Do You Suffer From Personal Information Incontinence?

Welcome to my first ‘Science & Technology’ post. Even though my lack of religion is a great comfort to me, it’s nice to take time out from the irreligious material for a while.

I went to a worthwhile presentation about data protection the other day (bear with me).

Like most good talks, on any topic but in particular this one, the subject matter was presented in an easily accessible and practical way. Data protection is a notoriously dry field of human endeavour – think cream crackers with anchovies and sawdust in the desert – and once the speaker delves into the nuts and bolts of regulations and legislations he loses his audience, sometimes literally. The talent lies in explaining the governing framework and the everyday issues whilst not impersonating a parliamentary draftsman.  (No disrespect to parliamentary draftsmen.)

Data protection is generally highly conducive to apathy, boredom and even, in extreme cases, self-harm. Like its evil twin, health and safety, it’s often something that gets in the way when we want to do some living.

Data protection is commonly a smokescreen which deprives you of a bearable level of customer service. Call centre staff might refuse to give you certain information “because of data protection”. This is often nonsense, either because data protection legislation might be of no relevance to your request or, if it is relevant and you have successfully negotiated the organisation’s security gate, it’s your information and you’re entitled to it.

(As for health and safety, this is often an excuse to deprive you of your right to develop essential risk-taking skills, which by definition increases the risk that you will be unhealthy and unsafe.)

It’s terribly easy for a privately-educated lawyer who occasionally gets down and dirty with data protection issues at work to sneer at the lack of legal expertise of call centre staff; so easy that I’ve just done it. Many middle class professionals haven’t even got the slightest clue about data protection; not just in terms of their own rights but also in the way they consciously decide to mismanage their own personal information.

I find it interesting how the different generations differ in their approach to their own data, especially in the context of technology. I’m not basing the following generalisations on what you might call evidence; they’re just my opinions (which, like all my opinions are, in my opinion, correct).

  • The younger generation are probably more likely to utilise the social media tools which carry potential data protection risks, such as Facebook, Twitter and Next Big Thing. They grasp the technology and the potential of these tools rapidly and effortlessly but they probably don’t for one moment consider the potential consequences of defecating for the consumption of others terabyte upon terabyte of personal information.
  • The older generation are probably later adopters, either because they’re tech-luddites or because they don’t really see the point of the tools. As for when they do use these tools, it’s tempting to assume adults are more responsible with their personal information compared to youngsters, but I’m not so sure about that. When I see how sloppy my peers are with their personal information, I do wonder how switched on and how adult they really are.

Regardless of their age, users will place their information either in the public domain, to be consumable and accessible by anyone, or they might restrict who can access it. Whether the information is public or private, though, the custodian of that information is likely to be a commercial enterprise whose stated constitutional objective is most probably to act in the best interests of its shareholders. These interests will sometimes, by coincidence, be compatible with the interests of its customers, but not always. The interests will often be in direct conflict. Generally speaking, commercial organisations don’t even owe a constitutional duty to act in the best interests of their employees, let alone that of their customers.

Ironically, the younger generation should possess an enhanced ability to mitigate the hidden dangers of data protection in a technological context: being more tech-savvy should lead to a higher propensity to select and de-select the appropriate boxes and options, and to adopt aliases where appropriate.

Just as it can be argued the death of Princess Diana made us emotionally incontinent as a nation, I say the combination of the internet, technology generally, social media specifically and the natural urge of humans to communicate with each other is making the human race incontinent with its personal information, with all the risks that creates.

I worry that many people, especially the younger generation, simply don’t consider these risks when harnessing the increasingly deep and sophisticated convergence of communication tools and technology at our disposal. I say there needs to be real awareness, for everyone, of the possible harmful consequences of being care-free with personal information. Provided users have this knowledge and are of an appropriate age and mental ability, and provided also they have enough internet bandwidth, I would then have no objection to them posting their entire DNA sequence online.

As I said here, a citizen’s default reaction in the face of compulsory collection of his information by a state agency ought to be demanding a justification from that agency, not justifying why he should not disclose it. This should also be the default reaction when dealing with commercial organisations.

Recently, for example, I was purchasing products from a Wilkinson’s store. As I handed my payment card over to the plump employee with bad skin, bad teeth and bad posture, an unexpected demand was made of me: for my home address. I refused and asked why this was necessary. “It’s just something we’re doing, you don’t have to”, it bleated. Too fucking right I don’t. So I shan’t. Goodness knows how many zombies obediently complied with this diktat, and what their information was used for, and to whom it was disclosed, and what any third-party recipients did with it.

I don’t live completely off the grid, of course. For example, I have made the conscious decision to enter into a contract with Tesco where I provide them with information on my spending habits – groceries, electrical items, cleaning products and even the dietary behaviour of two cats that live in my house (ok, whose house I live in) – in consideration for Tesco giving me money (“Clubcard”). In fact, I even have a Tesco Clubcard Credit Card, which means this retailer gives me some more money in consideration for knowing more of my spending habits (every little helps). But at least I’m an adult who has made this decision after careful thought (or some thought), and the law assumes that as an adult I sort of know what I’m doing, most of the time.

Expert on or evangelist for data protection I am not, as Yoda would say, and I am just as likely as the next Jedi to click the “Yeah, whatever, just give it me” box when purchasing goods or services online or installing free software (is there any other type?).

I am, though, highly likely not to disclose much of my personal information via a social media tool running on a communication platform visible to every human on the planet, and which might be visible or at least retrievable for a very, very long time, possibly until the end of time. But hey, that’s just me.