Privacy and the dollars in you data
- Tamsin Oxford
The balance between sharing personal data online and how it’s used and by whom is difficult to define and complex to regulate.
If you’re not paying for the product, you are the product’ – a quote attributed to many but that has its origins in the early 1970s in reference to television. Data has always been a commodity, but today it is far more valuable. Yet we continue to give it away for free.
“The data that people share on platforms and with companies is worth a lot of money to those companies,” explains Benjamin Rosman, Associate Professor in the School of Computer Science and Applied Mathematics at the Wits. “Data is powerful and valuable and can be used by organisations to target you with adverts and messaging.”
When Google logs what you’re doing, it learns a lot about you. It can deliver targeted adverts, immediately benefiting companies paying for those adverts. If Amazon uses your data to share tailored recommendations u, Amazon benefits – but who rightfully owns this data?
“Data is supposed to be owned by the individual who creates it, but when you sign up for any platform-as-a-service [PaaS], you agree to certain terms and transfer certain rights and responsibilities,” says Professor Turgay Celik in the School of Electrical and Information Engineering at Wits. “You’re shown about 200 pages of terms and conditions and you just agree to it.”
Data protection 101
There are regulations around the control, ownership and protection of personal information. In South Africa, these are defined by the Protection of Personal Information Act (POPIA. The act regulates the companies and individuals using the data but, despite these rules and protections, complexity persists. For example, how do you protect your data if you don’t know it’s being used?
“You need a good understanding of how the data is collected from you and how the data is exchanged,” says Celik. “You then need to establish what protections are in place for that data and these will vary dependent on how the data is being used. If these protections are breached and you’re informed, then you can take steps to protect it, and yourself.”
There are alternatives to regulation that focus on data security at the granular level, for example, digital signatures that ensure data shared with a platform remain there. Individuals should ensure they are better informed, and consider changing small details, like birth year, to obscure identities.
“You need to understand your rights and be vigilant in terms of whether people who have access to the data are adhering to the agreements you have with them. If data are abused, organisations can be prosecuted, but so few people really understand what their rights are and how their data is protected,” says Emeritus Professor Barry Dwolatzky at the Joburg Centre for Software Engineering, Wits. “If you’re benefitting from the arrangement with the company that has your data, then perhaps you should be happy with handing over your data. There’s a balance between civil liberties, and saying ‘what the heck, let them use my data as I get value from this arrangement’.”
- Tamsin Oxford is a freelance writer.
- This article first appeared in Curiosity, a research magazine produced by Wits Communications and the Research Office.
- Read more in the 11th issue, themed: #Viral. Inspired by the SARS-CoV-2 global pandemic, content relates to both the virus that causes Covid-19, as well as the socio-economic, political, and environmental ramifications.