


After the introduction of GDPR in 2018, each website we now visit has an explicit cookie message asking you to accept/decline. 9 out of 10 users would accept this to get rid of the alert.


This is due to the regulation requiring explicit consent to collect data.


Or, when you’re trying to browse the internet via Google and have to accept the Privacy Policy.


How many of us are actually reading the privacy policy? And how many of us simply hit the ‘Accept’ button just so that we can get on with our searching?

True Privacy By Design

We need true “privacy by design”


And I don’t mean the current GDPR definition where throughout the service development process privacy needs to be considered. For example, if an organisation holds customer data, it needs to have a process of deleting that data if requested.


I mean privacy by design in the inherent technology that we use. This of course means de-centralising the usage, consumption and distribution of data.


Centralising = power to the big corporations

De-centralising = power to the users


We need a technology that doesn’t allow compromising of the data or requires trusting another person or entity.


Blockchain has probably answered most of the above challenges by allowing trustless, de-centralised technology.


However, it’s far behind the data storage and latency challenges.

On the other hand, we could have a centralised marketplace like Uber / Airbnb with end-to-end encryption. And the storage of user data on their own devices with appropriate lock and key.


Or a combination of both of the above.


A decentralised data marketplace, where blockchain’s smart contracts could be used to execute actions.  However, the data is still stored in lock and key on individual devices (like a hardware ledger). This also helps with data minimisation and privacy, where the user only shares whatever data is needed.


For example, for buying clothes or general household goods, there’s no requirement to disclose your full name or date of birth. An address and a digital identification i.e. a verification code on your email would suffice.


For age verification tasks, required information such as >18 or >25 is shared, again instead of the date of birth.


For big purchases, like a car or property, payslips, proof of funds etc. could be shared on this marketplace with the bank/building society as the other end-user. Again, enough to get the job done, no more and no less!


This marketplace could also be a place where if required, less meaningful data like a generic email could be shared. And in return, receiving advertising offers and personalised shopping experiences etc. could work!


Imagine a world where we don’t have to accept/decline cookies…


Where we don’t have to align to 100 different privacy policies. …


Whereby only minimum data that is needed to get the job done is shared.


This is when we’ll truly democratise the data economy and give power and ownership to the user and not for commercial interests.


We’ve only scratched the surface in this article of the problems we are going to face this decade with Data Privacy.


Have I got all the answers? Of course not.


As I said, these approaches need more thought leadership and forward-thinking. But I hope this blog post has been thought-provoking.


If you’re still reading this, I hope you’ve found some value in this blog post.


If you’d like to be kept informed of more content like this, subscribe to my newsletter.


Feel free to reach out to my email [email protected], if you have some feedback or just want to say hello!


Check out my other blog on Why Data is So Valuable?

Share this post

Share on linkedin
Share on twitter
Share on whatsapp
Share on facebook
Share on reddit
Share on email
Hanzala Qureshi

Hanzala Qureshi

I’m a digital consultant at a leading consultancy firm. I mostly spend my life working on complex data projects. On this website I document my journey in consulting and thoughts on data & emerging technologies.

keep reading

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to ensure you get the best experience.