I’m really into this concept of “Data Protection by design and by default,” as the GDPR brings up in Article 25.
Particularly, this line is another one that stands out in my internal landscape of exploring technologies. The text is talking about technical and organizational measures to minimize data processing to what is strictly necessary for a given (agreed on) purpose. Then it says something which seems to break much of social media as we know it:
…such measures shall ensure that by default personal data are not made accessible without the individual’s intervention to an indefinite number of natural persons.
To me, this is kind of the “introvert’s delight” mode of technology use, as is much of the European approach to data protection. It is much more protective of human privacy and dignity than the more US-based philosophy of, “I’m not doing anything wrong, so I don’t have anything to hide…”
Just like I believe (based on GDPR) you *must* build in deletion and exports into every product you release publicly, you also must make any outputs private by default. If people want to make things publicly, they have to specifically choose to opt into that, and they need to have both broad account level and micro level controls at the point of publication.
I get why we’ve landed in the contrary position on social media – i.e., it has the word “social” in it. And for companies, the holy grail is scaling – rapidly growing your user base. Leveraging people’s natural social inclinations is how social media has risen to the prominence that it has culturally. It’s also sort of why I have come to hate it so much.
What if we had a world of technology that wasn’t designed around forcing everybody to be extreme extroverts and over-sharers, and actually respected the different grades of socialization & desire for privacy that modern life requires.
Look, I don’t mind paying more for better features and service quality. I do object though to having to pay for things that both parties agree are “fundamental human rights,” and which the GDPR (and other similar legislation) seems to suggest must be baked into the core of all products made available to the public.
I also know that the majority of people out there are not so militantly in favor of (introverted) privacy as I am when it comes to technology. And that’s why I’m writing about it on my personal blog (with no comments and no visitor tracking), instead of trying to chase followers on a platform with it. I’d rather reach the 1-2 people who it resonates with than the 1,000 who skim and ignore in favor of the next thing in their feed, which they will also skim & ignore….
I’m over that. I’m over social media. I’m over platforms. I’m over over-sharing in the ways that push us into being less what we really are, than the things the technology thinks we ought to be. I’m also still an idealist, even after all this time working in tech, and spent online as a human. I believe it’s still possible we can build better technologies that better serve actual humans, instead of corporations bent on growth. And I know the first step of doing that is always to be able to open up the possibility, the space that it can be so, the vision of what it would be like. Once we have that, bringing it into reality is only the next logical step, though we will have to let go of some old bad habits and wrong core assumptions of what’s actually good and desirable in tech in order to get where we’re going. Or that’s the idea anyway. I’m just a blogger, what do I know.