Just over a week ago Microsoft launched its new system, the Xbox One. And it only took a week later for regulators in the European Union to take serious issue with privacy claims against it. This follows news that Google was fined in the EU for collecting WiFi data without consent via its “streetview” cars. Never log out of FaceBook, or Twitter? Regardless your privacy settings, their bots go undetected and visit every site you do, logging your internet use on some external server. This is happening every day, and while I see that regulators in the European Union are trying to get serious about privacy concerns, I see just the opposite occurring here in the U.S., where such behavior is in many instances supported in a Laissez-Faire position on the corporate economy.
So how bad is it becoming, this privacy issue? I contend that with new technologies, the ways companies can track and store information is likely only to get worse without enforcement by law. One need look no further than Microsoft’s Xbox One. According to its capabilities, the new Xbox will require that Kinect be on at ALL times in order for the system to work. Fair enough, but that’s not the issue. The issue comes with an improvement in sensor technology and speech recognition software, where Kinect’s camera and speakers are always listening. Regulators in the EU had this to say about the new device:
The Xbox continuously records all sorts of personal information about me. Reaction rates, my learning or emotional states. These are then processed on an external server, and possibly even passed on to third parties. Whether they will ever deleted, the person can not influence.
That should concern anyone considering the purchase of this console. Microsoft has been slow to reply, and vague when it has done so. They stated they will not use your information to sell to third parties for simple profit. They maintain that your privacy is of serious concern to them (I’m sure) and that information is only collected for system improvement. Why did I italicize that? Simply because system improvement based on personal data collection is a BS corporate loophole used to sell your information. They contend that the sale of your information is contingent upon system improvement. Only they don’t admit to this, but they do engage in this behavior, as demonstrated (albeit by the EU) by fines for such actions.
The United States Constitution takes privacy very seriously. U.S. Tort Law does too. The ‘Tort of Intrusion’ is committed where a person has a reasonable expectation of privacy and an individual intrudes upon that expectation of privacy whether intentionally or accidentally where such an intrusion is considered highly offensive to a reasonable person. The intrusion can be committed physically OR electronically. Computer hacking is a valid example. So why then are acting members of corporations not held responsible when they arguably commit such a tort?
The problem lies with being able to prove it. How does one hold someone responsible for a bot that collects data, or a benign machine, like a Kinect system? In many instances, provided one even knows an intrusion has occurred, it is hard to connect a human to the bot or code responsible for the intrusion. Scariest of all, these companies are smart about not getting caught and the unsuspecting victim doesn’t even know their privacy is being invaded. When they are caught, the CEO or other senior employee often claims he/she did not know that was occurring (riiiiiiight). In fact that was what Google maintained when the EU fined it for intruding into people’s WiFi.
With the exponential growth in technology comes the responsibility of its creators and its political regulators to assure our laws still be followed. It’s a serious problem when a multi-billion dollar company like Google is fined a mere 145 thousand Euro for hacking the WiFi of unsuspecting victims. Its even more of a travesty that some, like FaceBook, believe that you don’t have a reasonable expectation of privacy when using the internet and their service in particular — and that is the belief of many technology companies according to their practices. However, ask any average Joe on the street and I am sure he would tell you he has a reasonable expectation of privacy when using his personal computer or his cell phone. He would probably have a problem with a machine recording his information and potentially selling it to third parties. I am sure he would also have a problem with bots storing information about his internet usage.
Right now, our lives are all connected to the world wide web. It is unavoidable. One cannot simply choose not to use the internet in order to infer a reasonable expectation of privacy. Our lawmakers need to start acknowledging that and realize there’s a privacy crisis at hand. Our lawmakers also need to actually learn about technology, as many of these old white guys clearly haven’t a clue about it and rely on corporations to teach them about it. Our Tort Laws and code need to provide regulatory framework to keep these companies compliant with ALL that a reasonable expectation of privacy infers. And so long as I am connected, like everyone else, I have a reasonable expectation of privacy when I use such services and its time our laws reflect that.