acm-header
Sign In

Communications of the ACM

Viewpoint

Crude and Rude?


Crude and Rude, illustration

Credit: Andrij Borys Associates / Shutterstock

Ever since the statement "Data is the new oil," widely credited to British mathematician Clive Humby,a was made in 2006, the world has experienced profound changes in the ways consumer-related digital information is used and accessed. Accordingly, it can be argued that current-generation smart devices and electronic services (including Internet service providers) are merely pieces of a pipeline in this new 'oil' business with a sole purpose of providing 'crude' for service providers to be processed and refined. In this sense, the metaphor coined by Humby (and others) is appropriate.

Taking the metaphor one step further, it must be acknowledged that the tycoons of this new 'oil' business are actually pretty smart when compared to Haroldson Hunt or Clint Murchinson, who were among the most notable businessmen during the Texas oil boom that took place in the U.S. in the early 20th century. Unlike in Texas, the 'land owners' (that is, consumers) of today pay for the gushers (smart devices), pipeline (Internet connection), and they even do the hard labor (use the services and applications).

Especially in Texas, handshake deals were a common form of an agreement—and legally binding in the eyes of the law. In today's oil business the handshake deals and notarized agreements are substituted by End User License Agreements (EULAs) and other forms of contract between the licensor and the purchaser. The problem with these agreements is that while they are in most cases legitimate and enforceable, they are ubiquitous and non-negotiated—millions of people bind themselves to the agreements every day with a simple click indicating "I agree."

The gravity of the current situation becomes even more evident if we investigate two particular technology trends; aggregation and personal health. Technology has a tendency of becoming smaller, smarter, faster, cheaper and a consequence of this is that our mobile phones have become aggregation points for different services, sensors, and data. In many cases, our phones are the only 'documentation' we carry with us when we go about our daily affairs in a bank or a grocery store.

Similarly our phones with their embedded sensors, and connected equipment (such as activity trackers), act as a singular entry point to data depicting our physical activities throughout the day (exercise, health rate, sleeping ...). Increasingly, our mobile phones are also integrated to our homes and personal transportation that are becoming smarter,b or at least more connected, every day. In other words, everything we regard as smart or connected in our everyday lives is becoming intertwined with our mobile phones.

In personal health, we are seeing how different mobile applications have become numerous. For example, if one has diabetes, there is an app for recording insulin levels. If one has a child with autism spectrum disorder, there is an app that can help in communication. In addition to apps, the health service providers are setting up virtual clinics, patient portals, and all kinds of "online health bazaars" that extend the reach of health services from hospitals to homes. In this, the mobile-first approach has become the prevalent one and our mobile phones act as primary access points for the services.

So when a consumer, unaware or sometimes even unconcerned, installs an app that simulates the function of a zipper (one can zip and unzip it, and that's all), or that of a stapler (one can tap a virtual stapler onscreen) and the application happens to have a malicious payload, it does not only compromise the security of the device—it may compromise the security of one's health affairs, housing, banking, business, and social life. In other words, it may compromise one's life.

Fortunately, this eventuality is a theoretical one as marketplaces are quick to react to malware, and services typically have implemented extra layers of security (a side-channel for authentication, for example) in their function. However, one's digital life is vulnerable and currently employed measures do not live up to the task. Fair Information Practice Principles, and similar guidelines, such as those by the Markle Foundation, have had marginal impact on the situation, as has the current legislation. The impact of the General Data Protection Regulation (GDPR, EU 2016/679) that was put into effect in the EU in May 2018 remains to be seen.

Directives, regulations, and legislation are part of the solution. Another part comes from the application permissions of the operating system. In contrast to service-side solutions, these kinds of source-side solutions are more technological by nature, and linked to the function of the mobile phone. The source-side solutions are typically implemented as permissions: permission to access camera, or permission to use contacts information. Commonly, these permissions are requested from the user without pertinent information, and when a permission is granted, it is in effect indefinitely (or in some cases, until the next major update).

Looking at this kind of setting from the ethics side, one question emerges: Is this really an agreement? On one hand, the user has been given the terms of service, which can be 20,000-word document written in bulletproof legalese (as in the case of iTunes), and the user has clicked "I Agree." On the other hand, the user clicked "Allow" when the "beer drinking simulator" application requested permanent access to the camera, microphone, contacts, calendar, storage, location, and body sensors. This should be enough, right?

