Privacy in the network age
Yesterday, I had the opportunity to talk to Yves-Alexandre de Montjoye at Brand Week Istanbul. He is an assistant professor at Imperial College London, where he heads the Computational Privacy Group and a research affiliate at Massachusetts Institute of Technology (MIT) where he received his PhD from in 2015. His research aims at understanding how the unicity of human behavior impacts the privacy of individuals—through re-identification or inference-in rich high-dimensional datasets such as mobile phones, credit cards or browsing data.
I asked him how he defines privacy and he told me that privacy is not keeping all the information about yourself to yourself but it is about being able to decide which information is being shared in exchange of what. That is why older generations think youth do not care about privacy.
However, it is only a different point of view. He said if you would compare yourself to an 18-year-old, you would be surprised that she would know more about the privacy settings of Instagram far better than you. He thinks youth are making more informed choices about the way they share their information. According to de Montjoye, they value what they would get for the information they share and if they believe it is worthwhile. They do not hesitate to let companies reach their data.
The assistant professor said privacy is not a personal matter anymore. We should be talking about the privacy of groups. They have done research and found out that even if you do not share any information about yourself, if your friends share their own, companies or states could still learn a lot about you as well. If you were to decide to give your DNA information to a company, you would not only be giving information about yourself but your parents and children as well.
De Montjoye also strongly emphasized location data, saying that it is one of the most important pieces of information you can share. In their research about location data, he said if they knew four locations in Istanbul people have been going to and the approximate time they were there, they would be able to re-identify you 95 percent of the time.
I told him the findings of the research are terrifying but he said as long as we know what people can do with our information, we can act on it. That is why he works with data protection agencies implementing the European Union General General Data Protection Regulation (GDPR).
I believe in what he does and I hope more people would realize what can be done with their information and make more informed choices about whether to share a certain piece of information or not.
I think it is an issue that we must take very seriously in Turkey as well. Unfortunately, the steps taken in data protection are not nearly enough. We need to step up our efforts. As technology surrounds our daily lives, vital information about ourselves will be even more important.
One of the projects that de Montjoye is working on could provide us a path to follow. They are working on a protocol called OPAL and openPDS that would collect data and keep it only to be released when someone asks specifically for a piece of information and only if you allow them to reach that piece of information.
One way or another, we must take control of how we share our data.