jueves, noviembre 28, 2019

About Privacy 2030: The Posthumous manifesto of the Patriarch of Privacy Intelligentsia

       Originally published in Linkedin.
One of the issues with contemporary legal education, specially legal education in countries which legal systems enjoy certain prestige, is a tendency (let’s call it a positivist tendency) to look down on policy discussions. Duncan Kennedy, one of the founders of the Critical Legal Studies movement, offered some interesting insights about this issue in his brilliant critique to legal education: 

“(…)in most law schools, it turns out that the tougher, less policy-oriented teachers are the more popular. The softies seem to get less matter across, they let things wander, and one begins to worry that their niceness is at the expense of a metaphysical quality called “rigor,” thought to be essential to success on bar exams and in the grown-up world of practice”.

When discussing the policy underpinnings of GDPR, for example, I have been accused by highly esteemed colleagues of something even worse: Of being very interested or even “very good” at the “philosophical questions”. Anyone who has gone to law-school knows that there is not an ounce of compliment in such a statement. 

Now, the reason I start this write-up with an apparent digression from the theme that I promised in the title is because Butarelli´s manifesto is very important in one very critical manner: It uplifts the status of policy discussions. It shows how critically important policy discussions are for legal practitioners and virtually anybody who works in the tech industry in the year 2019. No legal practitioner working in anything related to technology has a claim to be a well-informed legal practitioner if he/she has not read Privacy 2030 (Yes: Even if you practice at the so-called Magic Circle). I would argue that a similar statement applies to tech CEOs and I would submit that even if you are a cynical CTO secretly hiding enormous stockpiles of personal data in a removable hard-drive somewhere, you should read Privacy 2030 if only because it provides first-hand insights on how the enemy thinks. Let’s make no mistake: This is it. This is give or take the definitive compendium of all the aspirations, latent-dystopias and anxieties that give meaning to Data protection Law and Privacy Law in the European Union. 

In order to keep this write-up succinct, I will refrain from examining the main themes of the six chapters of the manifesto. Instead, I will suggest a few more reasons why we should celebrate Privacy 2030 and I will propose an incipient critique. Let’s start with the first: The manifesto seems innovative in bringing about a policy aspect that is still foreign to the typical ESG discussions that one may encounter nowadays in the context of technology, a space where companies that are not hardware manufacturers tend to be perceived as greener and where that item of the due-dilligence checklist is rapidly ticked-off. I will quote directly from the Manifesto:

“The religion of data maximisation, notwithstanding its questionable compatibility with EU law, now appears unsustainable also from an environmental perspective (…)”

So, while the manifesto does not abound in hard evidence for the premise that data maximization has a tangible effect on climate change, the author offers some interesting suggestions about the places where that question might lead us: A “Digital Green New Deal”, perhaps. And this bring us to one more reason why the manifesto is an important read in the times that we live: Given how ambitiously idealistic it reads, it shows that even in our time it is possible to be both an unrestrained titan of humanism and a world-class technocrat. It occurs to me that Butarelli was one of the last fellow liberals. This is a slight digression but: If specimens of this endangered species are to be found only as a byproduct of the European project, I am tempted to think that we have one more critical reason to preserve it. I will write no more hagiography because there is enough posthumous praise circulating at the moment, but this is one of those men whose hagiography does not strike me as particularly annoying. We need many more Butarellis in the generations to come. 

Back to the subject that occupies us, the manifesto is also interesting in the sense that it proposes some last-resort measures that need to be on the table if we are to make sure that certain technologies are harnessed for the good: 

“Impose a moratorium on dangerous technologies, like facial recognition and killer drones, and pivot deployment and export of surveillance away from human manipulation and toward European digital champions for sustainable development and the promotion of human rights.”

Moratoriums sound somewhat radical, just like Alexandria Ocasio Cortez’ suggestion of sitting Facebook out of the 2020 elections if they don’t assume responsibility for the way their business affects democracy. But even if one thinks (as I tend to do) that corporations should not be put in a position to decide what is truthful enough for people to read, these last resort measures seem necessary to ensure that all stakeholders take the policy discussions at hand very seriously.

One final reason for giving the manifesto a good read: There is a very brief afterword by Shoshana Zuboff, whose work was first introduced to me by the always acute Tim Walters from the Content Advisory at a conference (yes, one can actually learn new stuff at conferences). Her afterword is not a particularly compelling piece but it does work as a privacy-contextual introduction to Zuboff´s notion of Surveillance capitalism, which has been portrayed as some sort of unwitting marxism by Evgeny Morozov in this great review.

And now to the incipient critique:


The manifesto tends to follow the typical discursive recipe of the contemporary policy discussions about privacy in the EU: It devotes many words to listing and describing a good number of latent dystopias, of extremely undesirable states-of-affairs that we must urgently prevent by means of regulation or state action. On the other hand, it devotes much fewer words and exactly one page to propose a “10-point plan for sustainable privacy". Let me try to be fair: manifestos do not need to offer all the answers and Privacy 2030 does propose some brighter views on technology, but still, its decided effort to unearth, expose and imagine all potential risks and pitfalls of technological advances is dangerously close to a Neo-luddite impulse of sorts: A tendency to believe that technology is mostly and mainly a source of latent dystopias.

Now, precisely because technology is not just a source of dystopias but also an important instrument for progress, it would be wise to look at it with much more sympathy. Zuboff´s afterword is right in calling-out the lobbyist talking points for what they are: Regulation will not necessarily stifle innovation. But there is good evidence that bad regulation will. In order to have a civil discussion about the future of privacy and the regulation of technology, it would be a good idea to start by recognizing that not every bit of optimism is corporate propaganda and that skepticism about the role that regulation can play in solving some of the problems listed in the manifesto is not always an exercise of techno-solutionism.

Privacy 2030 is a very important read, but I want to insist on this: A hysteric perception of technology and the world we live in will most certainly lead us to a kind of policy discourse so desperate to rule out latent dystopias that it prevents us from seizing the tangible opportunities in the present. I would echo Zuboff´s invitation: Let’s make sure that we fight all the fires together, but let’s make sure we leave some room for the flame of progress.

You can download the manifesto directly from the IAAP resource center here.


Disclaimer: The opinions expressed by the author in this article are strictly personal and do not reflect the official position of the Mash Group or any of its directors or employees. Any threatened law-suits, hate-mail or angry rebuttals in response to this write-up are ideally to be addressed to the author directly, in the comments. :)




No hay comentarios.:

Publicar un comentario

Se reciben comentarios: