From the bizarre story of Naruto the Macaque monkey and a problematic selfie to the Hulu privacy lawsuit from 2011, the issue of ownership is finally catching up to our unbridled consumption, transmission, and proliferation of data. The fact that we share our location data, browsing habits, fingerprints, social interaction and even facial scans without a second thought is generally acknowledged and accepted today, even by older members of society who have not grown up in the arms of Apple, but is our relationship with Big Data based on a misunderstanding of just how powerful data can be?
The influx of home IoT devices such as Amazon’s Echo means that we are more connected than ever to the digital world, and our demand for instant satisfaction has created the need for devices like Echo to keep up – to learn continually in order to predict our habits accurately and adapt on the fly. This is an extension of the ‘learning’ software we have all experienced while browsing the web, personalized ads that may or may not hit the nail on the head and offer us something useful. Despite the well-documented gaffes and pranks at the expense of Alexa, the popularity of these devices means that there is a huge amount of data out there that is linked intrinsically to the owners’ everyday lives. This begs the question: who owns this bank of information, and what happens if someone decides to exploit it?
The Nitty Gritty in Perpetuity
The answer is not easy, and it seems that each case is different, and sets its own precedent regarding whether David or Goog-liath gets the prize. In the Hulu case, for example, District Judge Laurel Beeler ruled that the inclusion of a ‘like’ button (which transmitted to Facebook the video page address along with a Facebook ID cookie that could allow Facebook to identify that person and their viewing habits) did not violate the user’s privacy, as ‘if Hulu did not actually know that Facebook might ‘read’ the c_user cookie and video title together… , then there cannot be a Video Privacy Protection Act violation.’
This effectively means that Hulu has won the rights to their users’ viewing habits, and can also share that data with a third party (provided the identifying data is sent ‘separately’), which is clearly to the benefit of a major streaming service competing with the socially omnipresent Netflix. In other notable cases, as in this case against Hulu, the deciding factor is whether or not the user has suffered ‘concrete and particularized injury’ (and therefore has a right to sue) as a result of data being misused, misinterpreted, or just being plain wrong, and attorneys often sidestep the issue of who actually owns it.
Injury, Impropriety and the IoT
So what, if anything, can we learn about the future of ‘our’ data? For now, the precedent is completely unfixed, and lawsuits are being settled on technicalities – such as whether or not cookie data is immediately linked to user information, and just what falls under ‘fair use’ given that pretty much our whole lives are recorded by our beloved devices. There are, however, movements to clarify this mess of data privacy, such as the Illinois Biometric Information Privacy Act (which prevents a company collecting or obtaining a person’s biometric information unless it informs the subject and receives consent in writing) and the ‘Right to be Forgotten’ which was recently won by the European Commission and allow Google users to request their entire online presence be deleted.
Decisions like these show that where we once thought of data as an ephemeral, helpful, and essentially harmless tool, the extent to which IoT devices, smartphones, social media, and biometric technology have progressed means that data is now more valuable than ever, and bleeds into our daily lives whether we ‘like’ it or not. With a new understanding of data gradually dawning on the general population and the potential injury that could be caused also being recognized in the courts, it seems that we are at least coming to terms with why ownership of data is important. As data is transformed into a commodity, and third, fourth, and fifth party sources are brought in to handle said data, we need a clear answer more than ever.
The best advice for now, however, is this: read the small print, check cookie consent, and be careful who you give your fingerprints to – or be prepared to fight for your right to selfies.