Sam Pallis is a freelance writer focusing on technology, the world of digital innovation, global politics, and British current affairs. He writes for the Independent, the New Statesmen, and the Huffington Post.
9th of January 2007 is a date that will go down in the annals of history. No country was invaded. No crash on the markets. No autocrats elected. This earth shattering event took place in a generic conference hall in Moscone West in San Francisco: the iPhone was launched. Ten years later we take the iPhone as just another aspect of our lives. But this was the epochal moment when our personal data took centre stage. This was the moment when our memories became a currency.
All our data protection legislation stems from Europe – in the wake of Brexit our current data rights are therefore in the balance. The EU is currently looking to further strengthen member’s rights through the General Data Protection Regulation, whereas Theresa May’s government are looking to find ways of further encroaching upon our personal data. Her government’s so-called ‘’snooper’s charter’’ would seek the ‘general and indiscriminate retention’ of email and electronic communications. But the European High Court has ruled that is illegal.
Nevertheless, if we head for a hard Brexit then we could be leaving both the European Convention on Human Rights and take a step back in terms of data protection legislation. Whether we are in or out, our data protection laws must be built upon the progressive framework laid down by the EU, but we must also ensure that we can guarantee to protect data subjects in the face of rising corporate and government intervention. To do that, I propose policies in key areas which can start to work as the basis for a progressive platform for data protection in the 21st century.
The future of our economy is based on our personal data. Our digital economy now accounts for 10% of the UK’s GDP, the second economic contributor behind the property sector. But there is currently a data deficit in our society where we have little say in how our data is used, with companies such as Google and Amazon retaining the ability to record us through their products without us even knowing they are doing so.
Our data has become the world's most valuable currency and precious resource - using it responsibly will be one of this century's greatest challenges
The General Data Protection Regulation, a piece of EU legislation set to be introduced in 2018, would offer a strong framework to bring back accountability to our system. However due to Brexit, whether or not we enact that legislation is in the balance.
The GDPR furthers our protections in three key areas. Firstly, tougher fines for non-compliance – companies can be fined up to £20 million. Secondly, it gives users more say over what companies can do with their data, clearly defining that the user must consent to their data being used, clear records of the use of data must be kept, and the data must be deleted when the process is complete. Thirdly, it provides much needed uniformity in data law across all EU member states.
It is now paramount that we adopt a programme which builds upon the GDPR and strengthens the UK’s current data protection legislation in four key ways:
Firstly, enforcing the laws around online privacy, so that companies are required to respect their customer’s requests not to be digitally tracked, for example by using the ‘Do Not Track’ system.
Secondly, creating a special taskforce drawn from the Information Commissioners Office, consumer protection agencies, and Parliament, in order to investigate the use of data-driven profiling in potentially exploitative industries like payday lending, insurance, and private landlords, reporting back with measures to improve individual protection.
Thirdly, ensuring that whenever important decisions are made about people based on their data – whether being placed on a ‘domestic extremist’ watchlist or being denied a loan – the digital systems operated are subjected to regular independent audits, to detect whether the data is being used unfairly or in a discriminatory manner.
Fourthly, requiring corporations to inform all customers if they have used personal price discrimination, an act whereby companies use an individual’s data to charge them more for a product.
With or without the EU, we must promote policies to defend the rights of people as data subjects. Jeremy Corbyn, leader of the UK Labour Party, has asserted his commitment to a People’s Charter of Digital Liberties, a step in the right direction, but we must go further. Data is going to be essential to our future and will be an enabler in many fields. But at this turning point in our history, we must ensure that our rights as data subjects match the invasive nature of technological change – otherwise the very fabric of our democracy and our rights as consumers will be under threat.