The land-lease agreements of the Oil Rush in general were notoriously tricky, promoting the authority of the more-aware landed. It was not rare that the lease itself, and the related royalty agreements, led to overdrilling in order to recover the investments of the oilmen. In these cases, the bias of the agreements was heavily one-sided, as is in the case of mobile applications (and electronic services) of today. However, the bias has tilted from more-aware 'landowners' to 'oilmen' who are now in the position of power, dictating the content of the agreements.

In the current end-user agreements, terms of service, and permissions the fundamental problem is that the consent is not informed. Consumers are expected to hand over the data they generate on the basis of obscure agreements and permissions that are defined on the basis of properties of an artifact—the high-tech smartphone of today that is millions of times more powerful than all of the NASA computers involved in the Apollo 11 mission to the moon in 1969.

What we need is a change of perspective and a different attitude. Similarly to the healthcare sector where the patient comes first, the consumer should come first in terms of user agreements, application-level permissions, and data use in general. In this, the healthcare principle of informed consent is of the essence. In healthcare the principle defines that the patient has bodily integration: autonomy and self-determination over one's physical body. In electronic services the principle should apply in such a fashion that the consumer has virtual integration: autonomy and self-determination over the 'digital self' (including data originating from one's activities and information stored in different devices and services).

Another central aspect in the informed consent of the health domain is that the patient must be sufficiently informed prior to making health-related decisions, such as undergoing a certain surgery. This principle is analogous to the virtual world; the consumer should be sufficiently informed prior to making decisions on the use of use of data that is part of the digital self. In this, the application permissions are part of the whole, as they are often the source of the data, or one way of communicating the data with the service provider(s).

Put in a more straightforward manner, this essentially means enforcing five things highlighted in different recommendations and in the GDPR: the service provider should make a clear case on what data is used; why it is used; how the data is collected; who has the access and what is the extent of confidentiality; and how long the data is accessible by the provider (and the named third parties). Naturally, should the premises change, the service provider's rights should be invalidated by default, and new permissions (informed consent) requested from the consumer.

Another step in the right direction would be to use colloquial language and terms familiar to the user. Instead of bulletproof legalese, the end-user agreement and terms of service should be stated in a way that reading them does not require advanced degrees in both law and computer science. This perspective on understandability also applies to the way application-level permissions are requested. Instead of requesting permission to "make/receive SIP calls" the consumer should be informed on what the SIP calls actually are, and where they are used.

This kind of consumer-centric approach to end-user agreement, terms of service, and application permissions would not only serve the purposes of informed consent—which is a goal in itself—it could also have a more profound impact on the use of technology. First, in terms of Internet and technology literacy, use of colloquial language could make the technology more visible and tangible as technological concepts would have a real name and meaning. Secondly, the users could become more privacy aware, as the data they generate and its use by the service providers, is portrayed in full.

In late-19th-century American businessmen who used shameless and even ruthless methods to get rich were often labeled as "robber barons." One of the most famous businessmen labeled as such was John D. Rockefeller, the founder of Standard Oil. Only time will tell if any of the major players in this new 'oil' business will receive a similar notorious title. Fortunately, there are already players in the field who understand the consumer comes first and regard privacy and trust as a competitive advantage instead of a cost or a nuisance.

Back to Top

Authors

Janne Lahtiranta ([email protected]) is a senior advisor at Turku Science Park Ltd in Turku, Finland.

Sami Hyrynsalmi ([email protected]) is an assistant professor in the Pervasive Computing department at Tampere University of Technology in Pori, Finland.

Back to Top

Footnotes

a. This statement, and variations thereof, has also been credited to various authors, including Meglena Kuneva and Richard Titus; see https://bit.ly/2Mp7k9r

b. Mikko Hyppönen from F-Secure prefers the term "vulnerable," which is also a pretty accurate definition.


Copyright held by authors.
Request permission to (re)publish from the owner/author

The Digital Library is published by the Association for Computing Machinery. Copyright © 2018 ACM, Inc.