Privacy and Big Data

Surveillance, tracking, scoring and big data - these are all buzzwords that leave Internet users feeling uneasy. However, important thought processes can be triggered by dealing with these topics and with one's own handling of private information. The goal is to acquire digital privacy skills.

The Privacy Paradox - the discrepancy between knowledge and action in data protection

The term "Privacy Paradox" is used to describe the phenomenon that Internet users generally consider the protection of their privacy to be important, but do not necessarily transfer this to their actions. There are several possible explanations for this paradoxical behavior. For example, a lack of knowledge about existing protection technologies or problems in dealing with them could be the cause. Or the exact opposite: a digitally socialized generation believes it has digital self-expression under control. A major motive could also be a strong habituation to the convenience of digital services and devices, which can go as far as addiction. Or perhaps there is a fundamental lack of awareness of the negative consequences of digital data disclosure.

"I don't have anything to hide!" - A fallacy with consequences

The argument that one has nothing to hide and therefore nothing to fear is very popular. But this is a fallacy. It can harm anyone if certain private information - such as about a serious illness - becomes public. It is also underestimated that private data does not necessarily convey a correct or objective picture of a person.

The image that others thus gain of a person can therefore be quite different from the image that the person concerned himself believes to be correct. In addition, many people may be too unaware that they can also be innocently targeted by the security authorities. They think that surveillance measures only affect others, such as terrorists.

Although there are numerous indications of a crisis of privacy, there is a broad consensus in the discussions to classify privacy as a special value and cultural achievement.

To enable a balance between the achievements of digitization and the protection of privacy, we would like to propose a four-point program as an ethical recommendation for action.

1. digital self-defense

The following skills can stand for digital privacy literacy:

• The ability to reflect on why private data should be classified as worthy of protection (ethical competence),
• the knowledge of who collects, processes and shares private data and for what purpose (structural competence),
• assessing the consequences that could result from the publication of private data (risk competence),
• knowledge of data protection guidelines and possible protective measures (legal and technical competence).

2 Political commitment

Digital self-defense alone is not enough to stand up to the big data collectors. Political engagement and political participation (demonstrations, petitions, civil rights movements) are important aspects of expressing a citizen's will.

3. big data code

Fundamentally, data sets are neither good nor bad. However, companies, the state and public organizations should commit themselves to complying with the principles of proportionality, information equality and information justice as far as possible when collecting data. It should also be made transparent which algorithms and parameters are used for data collection.

4 Privacy by Design

As early as the development stage of new technologies, a key requirement should be to minimize the amount of data processed that requires protection (data minimization). Likewise, users should be enabled by default settings to protect themselves to a large extent even without relevant IT knowledge. This would require developers to be made more aware of ethical issues, even during their training.