Emerging data privacy regulations, such as the General Data Protection Regulation (GDPR) in Europe and California Consumer Privacy Act (CCPA) in the USA, have sparked global discussion around:

Data privacy regulations like GDPR & CCPA require corporations to disclose, at the request of users, what personally identifiable information (PII) they collect, why they collect it, and how it is ultimately used. Users may exercise their “right to be forgotten” and request that any PII stored by corporations is deleted.

Since its launch in May 2018, GDPR has generated 114 million euros ($126 million) in fines, including Google’s 50 million euro fine in 2019 for collecting user data without consent. This is significant progress, delivering much-needed transparency for users, and demanding accountability from corporations.

But let’s make one thing clear: GDPR and CCPA may improve the status quo, but they do not guarantee our privacy. In practice, these regulations are nothing more than operational frameworks that allow us to inquire, complain, and seek financial damages from companies.

Even exercising your “right to be forgotten” is a tedious process – today, the average American uses 50 apps and websites, which means they would need to issue 50 individual requests to each company in order to wipe their slate clean.

Pursuing one’s right to privacy through legal action is only suitable for those with excess time, finances, and patience – not the vast majority of us. Shouldn’t corporations proactively disclose how they use our data instead of us chasing them down one-by-one? Better yet, shouldn’t we fully own our data in the first place?

Future iterations of GDPR and CCPA may chip away at this problem. However, we cannot rely on the sluggish pace of regulation to claim our fundamental right to privacy. There is no time to waste – to reach our vision for a human-centered and private future, we must rely on technology.

New ecosystems comprised of physical and virtual “things” will soon become ubiquitous, connecting everything to everyone around the world. This next decade is a critical window of opportunity to shape our future to be open, democratic, and privacy-respecting.

Today, we are basically using the same information networks that emerged in the 1980s, which were designed for free access, public data, and global sharing, rather than privacy. Our current infrastructure was simply not designed to meet the emerging privacy challenges of today and the greater challenges of tomorrow.

To achieve the future we want, we must fundamentally redesign our infrastructure, devices, and applications with privacy as a top priority.

Design thinking is a widely taught concept, which emphasizes solution-centered design that is holistic, integrative, and forward-thinking. Privacy must also be instantiated using this concept. Luckily, the work of blueprinting privacy-centric designs is well underway. Dr. Ann Cavoukian, the former Privacy Commissioner of Ontario, and others have developed a variant of design thinking called “privacy by design”, which advocates for new technology products to be private by default.

By prioritizing privacy as a “must-have” from the initial design stage, we can lower our reliance on regulation to protect our privacy; instead, privacy will be guaranteed at the technological level.

This may sound like science fiction, but it’s not. New technologies with built-in trust, such as blockchain and secure hardware, have passed critical milestones signaling they are ready for the real world. By utilizing trusted tools in a “privacy by design” framework, we can develop innovative solutions with exceptional user experience, end-to-end trust, and true privacy.

Privacy researchers at UC Berkeley concluded in a recent study that one’s interest in privacy is directly correlated to their understanding of how corporations acquire and use their data -- simply put, knowledge is power. Another fundamental piece of knowledge that modern people must understand is data ownership, which is a prerequisite to achieving true privacy.

What does it mean to own your data? Today, as the new generation seeks access over possession as part of a global sharing economy, owning physical assets is losing its appeal. But our personal data, as a digital asset, must be viewed differently than physical assets.

The reason why tech giants today can operate as data dictatorships, where citizens must request permission to delete, update, or do anything with their data, is because they own all of our data from the moment it is created. Shifting control from corporations to users and achieving a human-centered future all starts with data ownership.

Enabling users to own their data does not mean the services we enjoy today will not cease to exist -- it just means that users will have the choice to keep their data completely private, share it with other users, or authorize its use to corporations.

Data ownership not only shifts control to users, but it also opens the door to new user-centric business models. Our private user data are the raw materials that fuel the surveillance activities and profits of Big Tech, but we, the creators of these raw materials, share none of the upsides. It doesn’t have to be this way.

If we own our data, Big Tech and advertisers will need to request information from us in order to obtain the raw materials they need to power their businesses. We will have the leverage and choice to license our data to corporations under our own personal Terms of Use, such as duration, purpose, and price.

To enact real change, it is up to all of us to build and adopt products that apply “privacy by design” and data ownership principles. New threats to the privacy of our smart devices will undoubtedly emerge and we must navigate accordingly to protect our homes.

Just like we read the nutrition facts before putting new foods into our bodies, we must also understand the privacy risks before putting new smart devices into our homes. By replacing products that funnel our data to Big Tech with products that serve us, the people, we will reach the human-centered future we deserve.

Learn more: Website | Twitter | Telegram | Medium | Reddit