The evolution in understanding privacy and personal data
Visitors to major cities will become familiar with colour coding of the various means of transportation: for example, yellow cabs in New York; black cabs in London. Supplanting these colourful vehicles are alternatives to the regulated taxi industry, such as Uber or Lyft. The present contribution focuses on the developing understanding of privacy, including personal data. There has been a casualness with which notions of privacy have been dismissed. While the workplace has been a contentious locale for this consideration, considering the topic in a broader sense is necessary.
In choosing a rideshare or taxi cab, factors include the difference in convenience and cost. A further element to think about is data protection. In downloading and signing up to a rideshare application, the ‘consumer’ permits the entity operating the application to access personal data about her. What does this mean?
Consider someone using a device to track your travels each day; noting each place you visit. In workplace monitoring litigation, the dividing line has been whether or not the individual knows beforehand about the surveillance. When a Spanish supermarket looking to cut down on employee theft used hidden cameras, the European Court of Human Rights found this to be a violation of workers’ privacy; calling covert video surveillance of employees a ‘considerable intrusion’.Data collection may be deemed acceptable because there was consent (by downloading the application and accepting terms) stands out as problematic. But, to what was consent being given? The primary aim of consent would be to use the service; with acceptance of the terms being necessary to effect this end. However, in addition to patronage of and payment for the service, there is an additional ‘cost’ of disclosing personal information.
As a society, we have not had occasion until recently to consider in a more concerted manner personal data and its value. The four-letter acronym, GDPR, has given recent reason to reflect on privacy and personal data. It is worth recalling that privacy has been debated for some time. In December 1890 Samuel Warren and Louis Brandeis published ‘The Right to Privacy’ in the Harvard Law Review. As well, the European Union has (for some time) held an expansive definition of personal data as ‘any information relating to an identified or identifiable individual’.
And yet, recognising data collection as a daily activity remains an evolving consideration. Thinking about the collection of personal data, and therefore more detailed considerations of privacy, has been forced upon us as a result of innovations. Data had been collected long before computer technologies. Returning to the taxi example, a taxi driver could collect information on the passengers in her cab. What has evolved more recently is the value in processing this information: 1) mass data can be collected about a significant number of people; 2) it can be easily disseminated; and 3) this information can be analysed to meet a variety of information retrieval goals. Profit-seeking undertakings can emerge from these new capabilities. We have become aware of the profound importance of data and its uses, within a slowly-developing idea of privacy.
What we have is the overlap of commerce and individual rights. In the workplace, while there is a reasonable expectation of privacy, this is a ‘significant though not necessarily a conclusive matter.’With applications on our phones (such as rideshare apps), there should be a question as to what information is being collected and how is it being processed. The issue to reflect upon is whether some form of continuous surveillance should be permissible.
While not all surveillance may necessitate legal action, each individual should reflect upon the extent to which they are monitored and factor this into consumer or other decisions.
_____________________________
To make sure you do not miss out on regular updates from the Kluwer Regulating for Globalization Blog, please subscribe here.