Publishers, like other corporations, will have to develop a strategy that protects users’ data if they want to maintain a relationship of trust. As I will argue in this essay, publishers are ideally placed to support initiatives that preserve privacy because of reading’s historical link with interiority and solitude, and because their business model is based on the idea of information as valuable. In this essay, I will outline one tool for preserving privacy, the Personal Data Service (PDS). These services protect individuals’ privacy, while allowing corporations access to better and richer data. They create a sense of transparency that allows corporations to interact with people in a more meaningful and value-creating way.
I will argue that publishers should support PDSs. First, they allow publishers potential access to a wealth of verified, trusted data. Second, they create a private space for readers who choose to read without being tracked. Third, they parallel what publishers are already doing by creating ways for people to set and control access to information.
If horror movies are the expression of our collective fears (Philips 2005), then Unfriended is the perfect case study. The action unfolds entirely on-screen, following the interactions of five friends on Skype, Facebook chat and text messages–all of which are being manipulated by an unknown stranger. As Spotify’s suggestions grow steadily creepier, gory deaths ensue (Gingold 2014). Blood splatter aside, Unfriended perfectly captures a zeitgeist of fear about information technology. The victims’ intimate encounters are watched and recorded by a sinister, faceless entity. Their inability to carve out a private space reveals a cultural anxiety about being tracked, manipulated, and exposed online.
This anxiety is not only expressed in horror movies: a 2015 Pew study found that 91% of Americans feel they have lost control over corporations’ use of their personal information online (Madden 2015). And they have good reason to feel this way. Facebook founder and CEO Mark Zuckerberg declared in 2010 that privacy was no longer a “social norm,” to much criticism (Johnson 2010). Taxi start-up Uber came under fire for allowing employees a “God view” of individuals’ movements in real time (Timberg 2014). Online services store massive amounts of “anonymized” data that is not really anonymous–a study found that they could identify 95% of people using only four GPS location points, even when the data was of low accuracy (de Montjoye et al. 2012). And the 2013 Edward Snowden scandal revealed that data is not only being used by corporations: governments are aggregating and analyzing massive quantities of information to build “a pattern of life” of anyone even loosely associated with suspected terrorists (Davis et al. 2013).
There is a growing number of people who ask whether their personal data belongs in the corporations’ hands. “There is a growing view… that data is a personal asset,” Alan Mitchell, UK strategic advisor on privacy, says. “The full potential value can only be realised if individuals are able to control what personal information they share with who, for what purposes, under what terms and conditions; and if they can realise the benefits (including financial benefits) of doing so.” (Mitchell 2012). A World Economic Forum report adds that data ownership should be thought of in terms of old English common law: as the right to possess, use, and distribute, rather than as physical ownership (Dutta and Mia 2009). Individuals should be allowed to control who accesses their data and why, as well as to come up with new uses for it.
Personal Data Service
Enter the Personal Data Service (PDS). PDSs are based on the idea that individuals own their data and should be allowed to control the flow of their personal information. The PDS stores or aggregates data, displays it to the user, and allows users to download and share it in machine readable format (Reed). Users set their own terms for who can access their data and why. This affords the user what Helen Nissenbaum terms “context-relative informational norms”: the ability to share data with appropriate parties only (Nissenbaum 2009). People willingly share financial information with their bank, and medical information with their doctor, but aren’t comfortable telling their bank manager about their bunions or their doctor about their student debt. Sharing information in context creates a space where people feel more secure about their privacy (Nissenbaum 2009). At the same time, PDSs give companies access to a richer combined data set, including Volunteered Personal Information (VPI) (Mitchell 2012). A study into PDS use found that people share 12% more information when they are explicitly told how their data will be used (Ctrl Shift 2014). Consumers can create a single online identity with their likes and dislikes, allowing corporations to give them more valuable and relevant offers. In other words, companies can interact with them as individuals rather than as a demographic. By providing a safe space for individuals to store their sensitive data, PDSs benefit both companies and individuals.
So how do they work? To start, the PDS provider must access personal data in some way. Some may simply simply aggregate data stored by online services and display them to the user as a dashboard or in a database format (Ctrl Shift 2014). However, more robust implementations will store the data on a central or personal server: “given the huge number of data sources that a user interacts with on a daily basis, interoperability is not enough. Rather, the user needs to actually own a secured space, a Personal Data Store acting as a centralized location where his data live” (openPDS). In this implementation, the PDS acts as a buffer between the web service and the end user. It captures any user-generated raw data (such as GPS location, form entries, or preferences) and stores it securely.
