Is a shift afoot? Is power in the digital economy now gravitating from giant, centralized organizations to individuals? The panelists at a recent IEEE Tech for Humanity Series session at South by Southwest® (SXSW®) see evidence that this is the case. They see the General Data Protection Regulation (GDPR)—the landmark European Union act that becomes enforceable 25 May 2018—as a clear, high-profile example of the digital economy’s trend toward legal, technical, social and market forces evolving to provide citizens new rights and powers.
How might individuals in the evolving digital economy sovereignly govern their own data, identities and relationships? How might new business models replace the tracking-based practices that led to the GDPR, and a worldwide boycott in the form of ad blocking? Nicky Hickman, founder of Inglis Jane Ltd.; Karen McCabe, senior director, technology policy and international affairs, IEEE, and Doc Searls, director, ProjectVRM, Berkman Klein Center at Harvard University, discuss the seismic shift that they believe is already underway.
What feeds your optimism that this game-changing transfer of power—”from organizations to people as legal, social and market forces give citizens new rights”—will play out?
Nicky Hickman: First, we’ve been here before. There are lots of examples throughout history where, if you take away control from a few and give it to the many, all sorts of good things—and unexpected things—happen.
The UK’s Disabilities Discrimination Act (DDA) in 2002, for example, forced companies to make “reasonable adjustments” to enable disabled people to both access their services or to become employed by them. At the time of that implementation, there was a similar kind of furor in the business community, and actually it turned into something very positive for everybody, with inclusive design.
Doc Searls: There are four shifts that make me optimistic about civilizing our online world, which is only a couple decades old. First is regulation, such as the GDPR. Second is new ways for individuals to proffer terms that sites and services can agree to, developed by Customer Commons and allied developers. At Linux Journal, where I am editor-in-chief, we will click “agree” to a new term that says, “Just show me ads not based on tracking me.” We expect this reversal of permission to completely change the way digital publishing works, by aligning incentives among readers, publishers and advertisers—something not possible with tracking-based “adtech.” Third is new technologies that decentralize and redistribute power from platforms to people. We see this with blockchain, cryptocurrencies and funding through ICOs (initial coin offerings) rather than just through VCs. Fourth is new technologies in peoples’ hands that give them their own ways to present credentials (such as proofs of identity), control their private spaces online, share data selectively and securely and manage relationships their own ways, outside the control of giant corporate platforms.
Karen McCabe: Another example is that we’re seeing momentum toward community networks and towns building their own infrastructures.
Is GDPR chief among those?
Doc Searls: The GDPR is already a forcing function, because the corporate world is shaken up by it and developers are working to take advantage of it. But we don’t yet know what the EU will do after the GDPR arrives in full force on 25 May. It might not fine anybody for months, or it may start whacking violators right away. We are reaching many tipping points at once, but the GDPR is the largest and most obvious one.
Nicky Hickman: GDPR is interesting in that it forces everyone to think about data differently and to fundamentally change the relationship between the data and the so-called “data subjects”—which have been us, by the way. We, the humans, have been subjects of the data. That is changing. Now we’re kings and queens; we’re not data subjects anymore.
But I don’t think it’s as simple as an all-or-nothing scenario. GDPR is one of lots of changes taking place, and there’s still plenty to be done. It’s up to us to make the difference.
How will the world we are moving into through this shift be better than what we know now?
Nicky Hickman: Principally through diversity in how data is used and shared and more balance in digital transactions. Instead of only one question being asked, service provider to customer—Who are you? Prove yourself, so that you can come and spend money with me—there’ll need to be an equal conversation, customer to service provider: Who are you? Prove yourself, so that you can have access to my data and my money.
Doc Searls: We can do so much more as independent and free actors in an open marketplace than we can as captive vassals in the feudal system we have with giant platforms, and that is the main difference. All kinds of things arise out of increased personal agency. For example, we can do much better signaling of our own intentions in our own ways than any of these systems can guess at, based on tracking us everywhere. So that’s the main benefit that I see for business, as well as for individuals.
Karen McCabe: We’re more than customers; we’re creators. We could do so much more without sort of being, quote-unquote, “enslaved” to these large systems and enterprises.
In what ways might this shift not be better?
Doc Searls: As Clay Shirky says, every good new technology has bad effects. One of them is that everybody can be a bad actor in more ways than they ever had before. That’s been a legacy of the internet to begin with. But it’s also a legacy of nature. You can hit someone with a rock, or you can build something with it. All technologies go both ways.
Nicky Hickman: Also, I think there’s a risk that it compounds digital exclusion, because if you’re further empowering digital citizens, then those who don’t have access to the data economy or to digital services will lose out more and more. So there’s great potential in this for greater digital inclusion, but there’s also a risk that we focus on only high-net-worth data individuals. It all depends on how we use it, like any tool.
What is the role of organizations such as IEEE in this conversation?
Karen McCabe: Working in an inclusive, balanced, consensus-based framework is important. It’s crucial in these discussions about identity, privacy, security, dignity, etc.—such as in the context of GDPR—that all voices are heard and that the conversation’s not being dominated by any particular interest group, organization or coalition. So, the role of IEEE and other global, open organizations like ours is to bring all of the voices together with different perspectives of gender, geography, different disciplines or fields of interest, different socioeconomic realities and even different age groups.
Filed Under: Industry regulations