One of the the things that we need to consider when making ethical decisions is the impact the decision will have, not just now and in the foreseeable future, but in the distant future. We need to think about this because we are making decisions that will affect people who have no say in it, so we need to be aware that we may be infringing on their rights and their autonomy to decide if these rights should be given up. So “will privacy exist in 2040?” was an interesting discussion topic we encountered during duty the cybersecurity ethics course. Before I think about privacy in the future, I need to define what it is now, so I revisited what privacy is to me:

• Keep my business to myself.
• Have explicit control of my information.
• Know who knows my information.
• To be forgotten.

The question “Will privacy exist in 2040?” evokes images of constant surveillance and intrusion, Froomkin (2000) supports this image with a number of threats to privacy, even asking if mass privacy is a recent invention (p. 1467). I don’t believe so, but perhaps it has been given prominence by challenges to it from government and industry. The Australian government has introduced a number of privacy-eroding bills and acts in recent years (Telecommunications and Other Legislation Amendment Bill 2018, 2018),  (Identity Matching Services Bill 2019, 2019), (Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021, 2021), (Security Legislation Amendment (Critical Infrastructure) Bill 2020, 2020). And commercial agreements between data analytics companies such as Acxiom, Experian, Australia’s own Quantium working with financial institutions, track us across the purchase lifecycle (Thomas, 2018), they also have agreements to “‘close the loop’ by bringing offline behaviour onto Facebook” (Baker, 2015). 

On the side of privacy, the Notifiable Data Breach Scheme was introduced in 2018 and laws to protect privacy are ever evolving – we see evidence of this with biometric data classified as identification information and sensitive information respectively in Criminal Code Act (Cth), (1995) and the Privacy Act 1988 (2021). Europe has the General Data Protection Regulation (GDPR) which includes the right to be forgotten (Wolford, 2018) – echoing Judge Cooley’s right “to be let alone” (Warren & Brandeis, 1890, p. 195 as cited in Moor (1990)) and the USA has data breach notification laws in every state (NCLS, 2021). We also have: businesses such as DuckDuckGo, Apple, MailTumble (an Australian startup which provides email masking); and organisations including the Australian Privacy Federation and IDCare,  advocating for privacy. 

With forces both for and against privacy, I believe privacy will exist in 2040, but it will be in a more complex, explicit and informed landscape. Will we actively control our privacy and make informed decisions as to when, where and with whom we trade it? Or will we continue to give it away frivolously? As more people become more aware of the value of privacy, both to our identity and financially, I predict that the growth in privacy protection will continue (Dax the Duck, 2019). Whether individuals choose to be engaged and actively make informed decisions or not, it will be their informed decision to make.

References

Baker, R. (2015, July 20). Facebook makes data deal with Quantium, Acxiom and Experian to fuse offline and online data. AdNews. https://www.adnews.com.au/news/facebook-makes-data-deal-with-quantium-acxiom-and-experian-to-fuse-offline-and-online-data

Criminal Code Act (Cth), (1995). https://www.legislation.gov.au/Details/C2019C00043/Html/Volume_2

Dax the duck. (2019, October 3). New duckduckgo research shows people taking action on privacy. Spread Privacy. https://spreadprivacy.com/people-taking-action-on-privacy/

Hally, L. (2021, November 3). Privacy. A Cyber Security Blog by Luke Hally. https://www.lukehally.au/security-culture/privacy/ 

Froomkin, A. (2000). The Death of Privacy. Stanford Law Review, 52(5), 1461-1544.

Identity-matching services bill 2019, House of Representatives (2019) (testimony of Parliament of Australia & Home Affairs). https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6387 

Moor. (1990). The ethics of privacy protection. Library Trends, 39(1-2), 69–82.

NCLS. (2021, April 15). Security breach notification laws. National Conference of State Legislatures. https://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx 

Privacy Act 1988, (2021). https://www.legislation.gov.au/Details/C2021C00452

Security Legislation Amendment (Critical Infrastructure) Bill 2020, House of Representatives (202o) (testimony of Home Affairs). https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6657 

Surveillance Legislation Amendment (Identify and Disrupt) Bill 2021, House of Representatives (2021) (testimony of Home Affairs). https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6623 

Telecommunications and other legislation amendment (assistance and access) bill 2018, House of Representatives (2018) (testimony of Parliament of Australia & Home Affairs). https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6195

Thomas, E. (2018, April 19). The brave new world of ‘surveillance capitalism.’ The Feed. https://www.sbs.com.au/news/the-feed/the-brave-new-world-of-surveillance-capitalism 

Warren, S. D., & Brandeis, L. D. (1890). The right to privacy. Harvard Law Review, 4(5), 193. https://doi.org/10.2307/1321160 

Wolford, B. (2018, November 5). Everything you need to know about the “Right to be forgotten.” GDPR.Eu. https://gdpr.eu/right-to-be-forgotten/