Data privacy panel recap

Ghostery Icon
Brennan Sisco August 2, 2019

Share This Post

Try Ghostery

Let the Night Begin

As a group of ghosty-cladded guests – friends both old and new – gathered in to Flatiron Hall last Wednesday evening to celebrate the 10-year anniversary of Ghostery, they were met with excitement for the future and pride for the past decade of success. At the center of this party was the idea of data privacy – the foreground for the birth of Ghostery. Five individuals came together for the much-awaited panel: Anthony Ha (TechCrunch), Stacey Gray (Future of Privacy Forum), Rick Mandler (TrueX), Jean Paul Schmetz (Cliqz), and Jeremy Tillman (Ghostery). The conversation was nothing short of enlightening, bringing forth an important discussion on the past, present, and future of the privacy sector of the internet.

Getting to the Good Stuff

Anthony opened the forum with the question: “Given how the conversation has evolved and the amount of cognitive dissonance regarding privacy, how do you think this has or has not changed how consumers think about privacy?” Everyone provided their own best answer, yet they all had one important thought in common – value transaction is not transparent, so the consumer, who may not be well-versed on internet privacy, does not totally understand what data they are actually giving up. Rick came forward with an anecdote from teaching at NYU where he stated, “Conceptually people believe they care to an extent, but they don’t take action,” as his students voiced concern for privacy but did nothing to learn more about it. JP followed with a focus on Ghostery, and how the concern of privacy came 30 years ago, but “the beginning of privacy violations really [only] came about when Ghostery was born.” Stacey was quick to agree, stating that “Ghostery is a great example because it provides transparency that allows people to realize that something is going on when they might not have known.” Jeremy finished with a comment on the lack of double-sided transactions in adtech, stating “there needs to be better articulation about what users are getting and what price they pay because it’s hard to take up action to exercise negotiating powers.” This brought together a coherent and multi-view opinion on this matter.

Next was a two-part question of sorts that began with: “In the policy area, how do we see [what GDPR and California are doing] playing out over the next few years? Do we think that we’re going to see some federal regulation? Is that the end of it?” As someone who works in Washington and sees firsthand the effects that privacy is starting to have on the political realm, Stacey stated that “Now is the moment for federal legislation because there’s an alignment of interests between consumer advocates and industry players . . . privacy is certainly a bipartisan issue.” Rick followed suit in agreeance, reiterating that “There are very few things both Democrats and Republicans hate, and Big Tech is one of them.” With that, he felt it must allude to something coming out of Washington sooner rather than later. Then, coming from the perspective of a company with a privacy browser tool, Jeremy discussed how legislation would be more helpful than harmful. What worries him “is legislation entrenching the status quo, rather than protecting the individual consumer,” because “we want the government to protect our rights [of privacy] as citizens” so that our data is not in jeopardy. This was followed with another statement from Anthony, regarding ingraining the business model, “That’s been a criticism of GDPR that, from a startup perspective, it’s pretty much entrenched Google and Facebook’s dominance.” JP was quick to respond, mentioning the youth of GDPR which, in turn, has not allowed it to be enforced much. In addition, he stated that “the spirit of law is quite clear – if you’re going to track someone, they better know what you’re doing; they better give you consent or you’re not going to have the right to take that consent away.” Rick added that “Every outlet has a new privacy policy” which, he found to be backwards. He wants the consumer to have “an easier way to set their privacy policy” so that it follows them around as they go to different parts of the internet. This way, the consumer “can accept the terms in this exchange,” rather than the other way around, which each panelist found to also be an issue.

Anthony then brought up what outcome there could be for a consumer to gain more control over their privacy with stating how there have been a couple of allusions, within the conversation, to the idea of the consumer not really understanding what the exchange is between them and the browser or not network. He posed to the panelists, “What the better world [might look] like,” and questioned if it is “One that is more comprehensible and more controllable on the consumer’s side?” He also asked, “What the ‘solution’ looks like? Is that where things are headed?” Rick brought up the similarity in having a national do not track registry with the national do not call list. He felt that if it “gave [him] some control, maybe [he’d be] better off.” But he did find some concern in being too “paternalistic” with consumers not knowing the tools and coming off like, “I know what’s best for you.” Stacey came from a more political stand point, bringing up “tension between privacy and the centralization needed.” This was followed with a brief acknowledgment of Senator Wyden’s “discussion draft.” The draft would require one national do not track registry, which would need some sort of intermediary user, as Stacey put it. In addition, JP added that Google “tracks the most and owns the most browsers, such as Chrome.” This shows where privacy and competition intersect. Next, Jeremy brought up some important questions to ask. If all the controls are given to a consumer and it’s up to them to decide how much data to share, “how do you make that discussion with a consumer when the vast majority of people have no idea what’s happening, what impact it’s had on them, and what the implications are?”