The web service never accesses this captured data directly. Instead, it sends a query to the PDS and the PDS sends back an answer (de Montjoye 2014). For example, Netflix may want to know whether to recommend House of Cards or Star Trek to you. It will send a request to the PDS with code that uses some combination of demographic information, viewing habits, and geospatial location to predict what you would prefer. The PDS evaluates whether the information requested fits in with the privacy preferences you have set. If it does, it sends back the result to Netflix: in this case, “House of Cards” or “Star Trek.” Netflix need never know the fine-grained information that led to this result. In another case, Netflix may run similar code against multiple users’ aggregated data to draw conclusions about an entire population. In either case, “the dimensionality of the data shared with the services is reduced from high-dimensional metadata to low-dimensional answers that are less likely to be re-identifiable and to contain sensitive information” (Montjoye 2014). Companies can continue to use personal data while respecting individuals’ privacy.
Like a bank, the PDS enters into a binding legal contract with its customers, pledging to protect their data from unwanted access. Mydex, for example, legally structured their business as a nonprofit organization that could never be acquired by a corporation or government (Mydex). “We knew trust was absolutely paramount,” a spokesperson states (Mydex). Like banks, in order to compete amongst themselves, PDSs will need to prove to their clients that they are trustworthy. This means keeping personal information safe from attack and exploitation: for example, by including checks to make sure that the information returned to service queries is sufficiently anonymous, and identifying and blocking untrustworthy requests (de Montjoye 2014).
Test runs of PDSs have been a success: 81% of beta users of one service, openPDS, said they would use it in their personal life (de Montjoye 2014). Despite this, adoption is slow. “Deployment on a large-scale is a chicken-and-egg problem; users are waiting for compatible services while services are waiting for user adoption,” Montjoye says. Without wide consumer demand, companies are unlikely to give up control of their databanks. However, political support in combination with technological advancement may be enough to spur change (Montjoye 2014).
That support may be coming. In 2011 the UK launched their voluntary Midata program asking corporations to put data back into the hands of users (Midata 2014). In 2012, the EU commision wrote a reform of data protection, stating “individuals’ right to be forgotten, to have easier access to their data, and to be able to easily transfer them” (openPDS). In response to this changing view of privacy, dozens of PDSs have sprung up around the world, gathering millions of dollars each in financial backing (Ctrl Shift 2012).
PDS and Publishers
With PDSs on the rise, publishers need to pay attention. As content creators who often rely on advertising and market data, publishers can benefit by becoming early backers of this service. PDSs allow publishers to access more data about their customers, levelling the playing field between publishers and Amazon. They create a sense of privacy for the reader, preserving the mystique of picking up a book. And they are rooted in a concept of ownership of information, which aligns nicely with publishers’ ideals.
Data and marketing
With the rise of PDS, publishers will have new advantages. Currently, traditional publishers are disadvantaged when it comes to gathering data because booksellers act as intermediaries between them and their consumers. With the rise of PDS, publishers will have access to a wealth of information from different streams about what their users want and like. “The proposed framework removes barriers to entry for new businesses, allowing the most innovative algorithmic companies to provide better data-powered services,” de Montjoye writes of openPDS (de Montjoye 2014). Publishers, who take on the financial risk of backing a book with little data (Dunlop 2015), will finally have the same advantages as Amazon and Kobo.
Beyond the commercial benefits of PDS, the values it serves to uphold–privacy and ownership of information–could align with their publishers’ ethos and re-establish their foothold in the community. PDSs are built on a desire for individuals to maintain privacy by controlling access to their information, and publishers have an intimate relationship with privacy. In fact, some argue that privacy coevolved with the technology of print. Jagodizinski notes that the traditional definition of “privacy” was negative: it denoted an individual who, through the absence of public office, had no power to lead his community (Jagodizinski 1999 23). As books became portable and abundant, literacy rose and with it, silent reading. People were able to absorb information in solitude rather than through public conversation. A sense of interiority developed, and the word “privacy” evolved to take on a more positive meaning (Jagodizinski 1999). Spacks elaborates on this, connecting reading with “individual fantasy,” “withdrawal from the public sphere,” and “the opportunity to explore and solidify the self” (Spacks 2003 28-29). Such outcomes are only possible when reading takes place in a relatively private space–not private in the sense of solitary, but in the sense of having an unwatched space to think about and process the text. This privacy allows people to explore new ideas free from outside judgement.
