Weakening privacy will fuel online harms

Government is asking a big question: how do we regulate the tech industry? Unfortunately, its policies are facing in several directions at once, and risk undermining each other.

Tech and data industries are increasingly monopolistic. The symptoms are felt as ‘online harms’; abuse of market position; or exploitation of personal data to make unfair decisions. 

Government policy can be driven towards ‘greater innovation’, and play down the possibilities of abuse that comes with a data free-for-all as proposed by the GDPR consultation. However, the result will be that its policies to deal with ‘online harms’ become less likely to work. 

Indeed, Facebook recent decision to roll back changes in their algorithm that prioritised authoritative news over engagement shows the thread between data-extractive business practices and clickbaits or sensationalism. If you remove barriers to data extractions by taking agency away from individuals, you reinforce the root causes of online harms.

Likewise, the Competition and Markets Authority is looking at digital markets, and asking questions about how it increases competition. This is a great idea: within the ‘online harms’ debate many people have pointed to the ‘attention market’ as driving the kinds of shocking, prurient or vile content that the OSB would seek to minimise.

However, if choice works in the market, then we can use services we like and trust, and behaviour improves. While we are stuck with Facebook we’re stuck with their platform’s deficiencies. If we can talk to our Facebook friends from another platform, we get choice and markets can correct matter.

That is after all how email and mobile phones work. They are ‘interoperable’ so we choose providers on user experience, cost and privacy. With social media, however, we are stuck with a series of walled gardens.

Opening up ‘interoperability’ means that personal data will flow between different platforms, as we choose. Thus, it too, depends on very solid data protection rules to work: for instance, among the factors that determined the success of Open Banking in the UK there was the security of the APIs being used to share data among different services, which “had an impressive security record, with no mass data breaches occurring since its rollout¹”. Otherwise, the result will be that shark-infested waters keep people back inside the dodgy, but known quantities, of the current platforms.

This matters even more looking at insurance, energy and other sectors, where interoperability and data sharing can drive prices and innovative market offerings, but is insanely dangerous with the kind of data protection regulation the Government is seeking – with weak enforcement, catchall clauses for data abuse and extra bureacracy for customers seeking redress.

Regulating the tech industry depends on content regulation, data protection and competition. We can all agree that the Online Safety Bill is aimed at the edges of problematic content, even if we think it will intrude further. The real answers to tech power are in the way we control personal data exploitation and through enabling the market to drive standards in the right direction.

Thus proponents of the Online Safety approach should be extremely worried by the current data protection consultation, which jeopardises the entire available strategy to rein in the tech giants.

1 Bowman, ‘Why Data Interoperability Is Harder than It Looks: The Open Banking Experience’, 5.