Consent Jujutsu & Data Hunger. Is Your Website Guilty?
· Tim de Nood · Fix typo
3 privacy tips for organizations that use online data
This article explains the why and the how about the way organizations watch you. The 3 tips are found at the bottom of this article (please scroll down if you want to skip the intro and research).
In this series on privacy, you and I are discovering how the internet ended up in this privacy mess. And how we can eventually get out of it (without blaming anyone).
Inspired by sociologist, author, and researcher Gary Marx, I’m looking beyond the specific technologies, trends, and privacy scandals to understand the underlying social processes of privacy and data collection.
This gives us the knowledge we need to further develop privacy-friendly and future-ready organizations people trust and gladly relate with.
This article will delve into the world of privacy invaders: Why do they watch us (or more strongly invade our privacy), and how do they do it? Whereas in the previous article, we’ve uncovered some thoughts users have when they give away personal information to tech companies.
Big brother is a busy brother. And he’s good at Jujutsu, I’ll explain. He’s watching you on the streets and in many buildings, he analyzes your urine in the sewage system, and he collects your likes, emails, and purchases on the internet. And according to Big B, you wilfully agreed to most of these things… right?
Let’s look at some real-world examples of how we “agree”
Some of these examples are inspired by and can be found in Gary Marx’s book on surveillance, “Windows into the soul.” very good read if you want to learn more about the social aspects of privacy!
- The supermarket building displays a message in the corner: “In entering here, you have agreed to be filmed.”
- The insurance company that offers rewards or discounts for wearers of health-tracking devices: “You do not have to send us any health data you aren’t comfortable with. The trade-off is you won’t get points for that.”
- The large tech corporation that owns, among others, a commonly-used search engine, video platform, and email provider: “When you use our services, you’re trusting us with your information.”
- The personnel manager in a one-industry town in the US: “We don’t require anyone to take a drug test, only those who choose to work here.”
- A phone company executive in defense of unblockable caller ID: “When you choose to make a phone call, you are choosing to release your phone number.”
Can you spot the similarities in these examples?
We will go gently into that good old night (unless we change things)
The examples above imply you’ve made a conscious choice, even if you didn’t. In Japanese, the word Jujutsu can be broken down into two parts. According to Wikipedia, Ju means something like “to be gentle”, “to give way”, “to yield”, “to blend.” And Jutsu means “the principle” or “the action.” So translated, Jujutsu means something like gentle action or to yield with principle.
In similar ways to this old Japanese martial art, organizations focus their energy, efforts, desires, and actions on giving the consent they design. In other words, big brother can gently watch you without consequence because he knows you need or want to do the activities he controls/owns. He knows you will likely accept any terms if they seem harmless. He says you can “choose,” but in reality, that choice is mostly predetermined and almost impossible to avoid if you want to live a normal life.
Therefore, the action of “agreeing” is a rather unconscious act for most people, a natural byproduct of your normal and social behavior; the Jujutsu mastery of Big Brother.
According to the Merriam-Webster dictionary, the definition of Consent is “to give assent or approval: agree.”
In our reality: Consent is mostly a choiceless act we need to perform to continue with normal living in the current society. We would have to live our lives in off-grid caves, doing everything in our small powers to prevent organizations from collecting our data, but we’d probably have zero conveniences and luxuries modern society has to offer.
When we better understand the mechanisms that invade our privacy, we can improve our organizations and pave the way forward to a privacy-friendly future without consent Jujutsu. But first…
I sometimes wonder why so many organizations hunt for my personal data like hungry animals (even willing to violate basic human rights like privacy), do you?
Having said this, I believe it’s a good practice to first look at yourself before pointing fingers at others. So, I confess… I’m also data hungry (but a very different kind of data-hungry)
When I gather data about others in my personal life, I usually do this for simple reasons. For example, if I want to give a nice gift to a friend, my chances of finding a good gift improve if I can gather data about my friend. I can pay attention to what my friend says. I can observe my friend’s behavior. Or I can ask my friend some questions.
You can probably think of many more common examples in which we gather data in our personal lives. Why? Well, gathering data with our senses help us live and improve our lives. It is a “two-way surveillance” practice: I can look at my friend, and my friend can look back at me. Simple.
It becomes a lot more complex when organizations observe us. Here are 4 differences (there are probably many more, feel free to email me about differences you spotted):
- Organizations often observe many-to-one or many-to-many, and they do this covertly without giving you the chance to look back.
- Their means of gathering data today are mostly technology-driven (this makes the game unequal for the individual that doesn’t have such technologies)
- Their goals and intentions don’t come from an individual but from a changing group of people.
- They often have databases but not always clear rules and boundaries about what they can do with that data.
One thing these differences have in common is that they are unequal.
This is an important point to remember and to be honest about in your organization. Your clients, customers, visitors care about truth and being respectful. Therefore, here’s a list of points to consider:
- Which unequal observation methods does your website use? And why?
- This is not the same as unethical: it can, for example, contain survey software that multiple people in your organization read, but it is important to be aware of it.
- Are there things you currently collect but don’t need to collect?
- What are the standards, codes, and data ethics your organization wants to convey?
- How do you convey them?
Answering these will give you more insight and clarity to create a truly privacy-friendly organization.
Unfortunately, not every organization cares to think like this. Sometimes it seems they want more data just for the sake of it. So…
…Why oh why do all those organizations want to feast on my personal data?
Every organization is different, and it’s beyond the scope of this article to look at all their reasons. So, although there are many more, let’s start by looking at one organization. This one serves as an example for us to show how to look at other organizations. Three key questions to keep in mind are always:
- What do they collect
- What can they do with it
- Why does that mean
Here’s an organization that does tell us what they will do with our data; Google.
