Why Data Privacy Matters to Me, an AdTech Dropout

Photo by Mikhail Nilov from Pexels

I like to joke that being the ‘privacy girl’ at an AdTech company is like being the ‘horse girl’ in elementary school. You know the one — she’s super into horses. Riding them, reading about them, watching Black Beauty even though it’s super sad. It’s all well and good, but nobody really gets it unless they are also a ‘horse person.’ In any class, there’s always one. You can also find a few fellow data privacy girls in any AdTech company, and, believe it or not, we’re gaining in popularity. Yet, the majority of people still don’t get why data privacy is so important to us.

As I embark on the next phase of my career as an AdTech dropout/current MBA student, I find myself needing to explain the wonders of data ethics, the potential of federated learning, and the beauty of the GDPR to folks who look at me like I’ve just invited them to a private screening of Seabiscuit. Look, I get it — snooze fest!

Why should you care when there’s so much else going on in the world? While I’ve explored these topics in-depth before (and plan to continue to do so in the future), I thought this fresh start would be a great opportunity to revisit why data privacy underpins so many of the exciting questions of our time.

When I started in the San Francisco AdTech ecosystem, there was only one privacy rule: Don’t re-identify anybody. At first, I was amazed at how much pseudonymous data (cookies, mobile IDs, hashed personal data, the whole lot) to which our team had access, and I worked to develop products based on our ability to create a network of data owners. Over time, I started to wonder if our one rule was really doing consumers justice — why did I have this uneasy feeling that, though no one in our company was by any means nefarious, we weren’t really protecting consumer interests?

The simple answer: Knowledge is power. We live in an age where societal participation is contingent on sharing our data, and firms and governments hoard it. A lot of it. Most data use is likely harmless and even potentially beneficial:

But what happens when it’s no longer about the number of cats? What happens when that same health data is used to deny insurance claims? Or transaction history is used to reject a mortgage request? Many of you will have seen the dark side of data collection either personally or in the news headlines.

This is the reason a right to privacy, and developing a shared, culturally contextual understanding of data ethics beyond it, is so important. Without this baseline social contract, we have no foundational mechanism for preventing data abuse, no mechanism to exert any power. Without a right to privacy, we open the door for firms we do not elect to unintentionally (or intentionally) use the data they’ve collected to nudge us in the direction of their goals or discriminate against marginalised groups. While this is a Western, “small d” democratic view of privacy, the principles of who has access to the most data, who is empowered to use it, and thus, who holds the most power, are universal.

It’s unrealistic to think any one set of privacy regulations imposing a binary “yes/no” or “opt-in/opt-out” way of thinking about data use will solve this problem. Over time, we moved beyond the ‘don’t re-identify’ rule and towards actual codified legislation regarding data privacy. Regulation thus far operates in a patchwork, with the EU’s 2018 General Data Protection Regulation generally accepted as the gold standard. Yet, technology developed to handle data isn’t generally purpose-built for a given regulatory regime — it’s global, as this is the only way you can scale your products effectively. So, how do we square this circle?

Yes, a right to data privacy is required at a foundational level to even begin the conversation. However, data privacy is also starting to extend to what happens once data access is granted. How do we, as a global data ecosystem, want to shape both technology and policy to ensure data is used for good, rather than evil? Can that even be achieved in a global context? These unanswered questions are why data privacy is so important — This privacy girl believes how we answer them will fundamentally shape society for decades to come.

If you’re interested in this topic and would like to read more (from other people and not my armchair public interest technology musings…), check out:

  1. The Age of Surveillance Capitalism by Shoshana Zuboff
  2. Privacy in Context by Helen Nissenbaum
  3. Who Owns the Future? by Jaron Lanier
  4. Kara Swisher’s NYT Op-Ed columns

I have more if you want to reach out!

Armchair Public-Interest Technologist | Working to make sense of the intersection between policy & technology