Monday, January 28 marks the 13th celebration of Data Privacy Day in the U.S., and for the first time in the history of the holiday, it feels like a genuine celebration of data privacy; not just an attempt to bring attention to the issue.
Convention 108 would prove to be decades ahead of its time, however. Data protection laws failed to grow at the same speed as the internet, allowing companies to play fast and loose with consumer data. Consumer data was often collected without the consumer’s consent and used with their knowledge.
But now — 39 years after Convention 108, and 12 years since the U.S. started celebrating Data Privacy Day — it feels like the promise of Convention 108 is finally being realized.
We are in an era of unprecedented online privacy. On January 1, the California Consumer Privacy Act (CCPA), the strictest set of data privacy laws in U.S. history, went into effect. The law seems partially modeled off the General Data Protection Regulation (GDPR), the EU’s own set of data privacy regulations, that become law in 2018.
These laws have forced companies to be more respectful of consumers’ data, but some companies have decided to enact privacy-friendly policies entirely of their own volition. Both Apple and Firefox have decided to limit the use of third-party tracking cookies on their respective web browsers, for instance; while this opens the door to other types of challenges, for this, less tracking of consumers without their knowledge is inherently good. Google, meanwhile, recently announced it plans to stop supporting third-party cookies altogether at some point over the next two years, meaning that all the major web browsers will have severe limits on how companies track consumers across the web.
For the first time in history, the rest of the world is catching up with the idea of data privacy as a fundamental human right. This is largely thanks to the tireless efforts of groups like the NCSA, which have been raising awareness and advocating for data privacy long before the idea was in the political mainstream.
Yet, for all the progress that’s been made, there’s still lots of work to be done when it comes to providing consumers with true data privacy. Most companies still do the bare minimum to comply with data privacy laws. They will present website visitors with a disclaimer, saying that the website might collect some personal information. Other companies will hide their websites behind pop up notices asking if it’s okay to collect personal information, essentially forcing the visitor to say yes to view the content.
Being transparent about data collection is not the same as respecting a user’s right to data privacy, and coercing users into data-sharing agreements is certainly not in the spirit of the data privacy.
True data privacy means not only operating transparently but also providing consumers with a legitimate choice over how their data is used. Consumers should be presented with a fair choice when it comes to data collection:
- They can pay a subscription for an advertising and data collection-free experience.
- Or they can agree to data collection, in exchange for more relevant content, available at a reduced cost.
- Or they can opt-out of data collection, and receive a greater number of advertisements, many of which might be irrelevant to their interests.
“Previously, it was not unusual for companies to take and use consumer data without the consumer’s knowledge and/or consent,” says Phil Sloan, senior vice president at marketing agency Canvas Worldwide. “Now, the advertising industry is placing a greater emphasis on gathering data with integrity by clearly asking the consumer if they want their data collected, and then going one step further and giving the consumer a choice in how that data is actually used.”
Given this clear choice, most consumers will select the first option. Research has consistently shown consumers are willing to trade personal information for convenience and a better user experience. But some might choose option No. 2, and that’s fine, as well. A necessary part of data privacy is giving consumers the option to withdraw from data tracking altogether, even if it means a diminished user experience.
Providing this kind of choice speaks to the Convention 108, which was based on a simple yet powerful idea: people have a right to data privacy, and we should allow them to yield it however they want.