Big Data = Big Failure III

Corporate businesses and government agencies are all doing it: collecting data and thereby breaking universal laws. Ready to take action? We know what to do.

Collecting data is not compatible with the UN law we mentioned in part 1 of this series – even if it's done anonymously, and by the government for good reasons.

The basic, underlying problem is that collecting and storing huge amounts of data series anonymously is simply not possible (as we described in part 2). Moreover, considering the amounts of data collected today, anyone with access to it can analyze it and find out things which are firmly restricted by law. There is nothing to stop this from happening today.

Even government agencies want to collect data

The European Convention on Human Rights Article 8 adds to the declaration as follows: “…except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.”

In plain English: government agencies are always allowed to collect everything since they are doing it for “good” reasons.

Summarizing the series' three blog posts

To collect data about a specific criminal case upon a court’s approval might be in the public’s interest. These are the good examples told to us. However, anything close to mass data gathering leads unconditionally to breaking the UN laws and the foundation of democracy.

Anything other than a minimal data retention policy is unacceptable. We cannot even speculate the horrible things that may happen if all the collected data leaks and falls into the wrong hands for other reasons (for example, change of government, war, malware attack, or human error).

What could be done?

• Take away the cookie-consent loophole in GDPR (the “yes, accept cookie” nightmare).
• Only allow the collection of data that is obviously needed for performing the requested service and no more, period. And don’t store data longer than necessary.
• Don’t allow any mass-sharing of data between corporations and governments.
• Consider countries like Sweden which has its “Principle of public access to official records” (offentlighetsprincipen) where all government-processed information, including individuals’ tax records, is public. Think again if this ideology of openness is sustainable in the age of digitalization where anyone can request this information in bulk.
• Companies and governments: focus on making good products; focus on offering good schools, education, and healthcare. Stop tracking your citizens and customers.

Alternatively…

• More and more customers realize the problem and revolt against companies with a hostile data collection business model. They start to use services from companies with a more transparent model and better values and ethics. Is your company positioned correctly?
• Start with clearing your schedule for the next 30 minutes and lean forward: here is the start of your privacy journey. Ready for your determination!
• Talk to people who are in charge and discuss the matter. Together we can drive change.

Sources

• Universal Declaration of Human Rights
• European Convention on Human Rights
• What are the GDPR consent requirements?
• The principle of public access to official documents
• SolarWinds hack exploited weaknesses we continue to tolerate
• Slouching towards dystopia: the rise of surveillance capitalism and the death of privacy
• Facebook’s Laughable Campaign Against Apple Is Really Against Users and Small Businesses
• WhatsApp Will Delete Your Account If You Don't Agree Sharing Data With Facebook
• WhatsApp Has Shared Your Data With Facebook for Years

Haven’t read the other two posts in this series?

1. Big Data = Big Failure, part I
2. Big Data = Big Failure, part II

For the universal right to privacy,

Mullvad VPN