Computers are useless if they can’t remember information. In the short-term, while software runs, variables store little bits of information in memory. After each interaction, many programs save their data to databases, which are vast catalogs of connected records. Underneath both of these is the file system, where documents are stored more or less permanently.
In technical theory, this all sounds wonderful. As developers, we have an array of tools at our disposal for building all sorts of experiences. But after a few decades, when data storage is close enough to free for cost to not be an issue, it has become clear that unregulated data storage does not work for users.
It’s common knowledge that Facebook holds a frightening amount of information about all their users. But they also keep “shadow profiles” of non-users, essentially cataloging every conceivable piece of information for their advertising/profit purposes.
In Europe, the GDPR legislation promises drastically stricter regulation on data companies are allowed to keep, and expands the rights of consumers to protect their privacy, export their data, and have information about them deleted. While companies rushed to be compliant with these new laws, GDPR is barely being enforced, which raises clear concerns.
While Facebook was forced to implement GDPR, it refuses to bring the privacy tools to users in the rest of the world. If corporations (and it’s not just Facebook) insist on acting this way, we need to bring the legislations around the world.
Though GDPR has many visible faults, I think it’s high time for the United States to pass a similar set of laws. It’s the land of the free—where we’re all captive, consensually and non-consensually, to the army of corporations selling our data to provide “free” services. California has already begun making these moves.
Tim Cook, the CEO of Apple, said last year in Brussels, referencing GDPR:
“It is time for the rest of the world [...] to follow your lead. We at Apple are in full support of a comprehensive federal privacy law in the United States.”
He then went on to outline four key rights that should be enshrined in such legislation: the right to have personal data minimized; the right for users to know what data is collected on them; the right to access that data; and the right for that data to be kept securely.
(This is telling, because Apple is one of the very few major tech companies who don’t make most or all of their revenue from web advertising, and are therefore the only major tech company making serious moves on privacy issues that are not only for PR. Google, take note.)
These regulations would have the most impact on the most vulnerable—the so-called “digital privacy divide.” People with lower disposable incomes oftentimes cannot afford newer phones with encryption, VPNs to protect their internet traffic, and paid services that don’t sell their data, and don’t have the education about how these issues impact them.
Variables and databases were, and still are, incredible tools that have improved the world significantly. They are the fundamental building blocks of applications, services, and computational devices that elevate our lives—from weather forecasting to texting & FaceTime calls, we would undoubtedly be worse off without them. But it’s high time for our country to start seriously regulating their misuse, for the benefit of all.