What if we could have technology and privacy innovations brought to us at the same time? That’s the question that I unexpectedly asked myself recently.
Last week, I finally upgraded to a smart TV. I decided that after years of flipping through channels and laboriously switching between inputs to go from streaming to cable, I’d let technology help me be more relaxed during the rare hours when I can actually sit down and watch TV.
As I was setting up my new toy, an interesting prompt popped up on my screen. Did I want to let something called Samba TV — a company I’d never heard of — track my viewing habits to offer me better TV recommendations in exchange for gathering data about me? Normally, as a longtime privacy lawyer I’d reflexively answer, “Heck no!” After all, in the extreme majority of cases that sort of data collection is a Trojan horse; a gift wrapped privacy invasion.
I was skeptical. After all, what self-respecting privacy nerd wouldn’t be? But, I was also intrigued — not just because I was excited about what the service could offer but because of how clear the privacy tradeoff was. I let Samba collect data on me and in return I get the shows I want pushed to the front of my screen and I no longer have to watch ads for how elderly people can benefit from reverse mortgages. If at some point I no longer wanted Samba to track me, I could easily go into my TV’s setting and turn the system off.
The simplicity of this was particularly appealing to me because I regularly read through pages of fine print in terms of service forms. The purpose of these disclosures is not to protect consumers’ privacy but, rather, to indemnify companies from liability for the collection, utilization and sharing of consumer data, often done without consumer knowledge because, despite the disclosures, nobody (myself excluded) reads a single word.
But here was a company being completely upfront about the tradeoff it was making with the user and giving that user an easy way to stop the tracking at any moment. No hiding the ball. Just a clear offer, a request and a clear demonstration of how agreeing to share my data benefits me directly.
This is a model for how it should be done and it shows that opt-in is really a simple idea in both theory and practice. It also shows that creating privacy policies that work for people, as well as for corporations, isn’t that difficult.
That’s an important lesson for companies as they move into a new phase of privacy regulations. In June, California’s legislature passed new rules that have the potential to reshape the way our digital data is handled.
The new California requirements are a slightly lighter version of privacy rules that are now in effect in Europe. Known as the General Data Protection Regulation, GDPR set the stage for consumers to take more control over their private data. Under GDPR (and the new California law), consumers have the right to know what sort of data web sites are collecting and how that data is being used, sold or shared with other companies. Consumers can ask that their data be deleted and that it not be sold to third parties.
It’s no surprise that the new California regulations have inspired some blowback from Silicon Valley. The rules do not take effect until 2020 and many companies have vowed to push for amendments in the coming years to help preserve their current business models, which, increasingly, rely on sharing user data to benefit their businesses without any benefit to the consumer.
These new privacy regulations will require a rethinking of privacy policies and the way companies interact with their users. But since the California rules are somewhat similar to the European rules, many companies have already had internal discussions about this topic. While they won’t be able to just port their European standards over to the U.S. to comply with the new rules, corporations have plenty of time to adjust.
And they may find that when transparency increases, users will more fully embrace the value proposition.
While privacy is still a prickly subject, most people have come to terms with the reality that in order to get the services they want or need for free, there has to be some give and take. And if what companies give is clear offers with clear tradeoffs for better service, lower prices and more of the stuff consumers demand with less of the stuff they don’t want, that’s a deal most consumers will take.
While watching TV the other night I noticed that Samba had gotten to know me quite well. The service suggested a British soccer game that I otherwise wouldn’t have known where to find (I’m a massive Manchester City fan). I felt comfortable that I was getting a good return on sharing my information. But I also felt good about the fact that at any moment, I could stop that collection.
I’m hoping that the California privacy law will prompt more companies to follow Samba’s example.
Tim Sparapani is senior policy fellow at CALinnovates, a nonpartisan coalition of tech companies, founders, funders and nonprofits.
Morning Consult welcomes op-ed submissions on policy, politics and business strategy in our coverage areas. Updated submission guidelines can be found here.