A Practical Model for Real Privacy Protection

man looking at Google

In their recent paper, “Databuse and a Trusteeship Model of Consumer Protection in the Big Data Era”, Benjamin Wittes and Wells Bennett argue we need to reconceptualize privacy. Privacy has morphed into a notion that could describe a range of beliefs but captures none of the potential harms. Consumers care about privacy, “in proportion to whether it is used for our benefit or to our detriment and critically, how seriously to our detriment.” The authors invoke the concept of databuse. Databuse is a negative right that invokes companies to safeguard consumers from undesired harms that might result from the sharing of data.

The Trusteeship Approach

Wittes and Bennett argue for a trusteeship model where companies have the responsibly to serve as good stewards of the data that consumers entrust to them. Companies also have a lot to gain in this new paradigm. Establishing themselves as protectors of data fosters consumer confidence, which is a valuable asset for any company.

  • The authors identify several attributes of a good data trustee:
  • Safely store private data
  • Never use data in a way that injures consumers
  • Disclose uses of data in an open and clear manner
  • Give users control over how their data is shared and used, to the greatest degree possible
  • Keep promises to consumers about data

Three Categories of Corporate Data Usage

Wittes and Bennett imagine three broad ways to categorize how companies use data. The categories are based on the premise that consumers face different benefits and harms depending on the actions of companies. They provide a strong model to understand how to best protect “privacy”.

Category One: Aligned Interests

Category one encompasses uses of data where the interests of the consumer and the company are aligned. The company provides a service where the consumer actually wants the company to make use of its data or desires a product that couldn’t exist without their data; for example, credit card companies searching through purchasing records to help detect fraudulent activity.

Category Two: Data for Service

This includes activities that benefit a company but neither hurts nor benefits the consumer. The most popular example is personalized advertisements. Ads generate revenue for the business and are relatively inconsequential for consumers.

Category Three: Databuse

Databuse occurs when a company actively harms the interests of the consumer through its use of data. In this case, a company breaks an explicit agreement with a consumer or when it doesn’t take reasonable steps to protect data.

Protecting privacy is difficult to achieve because it can have different definitions for different people. One person may comfortably tweet out personal details of their life while another would gasp at having their search results archived. Many people have data anxiety or a fear about the potential unwanted sharing of data. These complexities create challenges for policymakers who want to address the range of expectations that consumers have about privacy. The trustee approach overcomes these barriers by establishing specific protections that are easier to enforce.

Read the full paper from Benjamin Wittes and Wells Bennett.