Two key scholars, Zuboff and Hartzog, in updated analyses, say individual control is not capable of fixing Big Tech privacy abuses without governance

Two key scholars are out with updated analyses of surveillance capitalism and the significance of “privacy.” Taken together, they see individual privacy choice as no match for Big Tech data abuses absent harms-focused regulation and governance.

First, there’s an essay by Shoshana Zuboff, whose 2019 book The Age of Surveillance Capitalism: The Fight for a Human Future at the New Frontier of Power is a foundation of concerns about Big Tech and Big Data. It takes up a whole page of the New York Times’ Sunday opinion section on Nov. 14.  It’s worth a read in its entirety. 

• OPINION: “You are the Object of a Secret [Data] Extraction Operation” | Shoshana Zuboff, HBS via NYTimes.com

“The Internet as a self-regulating market has been revealed as a failed experiment,” she declares, adding later: “Mr. [Mark] Zuckerberg ‘just went for it’ because there were no laws to stop him from joining Google in the wholesale destruction of privacy.” For two decades, she writes, lawmakers “have allowed private capital to rule our information spaces during two decades of spectacular growth, with no laws to stop it.” The answer, she says, lies in “regulating extraction” of data to upend Big Tech’s business model, because, she says, “The corporation that is Facebook may changes its name or its leaders, but it will not voluntarily change its economics.”

• LOOK BACK: Harvard’s Zuboff says big opportunity exists for collaborative alliance of companies to counter Google and Facebook on privacy | Bill Densmore, InfoTrust.org

Meanwhile, Woodrow Hartzog, the noted privacy-law expert, is author of a groundbreaking essay in the November issue of the University of Chicago Law Review. It’s entitled: “What is Privacy? That’s the Wrong Question.”  Hartzog is a professor of law and computer science at Northeastern. Most of his essay extensively analyzes — and applauds — the work of another privacy legal scholar, Daniel J. Solove of George Washington University’s law school.

(See QUOTE OF THE WEEK, below, for excerpt of Hartzog’s essay) 

Attributing logic and some words to Solove, and applying his own substantial scholarship and authorship on the topic, Hartzog says it is not necessary to come up with a one-size-fits-all definition of “privacy” in the digital world.  Rather, he says what’s need is analysis by lawmakers of the many ways information technology — by rather opaquely collecting and analyzing vast troves of consumer behavior — is affecting our personal and collective lives and governance.  

“These tools power systems that make decisions about people’s personal lives,” writes Hartzog.  He adds later: “Instead of squabbling over the binary boundaries of privacy,  people who understand privacy as more of a vague umbrella term  can leave the line-drawing question for another day and get to  work identifying problems created by specific conduct, articulating the values implicated by those problems, and crafting solutions to the problems that serve those values.”

Transparency, consent and control solutions aimed at accountability “won’t be enough to get us out of this mess,” Hartzog concludes, in part because the data ecosystem is too complicated for individual consumers to be able to comprehend how to exercise control over their data even if they had it. 

Solove’s work helps scholars and lawmakers tackle (1) how capitalistic incentives cause companies to leverage information in harmful ways (2) how the design of information technologies matters as much as data practices and (3) how marginalized populations are affect first and hardest by privacy abuses. 

PERSONAL PRIVACY

• Privacy as code: A new taxonomy for privacy by design | KatharinaKoerner, IAPP Privacy Tech blog
• Decentralization may be key to protecting our digital identities | Debra J. Farber, VentureBeat.com
• Norwegian leaders urge ban on surveillance-based advertising | Bjørn Erik Thon, Inger Lise Blyverket and John Peder Egenæs, Euractiv.com
• Digital driver’s licenses: Are they secure enough for us to trust? | Veronica Combs, TechRepublic.com

