Many hope that the "privacy problem" will simply go away. There is just too much money to be made keeping the status quo. But that won't happen. The "privacy bomb" is about to go off, leveling business models and ambitions with a "big bang" to be heard around the globe.
The last major privacy legislation in the U.S. was 37 years ago. In computer years, that is the Stone Age. Back then, there were no PCs, mobile phones, video cameras, sensors, satellite cameras, or Internet. Regulation was about protecting comparatively small bits of personal information from governments and corporations. Now there is the Internet, boundless and mobile computing resources, and unfathomable quantities of data being processed in milliseconds. We are at the dawn of the "Big Data" Era.
Indeed data are the oil of the 21st century. Yet the unbridled use of data poses significant risks to all free societies. Some pundits have framed this as a Hobson's choice between privacy and economic growth. Others have proclaimed that "privacy is dead" and "we should get over it".
In one sense, the "get over it" pundits are correct. Data are being collected and mined about us every minute of every day. Hence, any expectation of privacy as an absence of data collection is unrealistic. It is impossible to hide from "Big Data". It cannot be eliminated. But it can be tamed and rendered trustworthy.
Trust, not privacy, is the operative term here. Trust in knowing that data are what they purport to be; trust in knowing that they will be used and shared as they are supposed to be; trust in knowing that they will not be used to control, manipulate, or deceive. Trust in knowing that policies and contracts will be effectively and transparently enforced within a legal and technological framework. Such frameworks have come to be known as Trust Frameworks within the Obama Administration privacy initiatives.
This is not something that governments can do alone. Trust Frameworks offer a combination of contractual, policy, technology and governance mechanisms whereby a baseline criterion of privacy and sharing can be transparently and independently monitored and enforced. The role of governments is to set baseline performance metrics, and then have independent entities audit and enforce those criteria. Trust Frameworks will need to be internationally "interoperable" with respect to both technology and policy.
The Obama Privacy Policy advocates a bill of privacy rights for individuals. By giving the consumer the right to control their personal data, not only does this policy affirm fundamental democratic principles, it is also frees data tied up in database silos. By making the individual the locus of control, there is the unexpected benefit to individuals and corporations alike to increase the flow and the economic value of data.
Yet why should consumers care? What is in it for them? The short answer is convenience, empowerment, money and services tailored just for them. Consumers can be paid for their data. Passwords go away. So does spam and suspicions about who has my data or who might be playing online games with my kids. My mobile phone becomes a trusted platform for vital services -- health, financial, educational, professional, entertainment and personal. It knows an enormous amount about me: where I am, whom I talk to, text, and email; what I buy, my friends, colleagues, my unique interaction patterns. It can be a trove of valuable, even life saving data. Or it can be an instrument of Orwellian control. Trust Frameworks can make such mobile platforms useful, safe and democratic.
That perspective is reflected in both the Obama Administration's National Strategy for Trusted Identities in Cyberspace (NSTIC) policy and in the Department of Commerce Green Privacy Paper. There is the recognition that policy evolves and that rules should not inhibit market innovation. Hence, a real prospect for a "win win" solution that could trigger enormous economic growth not just for developed but developing countries as well.