20-03-2019 | | By Paul Whytock
Online data about you is valuable stuff and high-tech companies have freely been able to feast on it, monetise and market it without your say so.
But those days could be numbered as pressure grows from Government and industry experts, including web founder Sir Tim Berners Lee, for greater regulation and the implementation of internationally enforced codes of practices.
In addition to those, a further strategy that could also shackle high–tech and social media companies in their competitive race to be data dominant would be greater data control by consumers. In other words, you.
After all, it's your data. Its your personal stuff and you should be able to say what details you want used, who is allowed to use it and, importantly, be able to shift it around to whatever digital giant takes your fancy. And if for some reason you've gone off all them you should be able to delete from the web whenever you like.
However, this is not easy stuff to achieve because those digital giants don't want you to have that influence over how they make money out of you and your data.
So who are the heavyweights calling for greater digital control for consumers? For a start there is the UK's House of Lords, the UK Treasury, the EU with its data protection law, News Corporation, and in the USA democratic presidential hopeful Elizabeth Warren who has targeted social media sites for its handling of personal data.
And of course there is Web founder Sir Tim Berners-Lee who has expressed concern about how the Internet has developed over the past thirty years and how large high-tech digital companies have attained dominant positions. And he has started to do something about. He is working on Solid, a platform designed to decentralise the Web and give individuals control over their own data. (More about that from me in a future blog).
When it comes to personal data protection it's my feeling that the EU has the sharpest teeth when it comes to enforcing laws it has implemented. And there are plenty of very large corporations that can testify to the size of the financial bite those teeth have. Google was fined $5billion, Microsoft over $700million and Intel $1.45billion by the EU for a variety of infringements.
So what's the EU law that will protect personal data? It's called the General Data Protection Regulation and it applies to all companies operating in the EU no matter where they are based. Its primary aim is to give people greater control of their personal data and greater privacy.
OK, so the EU is getting on with the job of creating greater personal data control for us all but what is our Government doing about it? We all know that Westminster's time over the past couple of years has been taken up with a our MP's and the Brexit bungling game they have been playing but the House of Lords has come up with something.
In its view regulation of the digital world has not kept pace with how it impacts on our daily lives. So its Communications Committee has decided that companies operating in the digital world should be held accountable to an enforceable set of shared principles.
Now that all sounds very laudable and principles are a fine thing. But do they have the teeth that a legal requirement provides?
The Committee says a new Digital Authority should be formed, guided by 10 principles to provide regulation of the digital world.
It says that self-regulation by tech firms is failing and without intervention tech companies are likely to gain increasing levels of control of technologies which harvest our personal data.
Now I've read all these principles and to detail every one of them here would take far too many words and far too much of your time to read them.
But in essence what they set out to do is protect people's rights when they are online. The so-called Digital Authority will report to Government on how online companies are behaving and guide all regulation of the Internet.
That's a particularly interesting principle as I think any attempt to pragmatically regulate the Internet is doomed to failure.
Nevertheless, a further principle objective is to make high-tech and social media companies reveal how they use personal data and what their algorithms do. This I think is a fair point and much more doable than trying to regulate the web.
The House of Lord's also thinks digital data companies should publish an annual data transparency statement detailing which forms of behavioural data they generate or purchase from third parties, how they are stored, for how long, and how they are used and transferred.
All these recommended principles sound good to me but let's not forget that there is an existing and overwhelmingly held principle already and that is the Internet must remain an open, innovative and competitive entity.
And that's fine until you here about things like this. An investigation by Echo Managed Services and Grosvenor Services Group found 94,700 YouTube results under the search term “how to hack your energy meter,” some with millions of views.
The practice causes at least one death or injury every 10 days in the UK but safety warnings were absent from almost all of the tutorial videos investigated on the streaming site.
So would regulation of the Internet stop this sort of thing? Probably not, but its certainly the case that regulation of how tech-firms exploit your personal data should be.