WASHINGTON BEAT 

• “Filter Bubble Transparency Act” would require platforms to offer opt-out from personalized content | Wendy Davis, DigitalNewsDaily/MediaPost.com | RELATED STORY
• Report: U.S. Treasury buying private app data to target and investigate people | Sam Biddle, TheIntercept.com
• Lindsay Graham vows to block FTC appointment of privacy advocate Gigi Sohn | Jon Brodkin, ArsTechnica.com
• Contract lawyers face a growing invasion of surveillance programs that monitor their work | Drew Harwell, WashingtonPost.com
• INTERVIEW: How to Build a Slingshot to Take on Big Tech Goliaths | Justin Hendrix with Ifeoma Ozoma, TechPolicy.press
• Interactive Advertising Bureau loses its key DC lobbyist; replacement planned | Allison Schiff, AdExchanger.com
• How Lina Khan’s FTC Does Business – What We’ve Learned So Far | Jessica Rich, elleyDryle law firm | RELATED STORY
• ‘Dark patterns’: Regulators eye tech tricks that hurt consumers | David Ingram, NBCNews.com

STATEHOUSE BEAT 

• Is ad industry headed for clash with California over Global Privacy Control? | Wendy Davis, PolicyBlog/MediaPost.com | EARLIER STORY | COMMENTS SOUGHT | RELATED REPORT
• Colorado new privacy law is first to apply to non profit organizations | GoldenDataLaw.Medium.com
• Consumer Data Privacy Legislation Pending in Six U.S. States | Dom Nicastro, CMSWire.com
• Recap of Virginia Consumer Data Protection Work Group | Seth Azubuike, IAPP Privacy Advisor

W3C study group offers examples of sharing data — when should it be “sanctioned” or “unsanctioned”?

A small group of technologists is continuing to work on ideas which could lead to industry standards for the sharing of user data with a goal to “prevent untransparent, uncontrollable tracking of users across the web.” The Federated Identity Community Group is meeting under World Wide Web Consortium (W3C) rules. 

At issue is how web-browser software determines when to allow the sharing of user behavior among multiple websites — and whether browsers should even exercise such control. Key questions in meetings so far: Should corporate-affiliated websites be allowed to share data, while other more loosely affiliated sites cannot? For what purchase should data be shared? For how long? 

Twelve companies were among those represented on a Nov. 12 virtual meeting, public minutes show, including Google, dstillery, Salesforce, Adobe, Auth0/Okta, Yahoo Inc., Microsoft, DAASI International, W2O2, PIng and Yubico.  Their representatives are writing and discussing examples of how they share data now, or may, with the goal of deciding what should be “sanctioned” and what is “unsanctioned” and potentially blocked by browser software. 

Included is  prescription from Yahoo Inc., for the presumptive operation of “Federated Single Sign On” that would string together user data from across hundreds of millions of users of sites like TechCrunch, AOL and Yahoo, among others. And a Microsoft “story” explains how a user’s home based identity provider can control log ins and log outs at remote sites. 

PLATFORMS AND PRIVACY 

• Facebook To Limit Ad Targeting For Health, Race, Ethnicity, Other Attributes | Laurie Sullivan, DigitalNewsDaily/MediaPost.com | RELATED STORY 
• Why Facebook won’t let you control your own news feed | Will Oremus, WashingtonPost.com
• OPINION: AMP, FLoC seen as damaging Google’s relationship with publishers | Sarah Gooding, WPTavern.com
• Data privacy’s winners and losers: How Robinhood, Apple, Netflix, and others stack up | Daniel Barber, Fortune.com

AD TECH AND PRIVACY 

• AUDIO: McFirst-Party Data — branding as next step | Sarah Sluis, AdExchanger.com
• VENDOR VIEW: Building a privacy-first infrastructure for digital advertising | Joe Root, Permutive via DigitalContentNext.org
• Marketers Focus on Buyer Intent Data as Privacy Undermines Targeting | Joseph Zappa, StreetFightMag.com
• VENDOR VIEW: Google Can Save “FLoC2” By Working With The IAB | John Sabella, Pubmatic via AdExchanger.com
• Apple Quietly Buying Ads Via Google For High-Value Subscription Apps To Capture App Publisher Revenue | John Koetier, Forbes.com
• Vizio’s profit on ads, subscriptions, and data is double the money it makes selling TVs | Richard Lawler, TheVerge.com
• RESEARCH: German vendor ZeoTap sees fast adoption of “first-party” data | BusinessInsider (India) | ZEOTAP REPORT

