Report from the future: Data Privacy in the year 2044

Filed Under: Data loss, Featured, Privacy

Today is 28 January 2014.

That means it's Data Privacy Day!

So we asked Naked Security's Virtual Futurist, Frank di Scorse, to do the following:

  • Go forward in time 30 years.
  • Absorb the next generation's attitude to privacy.
  • Report back from the future.

Here's the way Frank sees it, all the way from 2044.

Ask yourself, "Is this where we want to go?"


PRIVACY DAY RETROSPECTIVE
THURSDAY 28 JANUARY 2044
FOR IMMEDIATE RELEASE

By: Frank di Scorse
Virtual Futurist for Sophos Naked Security
Filing date: 28 January 2044

This is an important day in computer security: it's the Thirtieth Anniversary of the famous Data Privacy Day Protests, back in 2014.

Before 2014, Data Privacy Days (DPDs) had never enjoyed any real significance.

How the events of 2013 changed all of that!

A US soldier named Chelsea Manning was sentenced to 35 years imprisonment for revealing decades of US State Department communications.

A US spy called Edward Snowden went into exile to reveal the extent of his employer's interest in internet information.

And a digital payment system called Bitcoin caused controversy, primarily, it seems, because it made people anonymously rich in return for playing an elaborate cryptographic computer game with specialised graphics chips.

It seems hard to believe today, but these were hot topics back then - hot enough that on 28 January 2014, Data Privacy Day protestors took to the streets in dozens of cities and towns across Europe and North America.

The watchword amongst activists in those days was OPT-IN, meaning that organisations - governments, employers and especially commercial companies - who wanted to collect data about other people should be required to ask for permission first.

The main argument for approaching privacy this way followed what you might call the lines of consensual capitalism.

If the feature that tracked you and collated lots of data about you really was as good as the vendor claimed, everyone would opt-in anyway, which would be a winning outcome for everybody.

In the protestors' words, "Why should a second-rate service be allowed a first-rate crack at collecting our data without so much as a 'do you mind'?"

Ironically, it was this obsession with asking for permission before publication that was to be the activists' downfall.

In 2014, as today, protests - especially crowded ones inside public buildings - enjoyed wide coverage on social networks.

Back then, photos were grainy, and videos (quaintly called "high definition" simply because they were higher than the previous ultra-low-resolution standard) were pixellated and jumpy.

Audio was often recorded with just two channels (quaintly called "stereo" and divided into "left" and "right", after the position of the ears on the human head).

Nevertheless, the quality of social media postings was often good enough to identify individual faces, even in group shots.

And some activists couldn't help noticing, and commenting publicly, that others who called themselves activists hadn't had the guts to turn out in person.

Indeed, some of those activists had chickened out and stayed away on the day, preferring to read the details from a distance in news reports.

But other activists, who had been out there on the front lines with their aggrieved brothers and sisters, simply never showed up in social media in a way that let the world know.

This was to be the turning point in the privacy debate that brought us to where we are today, nearly half way through the first century of the third millennium.

It seems obvious now that privacy isn't a luxury anyone should aspire to, let alone a right or an expectation, and that (paradoxically, perhaps, to the protesters of 2014) that the less privacy you maintain, the higher your quality of life.

Two examples from the lawcourts in 2043 suffice to make this point clearly:

• Maria Santobal, who successfully sued the Global Retail Marketing Association for its failure to make her aware of discounts and offers via email, as required by the combined Northern American/Greater European Union Financial and Retail Industry Notification regulations of 2039.

Santobal's argument was not only that she lost out financially by paying full price for items she ought to have been able to buy at a discount, but also that the organisation's failure to use her personal information as required by law raised the worrying question, "How could this have happened?"

• Raymond Phangiso, who lost a tribunal case in the International Employment Court, following his dismissal for having unexplained gaps in his social media profile.

Ironically, in 2014, Phangiso would probably have been taking action against his former employer for using personal photos he'd posted online as evidence that he was unfit for his job.

In 2044, it's no longer what you do that makes you stand out as an exception - it's the things that you did anyway, but chose to suppress.

You can't help thinking that the activists who took part in the DPD Protests of 2014 would be pleased with how things have turned out, because censorship is now all but impossible.

In the mid-21st century, online privacy is inextricably connected with safety, so that other people can almost always find out enough about you to make an informed judgement about how safe it would be to do business with you.

Gone for good is the quaint concept that privacy should overlap with security, making it all-to-easy for you to hide malfeasance from your fellow netizens.

After all, if you have nothing to hide, why do you need to hide it?

NOTE TO READERS. This article has been seeded with all major search engines and social networking sites in compliance with the Prevention of Data Concealment Act (2041) of the Federated Multinational States of Northern America. Any comments you post here will be automatically uploaded to the CanMexUS Keyscore servers, thereby fulfilling your personal obligations under the Disclosure of Public and Private Opinion Act (2039, amended 2043).


Of course, our future doesn't have to look like this.

In support of Data Privacy Day 2014, we've come up with two thought-provoking articles to get you thinking about privacy.

With a few small changes in the way you deal with your personal information - how willingly you part with data such as where you are, where you live and what you're doing - you can help to rewrite Frank's virtual future in a more palatable form.

FURTHER READING FOR #DPD2014

TAKE THE 3-STEP PRIVACY PLAN DIET

PRIVACY IS NOT DEAD - YOU'RE JUST DOING IT WRONG

, , , , , ,

You might like

4 Responses to Report from the future: Data Privacy in the year 2044

  1. Good to be Anywhere · 275 days ago

    Love it. I would love it even more if I didn't suspect that the only inaccuracy in this piece, is the length of time that we will have to wait for this to become reality. I have a horrible feeling that it is set about twenty years further into the future than it needs to be.

  2. Thomas · 275 days ago

    Timely article. I hope it opens some eyes and minds.

  3. You can't have "Privacy" if you chose to give it away for something in return... coupons, discounts or "free stuff" and social media updates for "friends and family"...

    Here's a thought... what if a law were passed that required strong passwords and encryption and you needed a waiver to "Friend" someone... I'm guessing nobody would like that either, which brings us back to where we are, nobody will take care of you like you should take care of yourself.

  4. Juan · 273 days ago

    As grim as this hypothetical report seems, it probably errs on the side of optimism.

    As long as any entity has the power to forcibly prevent you from doing something you want to do — something that harms or interferes with no one else — or the power to force you to do something you don't want to do against your own best interests, we're headed toward far worse conditions than this report from the future describes, and probably much sooner.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too. Paul won the inaugural AusCERT Director's Award for Individual Excellence in Computer Security in 2009. Follow him on Twitter: @duckblog