It’s 2018, Do You Know Where Your Personal Data Is?
“The political relevance of Privacy Rights is not exclusive to one country or one continent. These rights are essential for combating violent forms of control practiced by States everywhere, which aim only to benefit a hegemony rather than the people as a whole. Europe and the Americas are connected in ways that transcend the virtual world, but these connections have undeniably been exacerbated in this ever-changing technological landscape.”
The concept of privacy, in relation to personal data, is paramount for the fight against fascism (in the literal sense). In Europe, where fascism was born and bred, authorities misusing personal information is a lurking threat. Just because there has been a historical struggle to eradicate this type of violent rule, it doesn’t mean combating fascist tendencies is a thing of the past. Technology evolves at alarming rates, and reaches far across the globe. Keeping up with the world-wide political implications of these changes is essential to ensure history does not repeat itself.
Some of these changes involve how personal data is processed and stored. We have become increasingly dependent on social media platforms; the internet has expanded into a complex network of institutions and companies; and data is being stored exponentially more on “the cloud” rather than on individual hardware. These innovations have provided us with new types of connections, but they also provided new vulnerability gaps on personal and political realms. These gaps can seriously undermine basic human rights, and there are serious doubts regarding whether the legal framework that is being put in place can be effective in safeguarding these rights.
An analysis of one of the shortcomings of the current legal framework that aims to ensure user’s basic rights (the inconsistency with which we establish accountability) will be presented tomorrow, October 5th, by René Mahieu at the Amsterdam Privacy Conference 2018. In the current networked online landscape, tracking down who has your data is a matryoshka doll of labyrinths, where arriving somewhere only means finding new sets of potential controllers. In his most recent working paper, Mahieu (et. al.) argues that in this context the law is unclear in assigning legal responsibilities to companies and institutions.
“We are currently witnessing what Zuboff calls the rise of “Surveillance Capitalism”. It is characterized by a new form of extreme concentration of power by those who control the platforms and the data. If we do not force this concentrated power under the control of new forms of checks and balances, it will be detrimental to democracy and individual autonomy.” (Rene Mahieu)
According to Mahieu (et. al.), attempts to make this type of law enforcement more effective by the Data Protection Authorities, the courts and even the introduction of a new law in Europe have fallen short in doing so. Nevertheless, the European legal system became the main reference for law-making in Latin America. Brazil has just adopted a virtually copied-and-pasted version of the GDPR (General Data Protection Regulation) as data usage accountability efforts. As one of the world’s biggest democracies, as well as the “most influential” South American country, we are yet to see if this new General Data Protection Law (LGPD) will be used to repair some glitches in this so-called “flawed democracy”.
The LGPD was approved in August 2018, and immediately confronts us with the following question: will it be used to protect personal and political freedoms of the Brazilian population, or was it approved precisely because it may not? If this new privacy protection law is an attempt to balance out the completely unbalanced way in which law enforcement operates, it is happening so slowly that by the time it can be used to help the people who need it the most, they would have already served their sentence and we would have a whole new set of problems (technologies and mechanisms) to deal with.
The law won’t come into effect before 2020, while 23 political prisoners of Brazil need protection now. They were convicted based on personal data collected online and by phone wires, which paint a distorted picture of criminal plans that were never realized (an investigation lead by the Precinct for Repression of Informatics Crimes).
This concern over using people’s personal data to monitor, intimidate, imprison, or even kill marginalized peoples is widespread in Europe. The conference where Mahieu presented his research hosted a vast majority of Privacy Rights related works, but it was strangely financed by the very companies most likely to evade people’s privacy and misuse personal data. For instance, Google, a large umbrella cellphone company, and even a data collection agency for the military were involved in the realization of this event, which provoked resistance from a hand full of scholars.
Scholars members of the groups DATACTIVE and Data Justice Lab published an open letter one month before the conference stressing that, “in the context of what has been described as the increased neoliberalization of higher education”, transparency with regards to corporate funding and “a clear set of principles for sponsorship” is of the utmost importance. Without it, participants and organizers of this academic field would inevitably play a role in efforts to “neutralize or undermine human rights concerns”.
There were several problematic sponsors, but the one that stood out in their protest was Palantir, a data analysis company from the United States affiliated with the military and inhumane border control initiatives:
“[P]roviding Palantir with a platform, as a sponsor of a prominent academic conference on privacy, significantly undermines efforts to resist the deployment of military-grade surveillance against migrants and marginalized communities already affected by abusive policing.” (Why we won’t be at APC 2018)
The political relevance of Privacy Rights is not exclusive to one country or one continent. These rights are essential for combating violent forms of control practiced by State-Capitalism everywhere, which aim only to benefit a hegemony rather than the people as a whole. Europe and the Americas are connected in ways that transcend the virtual world, but these connections have undeniably been exacerbated in this ever-changing technological landscape.
Just so you don’t finish this article in complete despair, there are a few things we can do to remedy the situation; if not a cure, at least damage control. There is value in demanding your right to access information about where your personal data is, who it is being shared with, and what this data consists of (e.g. address, name, birthday, etc). Denouncing the institutions that refuse or evade the request may shift the power imbalance between individual citizens and organizations in favor of the citizen. Perhaps our biggest asset in capitalist society is our demand as consumers, and consequentially our motivation to not wanna be fined alongside potential business partners. In short: do your best to keep track of where your personal data is, and don’t do business with shady companies.
And of course: #NotHim
is co-editor of Gods&Radicals, and writes about decoloniality and anti-capitalism.