I woke up today to the news that over 700 million accounts with passwords have been hacked and published. Yes, 700 million, you read that right. This made me receptive enough to something I saw later to want to discuss it.
The CEO of Apple, Tim Cook, has called for new legislation and regulation in the U.S.A. which would ensure anyone could discover what data was held on them, and delete it if they wanted. He sees the required process as starting with the U.S. Congress passing “comprehensive Federal privacy legislation”, followed by the formation of a “data-broker” clearinghouse by the U.S. Federal Trade Commission.
The details of how this might work are widely available online and I’m not an expert on the monetization of data, so I have nothing to add there. A more interesting angle is, could such laws be passed, and what would their effect be? Two questions which are interrelated, so we must with effect.
I say, don’t assume that this would kill the “data-industrial” complex. All those free web services that you use such as Google, Facebook, Twitter, etc. are only free because *you* are the product. If they couldn’t make a profit from collecting, managing and selling your data, they probably wouldn’t exist as there would be no viable business model to generate a profit. This means that if everyone restricted their data using such new laws, it could kill the provision of free web services. Yet it might be that enough people wouldn’t do that to render such data collection business models impossible.
Whether Congress would pass laws mandating this control of data will almost certainly depend upon whether profitable data-based businesses could live with it. There isn’t currently enough public outrage over the collection and monetization of data to push Congress into voting for anything that will significantly hit corporate profits, despite the recent scandals over Facebook.
It is likely that something along these lines, with some compromises, will eventually become law in the U.S.A. and may then be copied in other countries around the world. For example, aggregated data is often monetized, so a creative way might be found to keep individual data sacred while allowing the use of aggregated data.
This debate will widen over the coming years. It may be that a spectacular mega-hacking event, such as the publication of the detailed purchase histories of hundreds of millions of individuals, will push this issue to the fore and get the legislative ball rolling.