Share on facebook
Share on linkedin
Share on twitter
As part of an international campaign to lift the lid on data privacy violations, The Privacy Collective is asking some of Europe’s leading experts why online privacy matters.
Eoin Dubsky is a campaigner at SumOfUs, a global consumer watchdog based in the Netherlands. Here, he discusses the potential for public procurement to encourage best practice, the impact aligning executive pay with privacy could have, and the need for people to get involved with campaigns to fight for change.
Why does online privacy matter?
Online privacy, and privacy by design matters. Websites and internet services are surveillance machines by default. For the first few decades, the internet was a research and communication tool and researchers needed to be able to track what had happened. It was not created for everyone to be able to host their social lives on. But of course, how the internet is used has evolved substantially from that beginning.
Fighting for the right to online privacy is urgent. Left to their own devices, technology businesses will continue to gather vast amounts of data. That’s irrespective of their business models – most of these websites, even if they’re not trying to sell you anything, are not designed with privacy in mind. They gather and record information without the informed consent of the users. These pop ups that ask if you “like cookies” … that’s nonsense. That’s not a solution.
Can you tell me a bit about your campaigning work at SumOfUs, particularly where it relates to fighting back against global tech platforms?
We’re a global consumer watchdog trying to push back against the unaccountable power of multinational corporations in particular, but also on governments behaving badly or regulators who might be asleep at the wheel. The work we’ve done around social media platforms has really evolved since the Cambridge Analytica revelations a couple of years ago. We’re fighting to hold these corporations to account and encourage our regulators and lawmakers to take action against those corporations. These algorithms and business models are weaponised by bad actors – we see some of it in the media, but companies like Cambridge Analytica are really the tip of the iceberg.
Recently SumOfUs has launched a campaign to push social media platforms to address algorithm deficiencies that encourage disinformation – we’re fighting for the likes of Google, Twitter, Facebook and YouTube to stop pushing users towards extreme content that’s filled with hate speech and lies. And our campaign to ensure Apple respects freedom of information and expression as human rights, particularly amid its expansion into China, continues.
How are these platforms used to spread disinformation and what role does users’ data play in that process?
Controversial ideas have always existed in society, but we now have these businesses who have built sort of rage machines – algorithms that are optimised for engagement and controversy, and therefore susceptible to disinformation. One of the things that people are really worried about at the moment is the anti vaxxer movement, particularly because it looks like there might be a workable Covid-19 vaccine available next year. There’s some research that’s been done, which found anti vaxxer pages and advertising accounts generate $1billion a year for social media firms. If you have that kind of very shareable, sticky content that’s frightening to people, they’re going to read it. And the more people that do that, the more that generates value for these platforms.
It turns out Facebook is a more effective recruiter for the far right, than the far right is itself. It and other Facebook products like WhatsApp have been found to be used in genocide in countries like Myanmar. It’s absolutely monstrous. And the company has done so little in response, as has the governments where these companies operate. We’re talking about gross human right violations and potentially the destabilising of democracies. I think politicians haven’t done nearly enough.
Around the recent US and British elections, we did see some platforms take action to try to limit the spread of disinformation and hate speech. Were you positive about those measures? Are technology companies taking enough responsibility for their role in this?
They have dragged their heels and resisted, but yes they did finally come out with some half measures in an attempt to regulate themselves. But how good is that really? I don’t think it’s good enough. Perhaps tech executives would take more responsibility for these issues if their compensation was linked to the company’s online safety record. Coupling pay with safety metrics has long been the norm in many businesses in the energy and manufacturing sectors, for example. But even that wouldn’t be enough.
Every couple of years tech executives are forced to explain themselves to the US congress and it’s a bit embarrassing and produces a lot of memes online. But I haven’t seen many laws come out of those. They’re not accountability moments, they’re circus moments. They’re not making the internet or its users any safer. Companies won’t change unless they’re forced to change.
It turns out Facebook is a more effective recruiter for the far right, than the far right is itself. It and other Facebook products like WhatsApp have been found to be used in genocide in countries like Myanmar. It’s absolutely monstrous.
What more needs to be done? And do you think Europe in particular has the appetite to take those necessary steps?
I’m excited about the Human-Centric Digital Manifesto for Europe, written by an umbrella group of European civil rights, privacy and digital rights groups. I made a small contribution to the section on public procurement, which I think has great potential to leverage change. In the UK, SumOfUs worked with Transport for London through a group called Electronics Watch to bake human rights accountability into their contracts with their providers. This isn’t a nice to have, but a requirement. They’re a massive buyer – they spend around £1billion per annum on electronics, everything from electronics inside a bus or on the tube, to their staff having laptops and phones.
So I think there is a role for lawmakers to make regulation around this, and those laws have to be enforced. But I also think public sector procurement is a great way to reward those businesses who are trying to do it right, who are embedding privacy by design. We’ve seen it with green procurement here in the Netherlands for example, where companies who minimise carbon emissions and can demonstrate their project has a lower environmental cost benefit in the bidding process. That’s how you inspire change by creating competition on those terms (rather than just the lowest price).
But whenever legislators get too enthusiastic about tackling big technology companies, one always has to make sure they’re not using this as a pretext to censor free speech. That does happen, so we need to stay vigilant on that as well.
What can people do to educate themselves and protect their online data today?
I use a browser extension called uBlock Origin, which is good if you want to manage your own privacy. And there are lots of websites with tips and tricks, as well as The Privacy Collective’s lawsuit, which people can support or share. Even just sharing information is really worthwhile. There’s lobbying going on over here, there’s people engaged in civil litigation over there, and there are other people educating themselves … if that can all happen in more of a coordinated fashion, with that information shared, I think they’ll be more effective.
The EU did really try to come up with good privacy laws, but they’re often manipulated by lobbyists and it all becomes really complicated. If you are in Europe or have an interest in Europe coming up with good laws (because quite often that has a spillover effect elsewhere in the world as GDPR has for example), then I’d encourage you to engage in those public consultation processes. Facebook and Google are quite happy to have their say, so we all need to get as involved as we can.
Your data should not be for sale. We’re taking Oracle and Salesforce to court for illegally selling millions of peoples data and we need your help! If you believe that tech giants should be held accountable for their use of people’s data please support our claim here. We’re fighting for change, because your privacy matters.