Internet entrepreneur Maciej Cegłowski wants to regulate the Internet. We’ve been continually bullied with the doctrine of free market, so that probably sounds radical to you, but the corporate surveillance we agree to is far more invasive than government surveillance. The result is that we now enjoy almost no privacy when we use the Internet.
“We would never agree to carry tracking devices and report all our most intimate conversations if the government made us do it,” says Cegłowski, who founded Pinboard, a social bookmarking site that puts privacy front and center. “But under such a scheme, we would enjoy more legal protections than we have now. By letting ourselves be tracked voluntarily, we forfeit all protection against how that information is used.”
The Internet is broken, and Cegłowski has six fixes, all of which require the Internet to be regulated the same way as electricity, or roads, or air travel. They all carry heavy regulations that keep us safe, and nobody is complaining that those markets are having innovation choked out of them. None regulate you, the user. In fact, they grant you many of the freedoms that you already enjoy in offline life. Here are those fixes.
You should be able to download any information that a company holds on you, in “a usable electronic format.” Ever wonder what data Google keeps on you? This fix would tell you. Right now all we have to go on are indecipherable privacy policies, or the word of the corporations concerned. If we could see the data, it would be a lot harder for these companies to creatively cheat on those promises.
Just what it sounds like–when you close an online account, you should be able to nuke it. All of it. We know that digital information has a way of hanging around, and Cegłowski knows better than most. His “anti-social bookmarking service,” a paid site that saves bookmarks, but can also archive entire web pages for you. “Programmers recoil from deleting anything, since mistakes can be so dangerous,” says Cegłowski. Even Pinboard does something called a soft delete, “a practice where accounts are flagged but data never gets deleted.”
And even if they do delete your data, it will live on in backups. These should also be deleted. “Not having infinite backups might help us take better care of what we do keep,” says Cegłowski.
But is it possible to get a framework of laws that actually hold CEOs accountable? Cegłowski’s example is the tobacco industry, which was eventually broken by slow and constant public pressure, despite huge lobbying resources.
You might already know the term “metadata” as it pertains to privacy. This is the same thing and includes your IP address and cell tower location (your location can also be inferred from you IP address, which Google does already), your recent search queries, the contents of your shopping cart, what browser and device you are using, and so on. None of this data was explicitly shared by you, but it is valuable nonetheless.
Cegłowski says that this data should be deleted after 90 days, and that companies should be prevented from selling it, or sharing it with third parties.
This doesn’t apply to you–you can go offline any time you want. This applies to your fridge, or your Internet-connected lightbulb, or any of a zillion connected products entering our lives. “Any device with embedded Internet access should be required to have a physical switch that disconnects the antenna and be able to function normally with that switch turned off.”
We’re generally happy to connect our appliances to the Internet, but then we forget about them. Earlier this year, Samsung got into trouble for its eavesdropping Smart TV, which would listen in on the private conversations of its owners and transmit them to third parties.
Have you ever checked something out on Amazon, only to have the item follow you around for days, popping up in ads on other websites? You have third-party ads to thanks for that. You visit a site, and it rents out space. The ad that sits in that space is like a little web page all in itself, complete with cookies and tracking code. If Amazon rents that space, it recognizes you and serves an ad that it thinks you’ll like.
That example doesn’t seem too bad, but the same tech lets anybody track you all over the Internet, just by inserting tracking code into other sites. Almost any time you see an ad, you are being tracked. This explains the popularity of content blockers in Apple’s new iOS 9 operating system, which let you block trackers and ads (both protecting your privacy and making web pages load faster).
“This ban would eliminate much of the advertising ecosystem, which is one of the best things about it,” says Cegłowski.
There are almost no consequences for a company when it breaks the law. In the U.S., the worst is probably a big fine, which will be treated as just another business cost. The EU has sharper teeth, but the problem remains–if you’re the boss of a company, and that company does something bad, even something horrific–you will see nothing worse than a slap on the wrist.
“I want a system where you can make promises that are more painful to break,” says Cegłowski. Taking the Creative Commons as inspiration, he sees companies able to build on top of enforceable privacy laws. “A system of enforceable promises would let companies actually compete on privacy.”
Sounds impossible, right? And yet Cegłowski says this what he’s most optimistic about. “I imagine a large portion of the industry would support such a framework since it provides all kinds of marketing opportunities,” he says.