From friends' shopping habits to family health, one person's data can shed light on a far wider network, with tech firms using individual information to make assumptions about many others
By Umberto Bacchi and Zoe Tabary
LONDON, Nov 14 (Thomson Reuters Foundation) - Personal data reveals a slew of secrets about friends and family so regulators should stop fixating on individual privacy and safeguard society instead, data experts said on Thursday.
From friends' shopping habits to family health, one person's data can shed light on a far wider network, with tech firms using individual information to make assumptions about many others, digital rights experts told a conference in London.
"The sum of our individual privacies won't add up to the collective privacy of society," said Martin Tisne, managing director of philanthropic organisation Luminate.
Glen Weyl, an economist at the research arm of U.S. tech giant Microsoft, agreed, citing citizens who consent to the use of their health data for research or commercial purpose.
"That says things about your whole family because your conditions speak to the conditions of your family ... (and they) may now face different insurance premiums based on a decision that you made," he said.
Tech giants, once seen as engines of economic growth and a source of innovation, have faced allegations on both sides of the Atlantic of misusing power and failing to protect users' privacy.
According to industry estimates, more than 2.5 quintillion bytes of data are generated each day, roughly the equivalent of 625 billion iTunes songs.
In 2018, the European Union enacted one of the biggest shake-ups of data privacy laws since the birth of the web, the General Data Protection Regulation (GDPR), which gave people more control over their online information.
Websites, for example, now have to ask users for consent before processing their data.
While this was a "great foundation" to protect privacy, it failed to guarantee "collective rights over data", Tisne told the Thomson Reuters Foundation's annual Trust Conference.
"GDPR is the ghost of data protection's past, it's focused on a very individualised notion of privacy," he said. "But the world we live in now isn't like that, it's not just about me and my credit-card company."
He cited as an example a group of 10 friends going to a disreputable bar with only one disclosing their whereabouts.
"Even if nine of us don't release that data, one person may allow their data to be released and that's it for all of us."
Weyl wants people to form "data unions" to demand payment for their data and help address privacy concerns by restricting what information is collected and how it is used.
"Too often people see ethics as the party pooper, as shutting things down," said Weyl, who founded RadicalxChange, a network of entrepreneurs, activists and researchers promoting social change.
"We need a society that treats people as agents rather than passive subjects in a surveillance state."
(Reporting by Umberto Bacchi @UmbertoBacchi and Zoe Tabary @zoetabary, Editing by Lyndsay Griffiths. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers humanitarian news, women's and LGBT+ rights, human trafficking, property rights, and climate change. Visit http://news.trust.org)
Our Standards: The Thomson Reuters Trust Principles.