At the recent ICDPPC data protection and privacy conference in Belgium, Apple CEO Tim Cook’s remarks about a new “data-industrial complex” in Silicon Valley earned all the headlines and started a vigorous online debate about the way that tech corporations monetize user data. However, an arguably more important speech at the conference was the opening keynote from Giovanni Buttarelli, in which he described the modern context for the “Privacy Paradox.” According to Buttarelli, this Privacy Paradox has already shaped the way we think about privacy in the digital age and could help to determine the next evolution of privacy regulation.
As Buttarelli noted in his speech, “The so-called Privacy Paradox is not that people have conflicting desires to hide and to expose. The paradox is that we have not yet learned how to navigate the new possibilities and vulnerabilities opened up by rapid digitization.” Buttarelli went on to suggest that modern digital society is at a “tipping point,” in which it must decide how it is going to define, respect and protect privacy at a time when data collection is a standard business practice and personal information is widely available online.
What is the Privacy Paradox?
Prior to Buttarelli’s speech, the Privacy Paradox was generally defined as the fundamental inconsistency between people’s stated beliefs and intentions about privacy and their actual behaviors. In other words, it is the paradox of wanting privacy but behaving as if it didn’t matter. Thus, while people may have a deep distrust and uneasiness about granting Facebook and Google so many insights into their daily lives via a constant stream of data, they generally are willing to click any boxes or agree to any terms of service, as long as they can continue to use the service.
In thinking about the Privacy Paradox, most researchers fall into either one of two camps: either they believe that consumers are rational thinkers who perform a sort of cost-benefit analysis in order to determine what is the price they are willing to pay to give away their data, or they believe that consumers are filled with inconsistencies and biases and are largely inaccurate when coming up with the true price of their personal data.
In research studies about the Privacy Paradox, for example, people have been willing to give up their entire browsing history for the equivalent of a Big Mac meal. In other studies, people have been willing to give away their personal password for the cost of chocolate bar. And, in everyday life, people are willing to give away their entire shopping history at a specific store in return for rewards, discounts and bonuses (usually in the form of a rewards card). From this perspective, it would appear that people place very little value on their privacy.
The Privacy Paradox in the era of Big Data
Complicating matters even further is the fact that the traditional Western approach to privacy regulation (in terms of laws and regulations) has always been based around the concept of physical space. Thus, people living in the European Union and North America have always feared the idea of governments “peering into their bedroom” and similar forms of privacy exploitation by corporations that violate physical space.
Think about the way that regulations and laws have been passed to protect people from getting unsolicited phone calls at certain times of the day and night, or about the way that the home is viewed as a sanctuary and refuge that corporations should respect. But that also implies that when people leave the privacy of their own home, they are suddenly in the public realm, and have much less expectation of personal privacy.