The holy trinity: Privacy, Data Protection and Identity

It would definitely be a fallacy to consider ourselves as private entities in this 21st century. For
the simple fact of life as it stands: object we carry let us know the world about us and vice
versa. On a similar strand it is the internet where knowledge has become transparent. When
we look out of the window of the internet, the internet too looks back in. Interestingly, human
beings have always held an innate desire for privacy. The early men or the cave men as we
know it, who drew the intricate and exquisite images of animals in cave did so in deep and dark
surroundings. Their art was meant for the select few and they often signed their paintings by
blowing pigment over their hand to leave their mark-a sign of an early form of biometric.
Naturally, humans have exhibited an instinctive desire for privacy.

Notwithstanding, privacy as a theoretical construct already had its designs in the ancient
societies. A major rationale behind Adam and Eve’s decision to cover their body with leaves was
to cover their private parts. This idea of privacy traditionally comes from the difference
between the ‘private and the ‘public’. It was Aristotle who in his critique of Plato differentiated
the public sphere of political activity and private sphere associated with family and domestic
life. Besides the philosophical discussion, however, privacy as a normative concept is deeply
rooted in legal, sociological, political and economic traditions.

It’s the focus on normative concepts related to informational privacy, laid out against the
broader framework of laws and regulations relation to information privacy and data protection
that demand our attention. While privacy as a concept hasn’t changed since Homo Sapiens
came into existence the introduction of the digital age has nonetheless introduced layers of
complexity, that we as digital citizens need to unravel and understand. An early precursor to
information privacy law was the much celebrated 1890 essay by Warren and Brandeis titled
“The Right to Privacy”. In this essay the duo voiced concerns about the confluence of
instantaneous photography (technological development) and widespread newspaper
circulation that increasingly enabled journalists to intrude into private affairs. They
characterized privacy as the “right to be left alone” as an essential component of the “right to
one’s personality” and through this invoked the European philosophical and legal doctrine in
their articulation of the right of an individual to develop his or her personality free from
unwanted publicity.

So the above instance establishes that it is technology which has been the major driver. In days
when internet was at its infancy, data protection was embryonic and the concept of privacy as a
human right was little more than a chimera. But today in this proliferation of technology, where
information Big Bang is constantly multiplying, privacy feels like a lost cause. This data
explosion has put privacy and security in the spotlight with Snowden, Equifax and Cambridge
Analytica proving to be three conspicuous reasons to take action.
Thereafter the basic perspective on privacy in the digital world is the idea that the appropriate
reaction to the massive pooling of data, is to enhance the individual access of data and
consequent ownership of it. This in turn necessitated the need for a comprehensive regime on
data protection that would seek to control the collection, storage and use of personal data.

Data is the new soil

The widely quoted phrase “Data is the new oil”, starts sounding oxymoronic when we start
comparing the basics of data and oil or other existing commodities. Though they might have the
same end result in driving growth and generating wealth, data is not like anything else we have
encountered or created till now. Unlike traditional goods, Its multiple hues make it interesting.
On one hand it has the un rivalled nature of public good, i.e. use by some does not limit the use
by others, on the other hand, it has the excludable nature of a private good, i.e. the value
generated by data can be excluded from many. I would rather say, “Data is the soil” as it can
provide a fertile ground of value creation, can belong to anyone, yet can be controlled or
processed by anyone else.

Data is the new coin

Data in a platform economy, is generated by individuals who exchange data in return of access
to services, many of which are free to use. So the much used phrase in context of privacy
“When you are not paying for the product, you are the product” is in fact not entirely true. You
are actually paying for the product and you are paying through a completely new and different
currency i.e. your data. This data which is generated by personal social and business activities is
not that valuable in isolation than when it combines with data of millions others and can be
analysed, processed to generate value. Data can take many forms. It can be a raw material,
capital property or even infrastructure.

The ownership conundrum

Concept of ownership has been a critical ingredient in the formation and development of
societies. Different cultures, nations have treated the concept of ownership differently. So
much so that the treatment of ownership has become the basis of political philosophies like
socialism and capitalism. Adam Smith in The Theory of Moral Sentiments stated that one of the
sacred laws of justice was to guard a person's property and possessions. Not only persons,
multi-dimensional ownership of natural resources, forex exchange, intellectual property etc.
ensured all nations had different trajectories of growth, or the lack of it. Just when the world
thought it has sorted most ownership battles, swords started to be drawn over the ownership
of a new property ‘Data.’
Who should own the data? The platform which facilitated the aggregation of data, the
individual who is the source of data or the state under whose geography this transaction takes
place. Who should capture the value out of data? Whether it should be private property or
common property? The decision, when it comes to data is not linear. A system of differentiated
control, access and rights over data putting at centre the principles of privacy, public good
becomes the most logical approach.

The way ahead

A robust data privacy protection framework alone will be necessary but not sufficient to ensure
balance between identity, privacy and value creation out of data. The seduction of these
consumer products often make us oversee the possibility that such could be accrued without a
compromise on our privacy. Maybe individuals should become more cognisant of the
ramifications of BigTech and must not trade with their personal data so easily.

Authors

Ms. Sreeja Kundu:

She is a journalist based in New Delhi and has interest in tech policy.

Mr. Pratyush Prabhakar:

He works at the intersection of public policy, communication and technology. He is based in

New Delhi.