Consumer data privacy concerns have taken a prominent position among the list of concerns over our economy and laws. We all hear about digital data privacy needing protection and we also read about the events that have led to infringements of consumer data privacy on the occurrence of data breaches. Essentially, privacy is desired by all. Many believe that it is an aspect of life – a common understanding – that’s worth respect and consideration. The courts have recognized consumer data privacy’s importance and value in the U.S. There is no wonder that privacy concerns ring loud with the occurring frequency of cyber-attacks. To date, there are no signs that the impact that cyber-attacks have on the data economy will decrease.
Amid these concerns, cyber security practices and data security practices are under the microscope of federal and state regulators and industry leaders. Yet, consumer data privacy concerns continue unabated. The sentiment among clients is that if they do not address, on their end their practices, their liability exposure will be exponential. This business sentiment has led to the growth of self-regulation embracing consumer data privacy concerns and possibly offering an effective response to those concerns in the data economy.
What complicates the matter and the rising concern is the continuous daily theft of personal data impinging on privacy countered by the expectation of privacy among individuals. As well complicating the matter is the sale of personal data in the data market unbeknownst by the consumer or without consumer consent. The data economy practices of collection, sales, and sharing is argued to be impinging on privacy and the expectation of privacy. Magnifying this complication is the prevalence of data being sold. The data market is a lucrative business and it creates opportunities for hackers. In addition, there are the efforts of state sponsored and independent groups seeking commercially valuable data and personal information for a sundry of purposes that amount to theft even extortion.
Aside from the existing illicit side of the data market, there is the pervasive practice in the data economy amid companies, governments, nongovernmental organizations and numerous entities and groups gathering data on many aspects of human activity and behavior, termed global commons efforts that are deemed beneficial to all. The benefits, for the business, government, or an entity are enormous.
If the data is analyzed and managed accordingly, the collection of data can result in numerous benefits. The benefits could include increased sales, personalized marketing, job creation, process efficiencies, enhanced investments and its management, improved accuracy of diagnosis, improve allocation of resources of both personnel and inputs, effective and productive inventories, reduce costs, improve policy effectiveness, manage utility loads and demand, improve security, aiding in background checks, and improve customer relations, and much more. But that comes at a cost.
Consumer data privacy rests in a precarious stance in how our data driven economy shares information. On balance, there are possibilities present by such a wide-open market of marketed data that exposes the average consumer to vulnerabilities to identity theft. Such may include not being able to be insured, get a job, or get credit approved. While technological innovation is advancing, there remains an imbalance between the technical protective measures and policy amid the growing sophistication of intrusive hacking measures. The plethora of data in the data economy further augments the opportunities for identity theft and wrongful acquisition of personal data.
The U.S. Supreme Court stated in U.S. Dep’t of Justice v. Reporters Comm. for Freedom of the Press, that a person’s privacy is related to the person’s ability to control personal information. Efforts to discourage government’s tracking of web usage have been sought by the federal government. The FTC has supported the notion of the commercial value of personal name and likeness and its infringement or misappropriation is considered a tort. This tortuous aspect of privacy infringement is more so evident as it relates to Internet users where the FTC, by Section 5 of the FTC Act, pursues privacy violations.
Where the expectation of privacy is crossed by ill-noticed practices of data disclosure, sales, and sharing, the FTC finds it as a deceptive practice subject to its authority to investigate and sanction. Social media platforms have had issues with this concern where its privacy measures were lessened which allowed for easier disclosure of friends lists to third-parties. This easing of access of friends list to third-parties is an aspect of the data economy activities that arguably impinges on privacy expectation. With the continuing growth of Internet business, E-commerce, and digital transactions (Bitcoin) the data generated with each click of a mouse, touch on a mobile device, or swipe leads to hundreds of billions of dollars in revenues in advertising, manufacturing, and sales. So, the difficulty to reach a balance between consumer data privacy and the needs of the data sharing economy continue unabated.