Home

Privacy and Data Protection Day: restoring trust for digital citizens

The web has made our world increasingly borderless, and digital security should be borderless too, not just a privilege of those who can afford it.

Renata Avila
28 January 2017

HRI

lead

January 25, 2017,President Donald Trump signs documents at the Department of Homeland Security in Washington. Pablo Martinez Monsivais/Press Association. All rights reserved.Companies and governments are rushing to connect the next billions. And there is no shortage of tech solutions being proposed to improve the lives of the poor across the Global South using the web. From biometric readers to determine the age of refugees, to electronic cards to track and improve the habits of those receiving conditional cash transfers, there is a tendency to experiment with new technologies on marginalised or vulnerable communities, supposedly for their own good.

But what kind of web are the newly connected finding when they come online? A glance at recent reports of privacy and data breaches across the Global South shows that it may be a web where the citizens of these countries do not enjoy as safe an online environment as their western counterparts.

In some cases, this may be because some governments who are overwhelmed with other challenges do not yet see online security as a policy priority. Often there is simply no relevant legislation in place to protect citizens, or such laws have significant gaps or are hopelessly outdated. But in other cases, authoritarian regimes deliberately undermine privacy and data protection in order to spy on and control their citizens, as evidenced by the Hacking Team revelations. Just this week, even US President Trump signed an executive order scrapping the application of privacy protections to users who are not US citizens or permanent residents. Just this week, US President Trump signed an executive order scrapping the application of privacy protections to users who are not US citizens or permanent residents.

Compounding this problem, all too often NGOs, businesses and governments who are operating in these countries are guilty of only applying national levels of protection instead of ensuring international human rights and technical standards offer users the highest levels of digital protection. This creates an unequal world where the digital rights of those from the wealthiest countries are protected by bilateral treaties and national laws and institutions, while the same does not apply in the Global South. In many developing countries, companies have little pressure to rein in sloppy security practices, and in some cases are grasping a tempting short-term opportunity to extract as much data as possible without the costs of complying with stringent privacy and data protection laws.

Just such an example was reported in the fall of 2016: an unprotected database containing personal customer data of thousands of off-grid electricity customers from a “social startup” operating in Guatemala and South Africa was accessible for months. The users were completely unaware of it; they had limited access to electricity and many of them were illiterate. All the documents and fingerprints they used to enrol in the startup’s services were available for abuse, potentially enabling others to create fake identities with original copies of their documents and personal data.

This is not an isolated incident – the number of data breaches nearly doubled last year. Many in the Global South are particularly vulnerable, unable to control how their personal data is used, or not yet aware of the risks of technology.

Incidents like these result from short-term thinking. NGOs, governments and businesses that rely on digital services must begin to think long-term, particularly about the impact of these breaches on citizen and consumer trust. If people don’t trust their technology to provide a reasonable level of privacy, they are less likely to embrace digital services for basic activities like communicating with friends and family, organising politically, managing their finances, and accessing public services. What’s more, businesses and NGOs operating in countries with political risk have an additional ethical imperative to ensure their platforms are not used to conduct human rights violations and/or construct an authoritarian state. Businesses and NGOs operating in countries with political risk have an additional ethical imperative to ensure their platforms are not used to construct an authoritarian state.

So how can companies and NGOs operate responsibly and ethically in this challenging environment?

Privacy and Data Protection Day

For the time being, users are being advised to use short-term solutions – from covering their device cameras to using Tor or VPNs to hide their online activities. But these are not sustainable solutions for restoring trust. What we need is a global standard of privacy and data protection norms that companies and NGOs will come to see as integral to conducting their activities ethically, responsibly and minimising their own exposure and risk.

Today is Privacy and Data Protection Day, the perfect opportunity for companies and NGOs to take proactive steps and pledge to grant the highest standards of digital protection to all users and consumers regardless of jurisdiction. Certainly aid agencies and governments should not condition the provision of humanitarian assistance on invasive data collection practices. What we need is a global standard of privacy and data protection norms.

The web has made our world increasingly borderless, and digital security should be borderless too, not just a privilege of those who can afford it or who are fortunate enough to live in jurisdictions with strong safeguards.

For starters, we might look to the Council of Europe Privacy Convention, an international instrument protecting personal data that non-EU countries can adopt. We must work with civil society, unions, consumer associations, policy makers, political parties and government officers to develop and refine best practices, to ensure all web users, regardless of where they are, enjoy equal privacy and data protection standards worldwide.

Can there be a green populist project on the Left?

Many on the Left want to return to a politics based on class, not populism. They point to Left populist parties not reaching their goals. But Chantal Mouffe argues that as the COVID-19 pandemic has put the need for protection from harm at the top of the agenda, a Left populist strategy is now more relevant than ever.

Is this an opportunity for a realignment around a green democratic transformation?

Join us for a free live discussion on Thursday 22 October, 5pm UK time/12pm EDT.

Hear from:

Paolo Gerbaudo Sociologist and political theorist, director of the Centre for Digital Culture at King’s College London and author of ‘The Mask and the Flag: Populism and Global Protest’ and ‘The Digital Party: Political Organisation and Online Democracy’, and of the forthcoming ‘The Great Recoil: Politics After Populism and Pandemic’.

Chantal Mouffe Emeritus Professor of Political Theory at the University of Westminster in London. Her most recent books are ‘Agonistics. Thinking the World Politically’, ‘Podemos. In the Name of the People’ and ‘For a Left Populism’.

Spyros A. Sofos Researcher and research coordinator at the Center for Middle Eastern Studies, Lund University and author of ‘Nation and Identity in Contemporary Europe’, ‘Tormented by History’ and ‘Islam in Europe: Public Spaces and Civic Networks'.

Chair: Walid el Houri Researcher, journalist and filmmaker based between Berlin and Beirut. He is partnerships editor at openDemocracy and lead editor of its North Africa, West Asia project.

Had enough of ‘alternative facts’? openDemocracy is different Join the conversation: get our weekly email

Comments

We encourage anyone to comment, please consult the oD commenting guidelines if you have any questions.
Audio available Bookmark Check Language Close Comments Download Facebook Link Email Newsletter Newsletter Play Print Share Twitter Youtube Search Instagram WhatsApp yourData