With the conversation turning more towards how the average person could fundamentally understand the idea of privacy and such, but still just want the product that’s best in practice, Anthony turned the question to Jeremy, “Does that mean that you see that as fundamentalist? A product solution? Is there a policy component of ‘every browser must do x’?” Jeremy’s response in and of itself is all that is needed to illuminate this topic. Jeremy simply stated, “I think from our perspective we are a bit agnostic, that the landscape is what it is. Perhaps regulation will protect your services, maybe not. But, we’re the last best defense for our users and it’s in our responsibility to do what’s best for them and we’re doing our best to do the hard kink for them so that they can have that piece of mind. So, I’m not going to put my faith in [politicians] . . . when I am certain we can build a product that can do that easily and directly. It’s their choice to use. That’s our mission – our goal.” Since Jeremy is the President of Ghostery, Anthony followed up by asking whether a non-regulated environment is better for the company. Jeremy felt that this was a more complicated question that didn’t have a yes or no answer. “Google is in control, Chrome is the most used browser, and given Google has so much money, they would limit us to having to survive in that landscape – swatting Ghostery around a little bit unless the government gets involved.” JP piggybacked off this with how Google has already made plans to make anti-tracking impossible, which in turn makes Ghostery’s job seem impossible. Both a scary, and honest answer.

Towards the end of the panel, Anthony wanted to return to something JP brought up earlier, “Fundamentally you think that some places can stop the tracking and a lot of the existing ad models shouldn’t have tracking and, in some ways, a better solution would look like far less tracking. I’m curious if the other panelists will have a vast impression if it should or will even [be less tracking]?” Stacey, in a short and sweet statement, said she thinks “That’s the direction things are likely to go in based on the letter of the law.” Then, bringing up the UK and the changes they’ve made, mentioned how “we’d like to work with industry,” and “we are very concerned by the existing business practices” here in the United States. The discussion then turned towards targeted advertising and how it “has just shifted everything to people who have data,” as JP put it. Rick added in that “from a marketer’s perspective – they look at targeted to spend less. That’s a really hard value proposition.” Which was followed by Stacey’s “Internally incoherent conflict of interest,” where she brings up the obvious idea that people don’t want to have to buy privacy. There’s a public position where data protection is highly desired.

In the last few minutes of the panel, Anthony brings up the link between the discussion of privacy and the discussion of advertising. “There’s a sense that part of the reason we’re in this mess. . . is because of the internet, in general, being built around this digital advertising model. And, potentially, a better internet is an internet that relies less on advertising and much more towards a pay wall and conversion model. Do you think that will be a big part of the solution?” Stacey quickly illuminated that “Absolutely, [the] best possible outcome will be some diverse revenue models.” She also brought up how “advertising and tracking are not the same when it comes to a business tracking model”, since you can have a “non-advertising subscription model that gives you the privilege of not seeing advertisements but tracks the heck out of you. And you can have a non-tracking subscription-based model.” Rick added that “the business model is delivering to people, not content. Content is a secondary thing altogether,” which was followed by JP’s thought that “[He] thinks it’s safe to say advertising is the business model.” What was really touching was Stacey’s statement that there must be “a federal privacy law because you have to have regulation.” She goes on to discuss how the EU does this well in the context of their conversation because they, as in the EU, distinguish between privacy and data protection, which is something she doesn’t see enough of in the US. “Privacy based on the charter of fundamental right to a private life and data protection is based on the charter of fundamental right to data protection, access, correction, accurate data, fair processing, not just about having a private sphere and being left alone.”

Wrapping Up

Though it may have only taken forty-five minutes, this panel opened eyes and brought forth a very important conversation on internet safety. Each individual, well-versed in their own specialty, gave the audience a glimpse into the importance of privacy and the need for political change. Two important takeaways from this conversation were the need for regulations to be put in place to make the American people’s privacy actually private and the great job Ghostery has been doing to help keep its users safe from trackers. The country may be questioning what is best for the public, but it’s companies like Ghostery and the products they create for their users that show how important safety and privacy are for both the creators and the users.

Loved the panel? Help us bring it to SXSW 2020. Cast your vote here!