Web users, tech companies and legislators should be more concerned about how data is collected, rather than how it is protected, argues American whistleblower Edward Snowden.
Speaking via a video call last night to a crowd of thousands at Web Summit in Lisbon, Portugal, Snowden said the EU’s General Data Protection Regulation (GDPR) which came into effect in May last year, while a good first effort, doesn’t go far enough to prevent governments and big tech companies from using data to exploit ordinary civilians.
No ad to show here.
“I think the mistake it [GDPR] makes is actually in the name, the General Data Protection Regulation misplaces the problem. The problem isn’t data protection — the problem is data collection.
“Regulating protection of data presumes that the collection of data in the first place was proper and appropriate and that it doesn’t represent a threat or danger, that it’s okay to spy on everyone all the time, whether they be your customers or whether they’re your citizens, so long as it never leaks.”
“I would say not only is that incorrect, but if we have learnt anything from 2013 (the year in which Snowden revealed how the US’s National Security Association in cahoots with big tech companies was spying on civilians) it’s that eventually everything leaks,” said Snowden.
The GDPR legislation provides for fines of four percent of global revenue, for those tech companies that fail to protect users’ data.
‘Data isn’t harmless, data isn’t abstract when it’s about people’
But Snowden said until the EU began handing out fines on an annual basis to firms that fall foul of the legislation, the regulations remained a “paper tiger”, giving web users a “false sense of security”.
“My generation particularly the generation after me, they no longer own anything. They’re increasingly not allowed to own anything. You use these services and they create a permanent record of everything you’ve done.
“Simply by having your phone in this room on you in your pocket, not even using it, but simply having it turned on, registers your presence at this event, because of your phone’s association with the WiFi points around you, your phone’s association with the cellular towers that are around it.
“And this is the thing that people miss. All of these companies, all of these governments go ‘oh data collection, data protection, it’s all very abstract’ — but data isn’t harmless, data isn’t abstract when it’s about people.”
Adds Snowden: “It is not data that is being exploited it is people that is being exploited. It is not data and networks that are being influenced and manipulated, it’s you that is being manipulated.”
So, what then does he propose? His answer is that the basic model of internet connectivity needs to change. How that is going to be done is anyone’s guess — or perhaps Snowden’s 20-minute call didn’t allow him to go into any specifics.
Ventureburn editor Stephen Timm is in Lisbon to attend Web Summit.
Feature image: Edward Snowden pictured yesterday on a video call at Web Summit in Lisbon, Portugal by Stephen Timm/Memeburn