What they collect
What they can do with it
Another quote: “This license allows Google to:
- host, reproduce, distribute, communicate, and use your content — for example, to save your content on our systems and make it accessible from anywhere you go
- publish, publicly perform, or publicly display your content, if you’ve made it visible to others
- modify your content, such as reformatting or translating it
- sublicense these rights to:
- other users to allow the services to work as designed, such as enabling you to share photos with people you choose
- our contractors who’ve signed agreements with us that are consistent with these terms, only for the limited purposes described in the Purpose section below”
More bluntly, they can do whatever the heck they want with your personal information and outings anywhere on Google. They are totally in control, and you are NOT. Unless you’re some high-level director or executive working at the company, you have zero influence over what Google does.
Why this matters
As of July 2021, the net worth of Google is estimated at around $320 billion. Google’s parent company Alphabet has a net worth estimated at around $900 billion. That makes it one of the most valuable companies in the world.
That value comes directly from our data being transformed by Google into products and services and sold to other (smaller) organizations. They win from two sides: they get virtually free data, and other businesses transfer money to them to use copies of that data. (remember it’s digital, so they can make as many copies of it as they want, and therefore, they have an infinite supply that is constantly replenished for free)
This makes Google grow larger and larger and strengthens its power in the world. With this power, they can do whatever they want, like buying up competitors. (And a reminder from history: power can be abused without proper government and checks).
So, quick recap; here’s how Google turns your data into real-world power in 7 simple steps…
- Step 1: You use the internet and likely one of Google’s “services”
- Step 2: Google’s applies Consent Jujutsu
- Step 3: Google can use your data as they please.
- Step 4: They sell copies of your data to those who would like it.
- Step 5: Google gets more money.
- Step 6: Google can use that money to buy competitors.
- Step 7: Google gets more power.
Many people say a common thing at this point: “Let them look; I don’t have anything to hide.” It’s understandable, but then you probably missed the point.
Because this point is not about you as a person, it is also not about friends who buy gifts for each other. They have fair and equal means to get information from each other. This point is about how organizations can spy on humans to exploit them. It’s about giving and having an actual choice for privacy, protecting our human rights from organizations who want to violate these rights for profit.
The argument “let them look, I don’t have anything to hide” implies that if people cannot look at you, you do have something to hide… But isn’t this completely the opposite way of looking at the problem?
It blames the watched instead of the watcher.
This clever shift of focus (shining light on the watched instead of the watcher) keeps the watcher out of the discussion. To put it more poetically: it lets big brother hide in the dark while he can focus an even brighter spotlight on his victims.
Gathering data about others is fine in a personal setting, like understanding your friends.
But it becomes unethical when it checks these four boxes (especially the fourth):
- Personal data is collected by groups of people,
- without asking,
- with unequally better surveillance equipment,
- and with the means to manipulate your data in their interest to become more powerful and possibly use it against you;
With more and more people becoming aware of this problem, there is a reasonable chance more regulations and oversight on data collection will take effect.
So, how will we get out, and how can YOU be ready for this future?
To pave the way to a privacy-friendly future without consent Jujutsu, we must have better data dignity.
For quite some centuries, personal dignity has been our right to be valued and respected for our own sake and treated ethically. I believe the same value must be recognized for every person’s data. When we apply the principle of dignity to our data, we can make a political and legal argument for better protection. Also, better punishment of those who abuse our data. (It wouldn’t be the first time governments regulate the social norms and rights we value; many historical social movements created the laws we still cherish today.)
Organizations must show they have good data manners and are ready to deal with data properly in today’s world. Here’s how…
3 tips for your organization
- Don’t collect data you don’t need. (If you use tools, try to use privacy-friendly tools)
- Ask nicely, give people a real choice and let them know what you will do with their data.
- Give people the possibility to look back at your organization.
Some of my readers here might think at this point: “but I can never do that” or “that doesn’t work in my organization.” Trust me, it does. It portrays honesty towards your relations. It shows you’re willing to share, and your organization is morally good.
At Simple Analytics, our mission is to give you the fastest, easiest, and most ethical insights about your website performance while upholding the highest privacy standards.
To achieve this, Simple Analytics has an open roadmap for you to see the next steps or request features. Also, we operate fully transparently by sharing our metrics (including revenue, costs, amount of customers, and traffic).
If you enjoyed reading this article and you’re interested in learning more about privacy, consider subscribing to the privacy newsletter.
Every month we give you short, sweet, and insightful privacy summaries and help you stay in the know. Needless to say, our emails never track anything, ever. We want to spread the word and help more people become aware of the dangers of data exploitation. Also, we’ll suggest ethical solutions or other privacy-focused apps. You can subscribe for free at: https://theprivacynewsletter.com
About the artworks in this article.
The pictures in this article are stylized by an AI from https://creator.nightcafe.studio. The style input for these was the Renaissance painting The School of Athens by Raphael (1509 - 1511).
The topic of Raphael’s original painting portrays ancient Greek philosophers. After the Middle Ages, Brunelleschi introduced a vanishing point, and with it painting with a “realistic” perspective became the dominant way of painting during the Renaissance. This was, at the time, a new way of looking at our world. The AI of nightcafe.studio missed the whole point of perspective, which was valued so much. The AI put a brown layer on all the images as the “style.” I found his painting a good metaphor for thinking through your findings and the way you represent data. Data isn’t “the truth,” only a way of representing our reality.
- How we give away our privacy with common misbeliefs
- Why Floc is a Flop
- The easy answer to hard questions about analytics and privacy
Written by Tim de Nood (follow Tim on LinkedIn)
Want to give Simple Analytics a try?
Start a trial of 14 days for free
Or subscribe to The Privacy Newsletter