No free lunches – 2017-style

One of the first discussions to take off in the new BCS Voices area is around our smart-phone and app-enabled predilection to swap details about ourselves for ‘free’ services.

The conversation started by exploring user apathy - do people really care if their data is being somehow misused and, even if they do, might they still continue to turn a blind eye to possible abuses if the service they receive continues to grow and improve?

Is it an age thing? One commenter remarked: ‘I value my personal data far more than my kids do theirs, because I remember a time when I felt I was in control of it.’ He goes on to compare levels of comfort with different services, noting that he is happy to let Google ‘seemingly know everything about my life’ because ‘I believe I understand why Google wants this data.’

Is this comfort driven by perceived trust then? By skilful positioning of a brand? The same commenter notes being ‘less comfortable with companies like Facebook making the collection of our data behind interactivity.’ And, I would say, Facebook’s brand is seen as more... pushy.

And let’s just pursue one more age-related remark which certainly struck me as pertinent: ‘I would happily pay a subscription for the use of a good application, but payment is an alien concept to the young.’ Of course, that means money - but perhaps our children need to learn that payment can exacted in less obvious currencies.

Who are you sharing with?

A BCS Voices event run in South Wales explored the same subject.

It’s first point of agreement? Overall people were happier sharing data with GPs and government than with banks and retailers.

On the gloomier side, even as IT professionals those at the meeting felt that it was hard to have faith in data sharing - there’s so much spam and criminal agencies using the data, and the internet of things means the continuing roll out of many insecure devices.

That’s even taking into account that IT professionals understand the deeper workings of this data sharing - but people outside of the profession may have no idea that this is happening and perhaps need to be educated so they can make a conscious choice as to whether to opt in. An example was given of a father finding out his teenage daughter was pregnant before she told him - via a superstore’s targeted advertising.

Personal due diligence

BCS member Peter Stockdale drew attention to what you can learn from looking at your activity on, in this case, Google: ‘Understanding and seeing what services such as those offered by Google cost for my privacy was an eye opener. Visiting my activity, Google shows so much information they store about you and for you. As I have two android devices that amount of information is not insignificant.’

Whilst acknowledging that this, to date, has not caused any problems - barring the white noise of marketing - this by no means guarantees that things won’t change.

As he comments, ‘you could always read all the agreements for all the different web providers. You just need to find the time, about 76 working days each year.’

Mathivathanan Thangathurai pointed the discussion in the direction of the recent Google news that they have, according to some groups, ‘used a wealth of data to create “super profiles” that leverage information from sites that use Google Analytics and the DoubleClick ad network the company acquired in 2007, to track user activity across just about any platform.’ In other words tracking information beyond what appears to be a ‘reasonable level’.

The outlook

As Stephen Ironmonger, the first poster on this discussion thread, comments, in the near term the level of data held on us is only going to increase, along with the level of linking and aggregation.

What can we do? He asks.

‘Educate - to raise awareness, yes. But also, work to ensure that correct standards are in place and adhered to by organisations. When should an IT pro 'blow the whistle' on bad practise, and who to? Should BCS operate a whistle blowing service? Key standards in this area are those around data security - making sure data is accurate and up to date; transparency - that we can 'see' what is held against our ID; the right to have obsolete data removed; the right to have 'bad' data corrected. What rights should an individual have to ensure that their data is adequately protected? Should I be able to ask, say Google, what measures (and in what detail) they have in place to stop my data being used for purposes I have not approved of? How is GDPR going to change what we do? lots of questions, that only time will fully answer.’

Got views? Contribute to this, and many other conversations on the theme of making IT good for society.

About the blog

The Echoes blog showcases the best of the conversations on the BCS Voices debate platform.

See all posts by Echoes
November 2017

Search this blog