A former policy director at the Center for Humane Technology, he is the author of seven books
If the testimony of whistleblower Frances Haugen, a former Facebook data scientist, before a US Senate subcommittee told us anything, it was that tech companies cannot be relied upon to regulate themselves. And why should they be?
It is a basic principle of modern economics that governments mandate the terms of operation for business. The real question is how governments can best exercise this authority when it comes to the tech sector.
Facebook, Google, Amazon, and other tech companies have been allowed to develop unprecedented surveillance-based business models that include relentless capture of personal data, including geographic locations, and the manipulation of users with hyper-targeted content. And yet, as Haugen testified, “Almost no one outside of Facebook knows what happens inside Facebook.” The KGB would have been envious.
But tech companies also serve a useful purpose.
They have built much of the public infrastructure of the digital age, including search engines, global portals for news and social networking, GPS-based navigation apps, online commercial and job marketplaces, and movie, music, and livestreaming platforms.
To enable digital platforms to continue performing a beneficent role, while minimizing their harm, governments should require them to secure “digital operating licenses.” There is plenty of precedent for this: from grocery stores to nuclear power plants to pharmaceutical manufacturing facilities, traditional businesses must be granted various licenses and permits before they can begin operations, not least to ensure the safety of workers, customers, the environment, and the local community.
Likewise, to be granted a digital operating license, tech companies would have to meet certain conditions. The first would be to obtain users’ explicit permission before collecting any personal data, using an “opt-in” consent system instead of an “opt-out” system that must be periodically renewed.
Since tech companies first developed their business models, users’ private data have become their real cash cow.
Companies sell psychographic profiles of users to advertisers and political operatives, who then target them with manipulative content. There have also been leaks. In 2014, for example, the political consultancy Cambridge Analytica harvested information from the Facebook profiles of more than 87 million users – information that it used to try to sway voters.
Five years later, Facebook leaked 530 million users’ private data.
Tech executives argue that their data grabs benefit users by giving them personalized ads that cater to their individual desires. But how many times do you need to see ads for hiking boots, especially after you have purchased them? The risks of the surveillance-capitalism business model far outweigh the benefits.
The digital operating permit could also require companies to ensure compatibility with “middleware,” third-party software that helps users to manage their online experience. Software that blocks online advertisements is one example. Another is a smartphone app that allows users to turn data-collection and location-tracking on and off as needed, with the touch of a button. Want to call a taxi?
Turn on location tracking so the driver knows where to find you, and then turn it off – no more tracking, and no transaction data retained. If this functionality – a limited version of which is now included in Apple’s iPhone iOS – becomes widespread, it could upend Facebook’s “data-grab-for-profit” model.
Other middleware could target “dark patterns” in platform design: engagement tricks like infinite scroll, autoplay, pop-ups, and automated recommendations, which keep users clicking and viewing. Platforms like Facebook deploy such “behavioral nudges” to ensure that users continue to see ads – the single biggest source of Facebook’s $86 billion in annual revenue.
Copyright: Project Syndicate, 2021