Twitter unveils ad-free pages and revenue for publishers

• Twitter Blue launches in the US and New Zealand with subscription-support ad-free pages | Sarah Perez, TechCrunch.com | LAUNCH TWEET | RELATED STORY
• Twitter’s big subscription experiment: Worth paying for? | Nick Statt, Protcol.com
   

REPORT: Lotame’s “Beyond Cookies” survey says publishers are motivated by data privacy to find alternatives 

One of the premier U.S. data-tech companies, Loatame Interactive, says it surveyed 200 decision makers for a “Beyond the Cookie” report as it seeks to promote it’s own solution for tracking users across sites called “Panorama ID.” 

• VENDOR STUDY: Nearly Half of U.S. Publishers Say Revenue Loss from Cookie Deprecation Could Lead to Reduced Workforce | Lotame “Beyond the Cookie” report

Two of the report’s findings are particularly noteworthy: 

• While marketers say their primary reason for adopting new identity solutions is to support audience targeting (52%), for publishers, the central reason is data privacy (59%). 
• Email-based identity solutions (63%) were the most popular choice when asked what types of ID solutions marketers and publishers were planning to test in the next six months to one year. Contextual (49%) was in second place, followed by cohorts (30%) and probabilistic (29%). 

PRIVACY BUSINESS

• Do You.com, DuckDuckGo and Brave show privacy business booming? | Ina Fried & Sara Fischer, Axios.com
• Tim Berners-Lee Wants to Put Online Privacy on a Solid Foundation | Rob Pegoraro, PCMag.com
• GDPR Compliance: What Marketers Can Expect in 2022 | Dom Nicastro, CMSWire.com
• Will People Pay For A Search Engine? Subscription Biz Vet Steven Shure Thinks So | Steven Sure, Neeva, via AdExchanger.com

MEDIA POLICY

• A family run Iowa newspaper gets the PBS spotlight on Monday | Kristen Hare, Poynter.org
• American Journalism Project increases local journalism grant focus | TheAJP.org
• MacArthur Foundation’s John Palfrey on “Defining our Values” | MacFound.org
• PEN America warns local news imperiled; supports tax credit | Nadine Farid Johnson, via TheHill.com

EU & UK PRIVACY 

• Google loses appeal of $2.8 BILLION EU fine over privacy of shopping searches | Kelvin Chan, Associated Press | RELATED STORY
• Vestager’s tough legacy on Big Tech strengthened by her Google Shopping victory | Nicholas Hirst & Lewis Crofts, mLex/LexisNexis
• Google wins appeal to block UK class action-style suit seeking damages for Safari tracking | Natasha Lomas, TechCrunch.com | RELATED STORY

GLOBAL PRIVACY 

• Israel government pushes forward privacy law amendments | IAPP Daily Dashboard
• Israel escalates surveillance of Palestinians with facial recognition program in West Bank | Elizabeth Dwoskin, WashingtonPost.com
• Ignore China’s New Data Privacy Law at Your Peril | Matt Burgess, Wired.com
• Aussies lose faith in governments and social media to properly protect their private data | Helena Burke, News.com.au
• Australian local government to ban police using facial recognition tech | Justin Hendry, ITNews.com.AU

UPCOMING EVENTS

• ONLINE MEETING: California Privacy Protection Board | Nov. 15, 9 a.m. PDT 
• WEBINAR: Public Policy and Legal Summit | Nov. 16, Interactive Advertising Bureau
• WEBINAR: Understanding Digital Data Flows: Beyond the Basics of Online Advertising | Nov. 30, Future of Privacy Forum
• WEBINAR: Understanding Information Governance, Data Privacy, and Data Breach Exposure | Dec. 1, HaystackID.com (vendor)
• LIST: Omidyar Good ID project lists upcoming identity gatherings