The data we generate just by living – or by letting us be surveilled while living – equally enrich private companies and deplete our privacy.Edward snowden, permanent record, 2019 (translated by this post author from the Norwegian copy)
The quote is from Edward Snowden’s book Permanent Record from 2019. He is an American programmer who exposed the goverment for extensive surveillance. In the book, he (among other things) describes his first meeting with smart home equipment. In an electronics store he spots a smart fridge connected to Internet, with a screen interface. He is shocked. He cannot understand how someone would want this device in their home. To invite large commercial companies into the most private, intimate sphere, allowing them to capitalize on our lives. To Snowden, privacy is essential in this digitized world.
So why are we as consumers not more concerned about privacy in smart homes?
Nothing to hide
Preliminary results from the RELINK project shows that Norwegian consumers are not particularly worried about their privacy. They express a common attitude; that they got nothing to hide. They find it difficult to see why anyone would want information about them, as long as they’re not public figures. Or possessing state secrets. This imply a lack of knowledge of the extent of information harvested, its value and the potential uses for it.
People know that smart home technologies collect data. They know that some data is used for improving services and for tailoring advertisement. But the potential use of data to discriminate and manipulate, and the lack of autonomy over our own data, are not brought up.
Another reason why we do not worry more about our privacy is trust. Norwegians generally trust the companies producing smart home devices. We rely on them to not use our data for other purposes than advertisement and improving services. More importantly, we trust the government and the EU to look after us. So we believe the laws and regulations they instate will protect us from harm and keep the commercial companies in check.
EU implemented the General Data Protection Regulation in 2018. From then on companies need consumers’ consent to collect their data. But how does that help if we don’t know what data we give away, who gets it and what it’s used for? Most terms of agreement texts are endless pages of small print, difficult to get through. And there is a new one for every online service we want to use. Who has time for that?
More accessible information
The bottom line is that in order to care more about our privacy, we need more information, and we need more accessible information in order to give a fully informed consent.