The Cambridge Analytica revelations have spawned outrage across the world, as well they should. The mass manipulation of millions of individual Facebook users, psychometric profiling to reveal potential pressure points, micro-targeted advertising and black-ops electoral interference are certainly something worthy of the headlines.
As the full impact of this washes over the US, other countries are also questioning the level to which a data-mining startup has sought to influence their own democratic independence. Australian citizens are understandably asking whether they have been targeted through manipulative techniques.
Australia’s Privacy Act is woefully out of date with the digital sphere, and offers little protection when it comes to the modern world of big data and social profiling. Even worse, Australian political parties and politicians are themselves exempt from these restrictions. When the writs are issued, and the political campaigning begins, elected officials reach deep into the national database of the Australian Electoral Commission, cross-check this against a myriad of other data sources and pump out targeted campaigns in the form of door-knocking lists, call trees, direct mail and, increasingly, digital and social advertising.
Businesses, charities, advocacy groups and activists are, also, far from innocent in this system, with increasingly intrusive mechanisms being deployed to seek revenue, mobilisation or other action from an ever-competitive market of willing supporters. Cross-referencing of supporter lists to identify “lookalike” audiences for targeted Facebook advertising, mass unsolicited SMS broadcasts (as recently seen in the midst of the marriage equality postal survey) and, perhaps most worryingly of all, the passing of supporter data between major charities.
Last year we saw the horrific story of 92-year-old British woman Olive Cooke, who reportedly took her life after feeling overwhelmed by nearly 100 charities who mailed her up to 3000 letters a year. About a quarter of those charities had reportedly passed her details on to other organisations.
This sharing of supporter information occurs between Australian charities as well, as revealed by the Australian Privacy Foundation last year. A series of voluntary codes alongside a severely outdated Privacy Act are designed to keep these organisations in check, but the questionable practices continue. The recent introduction of mandatory data breach notification laws is certainly welcome, but only picks up the pieces once a breach has occurred, and does nothing to change the manipulative processes that occur when data harvesting is considered entirely legal.
No matter how horrified you are by what Cambridge Analytica has done, or the tactics of political campaigners who desperately seek to gain the upper hand on their competition, keep in mind that it pales into insignificance next to what the US, UK and our own governments — and probably others — are doing with even more data and even less transparency.
The Foreign Intelligence Security Act amendments of 2008 combined forces with the Patriot Act to provide the necessary legal loopholes that led to the US’ warrantless surveillance operations. This gave the NSA huge power to collect digital communication from the world’s biggest collectors: social media and online service providers. Even if global tech giants like Facebook were unwilling participants in the program, what was revealed through the Edward Snowden leaks is the level of underhanded coordination underway to access private data sets. The global intelligence-sharing arrangement between the US, UK, Canada, Australia and New Zealand known as “the Five Eyes” only serves to expand that capability.
So, while government regulation is often the touted solution to any overreach of the private sector, we would do well to remember that in a number of countries, including Australia, the use of pervasive surveillance powers was expanded by progressive governments and left ripe for misuse by tyrannical lunatics. Government intervention will have a role, but it has dangers and is absolutely not the only answer.
Ultimately, what is needed is a radical re-think of how we allow the concentration of data wealth to occur in the first place. We need a better model of data ownership and use, not just to avoid these situations, but also to combat the current neoliberal market-driven capitalist framing that allows for monolithic data harvesting machines such as Facebook to profit and thrive, and for the operations of companies such as Cambridge Analytica to benefit. At very least, we must hold our lawmakers to the same account as others in the ways that they operate communication and lobbying tools, and remove the political exemptions to the Privacy Act.
I’m on board, except for the bit about ‘holding them to account’. Can’t see how that can be done. I am entirely disenfranchised in this subject.
While the government was enacting laws for telcos to hold on to all their ‘metadata’ for two plus years, I was arguing that we should have legislation demanding companies expunge all records more than 6 months old. I didn’t win that argument. Any suggestions?
Tell me about it! Last week we add a few dollars to a crowd funding scheme that is now starting to smell a bit; the idea was to built an energy retailer servicing Solar Only clients
Eversince we have been getting calls from some mob wanting to advise us about solar rebates. They usually hang up first when you ask them for their ABN.
The Abbott/Turnbull LNP Government grab for data retention in the national census was a wake up call for most thinking citizens.
Why was Mr Morrison was so confident he could get $billions out of welfare recipients with his new found cross referencing tools and robo debt letters?
“a wake up call for most thinking citizens” and therein lies the problem.
Nothing to hide, nothing to worry about. Accurate data may lead to better political and business decision making. Decisions should not be made without supporting data. It’s not the data, it’s the use of it.
PS…as long as it’s anonymous I’m in favour of data being shared.