Congressional Hearings: The Funniest Show In Town?
“Congress was confused by the Internet During Hearing With Google CEO”, says the title of a YouTube clip highlighting key moments from a congressional hearing with Google CEO Sundar Pichai. A similar YouTube clip about the congressional hearing of Facebook CEO Mark Zuckerberg bears the title “Mark Zuckerberg’s most Funny & Awkward moments in front of US Congress”. These videos may appear funny to anyone with some basic understanding of Internet technologies. Yet these hearings reveal a disturbing reality, demonstrating lack of understanding of technologies that people use on a daily basis. In order to further develop this discussion, we need to take a step back.
A Free Circus Experience?
A man walks down the street, as a red-nose clown approaches him. “The greatest clown show in town is about to start around the corner, and entrance is free of charge”. “Here’s a list of 500 enthusiastic reviews on Facebook”, adds the clown while showing reviews on his mobile phone. “Free of charge?”, asks the man? “It doesn’t cost you a penny”, answers the clown. The man thinks to himself “Why not? Worst case scenario, if I don’t like the circus, I’ll leave halfway the show”. He goes to the circus. Upon entrance, he is given an entry ticket (without paying) and is being asked to leave his bag and mobile phone at the reception, respecting the circus’ “no bags, no phones” policy.
By accepting the entry ticket and by entering the circus, the man accepted the Terms & Conditions (T&Cs) of the circus. Among others, these T&Cs – which the circus visitor most probably hasn’t bothered reading on the back of his entry ticket – state that the circus staff is eligible to examine the contents of the visitor’s bag while the person is watching the performance. But the visitor does not know this, as he did not read the text on the back of his ticket.
A New Paradigm for Buying Services Via Mobile Devices
In the past people would primarily consume services of companies that they know and trust. People would not buy services regularly, and every purchase would entail a non-trivial investment. Nowadays this model has completely changed. Take for example iTunes, which introduced the purchase of a single song for 99 cents, rather than buying a whole CD, thereby psychologically making it easier for consumers to purchase a cheap “micro service”. With the proliferation of mobile phones, the App industry has thrived. Any smart kid with programming skills can create Apps and make them available on the App Store. And so can criminal organizations, or any person with bad intentions.
The Myth Of Free Apps
Downloading an App is now just a matter of one “click”, and many Apps are offered at no monetary cost (i.e. “free” Apps). With the explosion in service (App) providers and in consuming “micro services”, verifying trustworthiness of service providers has become history. Most people do not realize that when they download a “free” App, they in fact accept the Terms & Conditions of the App provider. Often they pay for the Apps with their privacy, not with money. In most cases, users do not know the App provider and they do not read the Terms & Conditions. Often the App requires permissions to read the person’s address book or access files on the mobile phone. The App might actually require such access to function well (in comparison: the circus requires you to leave the phone behind, to avoid noise during the performance). Yet there are plenty of Apps that require more permissions than appears to be needed, e.g. unnecessary access to your address book or to your files (in comparison: the circus is eligible to examine the contents of the visitor’s bag). And even if the permission is justified (e.g. a camera App requires access to your file system), the question is whether you trust the service provider to not use the granted permissions for other (less legitimate) purposes. How can you trust the service provider, if you don’t even know who they are?
The purpose of this long introduction is to clearly make the point: in the digital space people do not use the same judgement as they do in the physical space. Most people will clearly be able to identify what is the responsibility of a service consumer in the physical world (e.g. you won’t sign a mortgage contract before reading it). Yet in the digital world they neglect to assume their own responsibility to verify who is the provider of Apps that they download, and what are the Terms & Conditions (most notably: permissions) of the App. Neither do they verify which information the App provider will collect about them, nor what they allow the App provider to do with this information.
