2018 has been a year of revelations in regards to how tech giants, governments and businesses have been collecting, using and misusing our personal data - but there are early signs that the lessons of data privacy have been learned.
You would be forgiven for having lost count of the number of high-profile data breaches, leaks and hacks that were revealed this year, with a list that includes Google, British Airways, The Marriott, Reddit and Under Armour. Yet these breaches represent just the very tip of the iceberg - with upwards of 3,600 breaches reported in the first nine months of 2018 alone, affecting 3.6 billion records.
With such an astonishing amount of data compromised, it’s clear that companies have been woefully unprepared when it comes to protecting our data. And under normal circumstances, you would be right to assume that these neglectful cybersecurity practices claim the top spot in the list of the year’s biggest data privacy blunders - but the reality is much more sinister.
In March, it was revealed that political consulting firm Cambridge Analytica had harvested the data of no less than 87 million Facebook users, without their knowledge or consent. This data was then sold to a number of political organisations (including the Donald Trump election and Vote Leave Brexit campaigns) in order to influence voter behaviour, potentially swinging the votes in their favour.
Zuckerberg’s admission of a “breach of trust” between the social network and its users led to $35bn drop in share price within a matter of days. And it’s worth noting that it didn’t end there for the tech giant. In September, the company was hit with a huge security breach that compromised the data of 50 million users - and the fallout from the Cambridge Analytica data scandal continues to radiate today. Just this week, new files revealed that Facebook had allowed its partners access to user data, enabling Netflix and Spotify to read users’ private messages and granting other companies the ability to obtain intrusive data insights.
It would be naive to assume that this problem starts and ends with Facebook. In the words of one Guardian writer: “Uber, Amazon, Facebook, eBay, Tinder, Apple, Lyft, Foursquare, Airbnb, Spotify, Instagram, Twitter, Angry Birds - if you zoom out and look at the bigger picture, you can see that, taken together, these companies have turned our computers and phones into bugs that are plugged in to a vast corporate-owned surveillance network.”
Yet despite the doom and gloom rhetoric that has dominated the media’s coverage of the data privacy sector in 2018, there is one very clear positive to draw from the situation that we’ve found ourselves in. Crucially, people are beginning to wake up to the fact that companies are misusing their data: and they don’t like it.
The implementation of Europe’s General Data Protection Regulation (GDPR) in May this year could not have come at a more pivotal time for driving consumer awareness of data privacy. The legislation outlines a set of data protection rules designed to protect the data rights of all EU citizens, with severe fines for organisations in breach of the regulation.
Six months down the line, while we are yet to see any fines sanctioned, the GDPR has been credited with having a significant positive effect on public opinion of data rights, privacy and ownership - with 58% of consumers taking more care when sharing personal information online. Some have even gone as far as saying that the regulation has "transformed the Internet".
With consumer awareness at an all-time high, businesses now have no choice but to invest significant time and resources into improving their cybersecurity and GDPR-compliance measures. But it doesn’t stop there. Smarter businesses have quickly recognised the opportunity that this cultural shift represents.
At worst, going beyond the call of duty in regards to data privacy is now becoming a fashionable way to stand out from the competition; at best, companies are now looking to implement ethical data privacy practises because it’s the right thing to do. Regardless of the motive, the result is the same: data privacy is on the up and the sky’s the limit.
Evidence for this effect is popping up all over the place - and is particularly notable in some of the world’s pioneering and developing smart cities. For example, the city of Barcelona - and its CTO and security-advocate Francesca Bria - recently launched a pilot program requiring transit companies (e.g. bike-sharing firms) to share their data on an open portal. The pilot aims to grant citizens control over who their data is shared with and how that data is used. Moving into 2019, we fully expect to see many more of these initiatives emerging in smart cities worldwide.
We can also expect to see more data privacy advocate and advisory groups calling for the tech giants to share their data with others. Open data breeds innovation, and our technological development will only be stunted when so much data continues to be held privately and siloed.
The past year has been a fairly dark time for data privacy - but it finally feels as though we are beginning to see the light. With new data legislation and increased consumer awareness, the tech industry has never been more motivated and better equipped to embrace ethical data practises. As more data is made open and available, innovation in AI and machine learning is set to explode, and already we are seeing a plethora of proposed data privacy solutions.
We are now entering an exciting new world where individuals will be able to exercise control and take ownership of their data. When we look back on 2018 in years to come, it’s entirely plausible that we will remember this year as the turning point where consumers, companies and smart cities across the world took a new stance on cybersecurity and data privacy.
At Hazy, we see a bright future in this sector, both in 2019 and beyond.