But reading is no longer a private activity: it is now yet another way to gather data. Ebook vendors such as Kobo track not only which books are bought, but when and how often they’re read. The information is accurate enough to track reader engagement chapter by chapter and even page by page (Kobo 2014). Online, websites store incredibly detailed information about what you read, building a profile of you across from page to page. Academic journals are no better: 16 out of the top 20 research journals allow trackers to spy on their readers (Hellman 2015). Many users do not realize to what extent they are being watched. “The psychological privacy afforded by communication channels may lull users into a false assumption of informational privacy,” Walther writes (Walther 2011, 4). But as awareness grows (Madden 2015), users will employ PDSs to limit when and how they are tracked. Data collection is transparent to the user and sufficiently anonymous to the tracker. With PDS, readers will be able to build a private space online that mimics that of print.
Copyright and access
The advent of PDS will also change the way people relate to information as property. Proponents of open access to information have long argued that “information wants to be free” (Clarke 2000). However, most people are less comfortable with free access to their own information. In a culture where so much content is available for free online, the new slogan is, “If you are not paying for it, you’re the product being sold” (Fitzpatrick 2010). “Free” information is paid for in advertising dollars spent by companies trying to reach and track engaged audiences.
Books are no exception. In the past, Nakamura says, we paid for books but our conversations about them were free. Now that paradigm has shifted: “today books are free through Google Books and Internet Archive and, much to the consternation of publishers, through torrent sites like Pirate Bay and Media Fire, but we pay to create readerly communities on social networks like Goodreads. We pay with our attention and our readerly capital, our LOLs, rankings, conversations, and insights” (Nakamura 7). User-created data is an indirect payment. Even with print books, customers trade their data for rewards and discounts. Booksellers’ use of data is cast in terms of labour and production: “each transaction customers make using their loyalty cards produces valuable data for these booksellers. In effect, they are outsourcing the costly labor of market research to their most loyal customers, who ironically buy back the labor they’ve freely given with each subsequent purchase” (Striphas 2010). Information exchange becomes a grim commerce, where the customer is the worker, product and buyer. In such exchanges, information is anything but free: it is heavily commodified. Content is still paid for, although the payment is invisible to many users.
PDSs, on the other hand, spring from the idea of data as a form of personal property. The first American text to argue for the right to privacy grounds in property law, similarly to notions of copyright: “The right of property in its widest sense, including all possession, including all rights and privileges, and hence embracing the right to an inviolate personality, affords alone that broad basis upon which the protection which the individual demands can be rested” (Warren and Brandeis 1890). The right to an “inviolate” self is a form of property over all private information about that self. What makes determines whether information is private? To Warren and Brandeis, information is private until it is published: “The common law secures to each individual the right of determining, ordinarily, to what extent his thoughts, sentiments, and emotions shall be communicated to others… The right to privacy ceases upon the publication of the facts by the individual, or with his consent.” (Warren and Brandeis 1890). Publication is seen as the boundary by which individuals relinquish control over their information.
With the advent of digital publishing, however, “publication” is no longer as clear cut. Are you “publishing” when you post to a Facebook profile that is restricted to friends? When you send an email through an online service, is it still private if it’s filtered through an algorithm that builds a profile of you? PDS erases these distinctions by allowing individuals to decide for themselves when their information is “published” and when it is private. In effect, they are acting as their own publishers, curating and editing their data and setting terms for access. In some PDS implementations, they are even allowed to set a price to access their data. This way of looking at information bodes well for publishers and content providers in general. Information can still be “free,” in the sense of accessible to anyone. But publishers may be able to find a price that captures the value of the content they provide. If people recognize their own information as valuable, they will begin to view others’ information as valuable too (Lanier 2010). This could be good news for those segments of the publishing industry that have not yet figured out a way to make money off free content.
Personal data services have yet to catch on, but the problem they address is real. Movies like Unfriended are just the tip of the cultural iceberg. A sense of anxiety pervades the digital space, as people worry about the permanence of their digital footprint and about the ways they are being tracked. Addressing privacy concerns online is not just an issue for publishers, it’s a social issue–but it’s one that publishers have a vested interest in. The commercial benefits of opening data access to publishers is enormous, and could help tremendously to identify and reach new markets. In a world where people feel “digitally crowded” (Joinson 2011), publishers could open up a cool oasis of privacy, allowing readers to explore new territory without fear of surveillance. And if publishers want consumers to treat content as valuable, they can begin by treating consumers’ information in the same way. Publishers will need to take a long, hard look at digital privacy and how it fits in with their vision for the future.