Ignorance Does Not Provide Relief From Responsibility
When you drive a car, you are assumed to be familiar with traffic laws. If you drive too fast, you will be fined, even if you didn’t know the speed limit. When you go to a service provider upon appointment (dentist, physiotherapist etc), you accept his/her cancellation policy, and thus if you do not arrive for your appointment, he/she may charge you for the lost time. Using the same logic, when you use a digital service, you must be familiar with the T&Cs governing this service. When you download (i.e. purchase, even if at no monetary cost) an App, it is your own responsibility to read the T&Cs before you click on “install” and thereby accept the T&Cs of the App provider. You probably read a mortgage contract before signing it. Thus why don’t you do the same with mobile Apps?
Reflection: The Technology Knowledge Gap
Many technology users are not well-educated about the technologies that they use. This statement knows no societal boundaries. It holds for your random neighbour’s old parents / grandparents and teenager kids, as much as for a distinguished politician, actor, author, electrician or business woman. Reasons for the lack of knowledge include:
- Broad user base: almost everybody uses technology services (mobile)
- Complexity: Technology evolves very fast
- Unfamiliarity: Many technology users do not understand technology
- Mode of consumption: As service consumption shifted towards “micro services”, users no longer make an effort to vet the service providers or the service itself
This last bullet deserves some extra attention. Traditionally, consumers have been paying monetary compensation (i.e. money) to service providers: the service fee. Consequently, consumers’ minds are fixed on “payment” being equal to “cost”. When a service is offered at no monetary cost, consumers do not ask themselves whether there is another hidden cost (i.e. their data and privacy!), because in their minds, “cost = payment”. It’s a matter of education. Cost is not always monetary.
Government Role: Regulation And Education
Government’s role is to protect citizens. Protect from heath risks, from terrorism, but one can argue that Governments need to protect citizens also from their own ignorance. In this context, Government’s involvement in regulating technology companies is positive and even necessary. Legislation can protect consumers who are not aware of the consequences of their own actions (in using technology). The EU data protection legislation GDPR, which entered into force on 24 May 2016 and applies since 25 May 2018, has been an important step in this direction. The introduction of GDPR also helped create awareness to data privacy among many people. One can discuss whose responsibility it is to educate consumers: is it their own responsibility, or also the responsibility of Governments. School curricula can teach children the data privacy aspects of using technology, besides the hard skills of using technology.
Bridging the Knowledge Gap Is An Evolution Process
Current developments are not different from other areas where evolution has been the result of a crisis, which lead to a solution (=the evolution). For example the growth of a company. When a start-up succeeds and grows, it appears that the management style no longer fits a larger company. New processes are introduced, and the management style changes, to fit the new reality. Employees are being educated about the new processes, and why they are required. Our society is currently undergoing this same process on a massive scale, because the “company” and its “employees” include all users of technology, or at least all users of mobile technology and Internet. Congressmen and Congresswomen who asked “funny” (read: uneducated) questions during the hearings of Google CEO and Facebook CEO are such “employees” that need to be educated. And at the same time it’s their own responsibility to educate themselves.
The Road Will Be Bumpy
The road towards bridging the knowledge gap will be bumpy:
- Education and change of behavior are by definition long processes. At the same time the pace of technology evolution is unprecedentedly fast.
- The impacted population is massive; it includes any Internet user.
- Politics: The discussion about data protection and about the role of technology companies in protecting consumer’s privacy is partially also a political debate. In political debates, tactical political gains sometimes impact the debate, not necessarily aligned with facts. This can happen here too.
What Can I Do?
If knowledge gap is the problem, education is a solution. While Governments are in the process of regulating technology usage, each individual can contribute:
- Educate yourself about the usage of Internet-based technologies
- Review the permissions of Apps before downloading them; especially when downloading Apps of service providers that you do not know and for which you have not yet established trust. Download and use Apps only if you understand their permissions, and accept them knowingly.
- Educate technology users around you (family, friends, colleagues,…) about these matters.
- Create awareness for the above among the broader population: this is the aim of the current article
- If you’re involved in the education system (e.g. as a parent to a child in school), argue for schools to embed data privacy consequences in their curricula.