IAPP-GDPR Web Banners-300x250-FINAL
Privacy and the City

I have written on the need for adequate privacy protections to allow individuals to exercise their Right to Fail. For people to come together to collaborate and innovate, we need to make certain individuals can try new ideas. We need people to take risks and often fail, without running the risk that every failure will be catalogued forever in a virtual permanent record and those failures will be retrievable with a simple Internet search or report from a data aggregator/broker. People are inherently social and want to collaborate and innovate, but we need to create the right privacy policy environment to both foster that innate desire and protect individuals from counterproductive consequences from our social nature.

Edward Glaeser wrote on just this topic in his excellent book, Triumph of the City: How our Greatest Invention Makes Us Richer, Smarter, Greener, Healthier and Happier . The book describes how cities have historically been the engines of innovation as they bring people together to collaborate and create.

“There is little that you own or use or know that wasn’t created by someone else. Humans are an intensely social species that excels, like ants or gibbons, in producing things together. Just as ant colonies do things that are far beyond the abilities of isolated insects, cities achieve much more than isolated humans. Cities enable collaboration, especially the joint production of knowledge that is mankind’s most important creation.” (P.249)

When encouraged with productive policy decisions, cities can be environmentally efficient economic and innovation engines. Productive policy decisions are important in cities, because the more people come together in limited physical space, the more important it is to proactively manage the negative consequences of human interaction—disease, crime, free riding and reductions in privacy. While Glaeser points to several negative policy decisions which reduce the effectiveness of cities, such as limiting the heights of buildings, he also advocates that regulation is necessary. Glaeser’s model is instructive as we continue to look for the most productive ways to regulate our online environments where we socialize and collaborate.

“The enduring strength of cities reflects the profoundly social nature of humanity. Our ability to connect with one another is the defining characteristic of our species. We grew as a species because we hunted in packs and shared our kills. Psychologist Steven Pinker argues that group living, the primitive version of city life, “set the stage for the evolution of humanlike intelligence.” We built civilizations and culture together, constantly learning from one another and from the past. New technologies from the book to Google have failed to change our fundamentally social nature. They’ve made it easier to learn some things without meeting face-to-face, but that hasn’t eliminated the extra edge that comes from interacting in person. Indeed, since new technologies have increased the returns from new ideas, they have also increased the returns from face-to-face collaboration.”  (P.269)

Glaeser’s point on the significance of face-to-face contact strikes me as true. Our online interactions create connections, inform us and preserve relationships, but it is in-person contact that fosters lasting bonds and best sparks innovation and new ideas. Technology companies, like Intel, which have researchers dispersed all over the world, still value and invest in opportunities to interact face-to-face. A recent conversation with Duke University’s Director of the Center for Learning Healthcare Dr. Amy Abernethy reinforced this point. Dr. Abernethy shared that healthcare data analytics provide substantial guidance to a physician but they improve, instead of replace, the value of the physical connection of the in-person meeting between a doctor and a patient.

Given the close connection between our online and physical interactions, there is much we can learn about encouraging successful online collaboration and innovation from the policies that have supported growth of the world’s great cities. Among Glaeser’s observations, are four specific policy insights for thriving cities:

  1. Provide clean water.
  2. Reduce crime (create visibility to crime so people can help in policing).
  3. Increase tolls on the use of roads (decrease free riding).
  4. Remove restrictions on building heights (reduce artificial restrictions on people interacting).

There are four direct online analogies to these policy recommendations:

  1. Decrease malware (purify the stream of data, so that people may drink from it).
  2. Reduce cybercrime (specifically by creating a functioning identity system that preserves privacy).
  3. Provide modernized privacy laws, and give individuals technology to increase control over how their data is used (decrease free riding on the sale of personal data).
  4. Remove unnecessary administrative burdens and restraints on international data transfer.

The Internet creates myriad “virtual cities” where individuals work, socialize, enjoy entertainment, learn and innovate. As with physical cities, individuals have considerable concern with crime and whether they are at risk. Improving cybersecurity through decreasing the ability of malware to cause harm, and investigating and prosecuting cyber-criminals, is a critical need for better-functioning virtual cities.

Similarly, individuals report significant concerns about online privacy. To help address these concerns, we need improved privacy laws and better privacy technologies.

Governments have traditionally placed the burden of protecting privacy on the individual by presuming individuals read privacy notices. These privacy notices have never been a complete solution, and the framework is becoming less useful. The complexity of how online services collect, use, store and protect personal data has greatly increased. Website privacy notices are either long and complicated legal documents, or short and vague statements. Neither works well in the mobile applications computing environment. Individuals are voting with their eyeballs and are choosing to skip past the policies entirely. While not particularly useful for individuals, detailed privacy policies can provide important information for regulators and advocates. We need to separate the notions of transparency and notice. We should require complete and thorough transparency for regulators and advocates, while allowing context-based notices of the information individuals most importantly need to make decisions—such as the requests to allow mobile applications to collect location information.

Along with separating transparency and notice, individuals need accountability-based privacy laws. These laws should implement the Fair Information Practice Principles while recognizing individual consent is less useful these days. In many situations we need to look to other principles such as accountability, reasonable access/deletion, robust security and appropriate use restrictions. The implementation of these principles should move away from bureaucratic solutions like country-specific restrictions on international data transfer or database registration/notification. The laws should instead look to new methods for regulators to measure whether an organization has accountable processes—such as, co-regulatory privacy seal programs—and methods to increase access—such as, aggregated obscurity centers.

Improved laws can then provide a backstop of protection, while innovators work to provide mechanisms for individuals to take more control of their data. A useful resource for discussion of these privacy innovations is www.wethedata.org.

Just as millions of poor rural people are moving to urban areas, we also see increased global use of the Internet. If we can modernize our online policy regulation, then we will encourage improved collaboration and interaction, which will deepen face-to-face connections. Fostering safety and trust in our virtual cities will then encourage the innovation and economic growth to enrich the physical lives of every person on earth.

photo credit: Sprengben [why not get a friend] via photopin cc

Written By

David Hoffman, CIPP/US


If you want to comment on this post, you need to login.


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Advertise in IAPP Publications

Find out how to get your message in front the people you want to reach. Download a media kit now.

Get more News »

Find a KnowledgeNet Chapter Near You

Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.

Women Leading Privacy

Events, volunteer opportunities and more designed to help you give and get career support and expand your network.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The Training Post—Can’t-Miss Training Updates

Subscribe now to get the latest alerts on training opportunities around the world.

New Web Conferences Added!

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Staff

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Get Close-up

Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.

Where's Your DPA?

Our interactive DPA locator helps you find data protection authorities and summary of law by country.

IAPP Westin Research Center

See the latest original research from the IAPP Westin fellows.

Looking for Certification Study Resources?

Find out what you need to prepare for your exams

More Resources »

GDPR Comprehensive: Registration Open

New! Intensive two-day GDPR training led by the sharpest minds in the field. It's a can't-miss event.

The Congress Is Cancelled

The IAPP Europe Data Protection Congress 2015 is cancelled. Click through to learn more.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Exhibit at an Event

Put your brand in front of the largest gatherings of privacy pros in the world. Learn more.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»