IGF 2018 WS #74 If data is the currency, trust is the exchange rate

Organizer 1: Sofia Rasgado, Fundação para a Ciência e a Tecnologia (Portuguese Safer Internet Centre Coordinator, Department for Information Society)
Organizer 2: Sabrina Vorbau, European Schoolnet/ Insafe
Organizer 3: Rodrigo Nejm, Safernet

Speaker 1: Ana Neves, Government, Western European and Others Group (WEOG)
Speaker 2: Olausson Kristina, Private Sector, Western European and Others Group (WEOG)
Speaker 3: Oliana Sula, Civil Society, Eastern European Group
Speaker 4: David NG, Civil Society, Asia-Pacific Group

Moderator

Sofia Rasgado

Online Moderator

Rodrigo Nejm

Rapporteur

Sabrina Vorbau

Format

Panel - 90 Min

Interventions

The session will include a diverse range of experts from four different stakeholder groups – government, industry, academia and civil society. In addition, youth participation will complement the discussion by giving critical responses. More specifically, the following perspectives will be represented: • Young people: outlining the day-to-day challenges when being online and participating in social networks and downloading new applications. Calling for the need to make terms and conditions more accessible (e.g. easy language, short and to the point, highlighting key information accordingly, innovative nutritional labelling). • Industry: Presenting improvements that have been done so far in order to make privacy and security information more user friendly. Sharing, awareness raising efforts that have been put in place to give further support to users e.g. safety checks, while outlining what is planned for the future. • Legislators/regulators: Ensuring that consumer rights are protected and align with a more global set of data protection standards. • Education / online safety stakeholders: Outlining the importance of supporting citizens of all ages in today’s digital society, emphasising on the necessity of including the subject of digital citizenship respective online safety in the school curriculum and providing professional development opportunities for adults.

Diversity

By involving experts and stakeholders from across the globe, e.g. Europe, Latin America and Asia, whilst bringing in the voice of youth also, we hope to build towards a more global set of data protection principles for all citizens in a global digital culture, taking into account the unique needs and vulnerabilities of children and young people of all ages, to allow full participation as producer and consumer.

Following the great deal of discussion about the EU General Data Protection Regulation (GDPR) and particularly around the impact on children and young people. In this IGF panel session, we will discuss how Europe’s new privacy law has changed the way we share and process data. More importantly, the session serves the platform to address issues and develop best practices for global cooperation between different countries, organisations and initiatives in order to foster the multi-stakeholder approach.

In terms of format, the panel will be organised as a facilitated dialogue. Led by the moderator, a diverse range of experts from different stakeholder groups - academia, government, industry, civil society and youth participation – will discuss key questions and issues. Possible questions may draw-upon: • What are the implications of recent stories? • Did the power balance of data control at world-wide level really shifted towards the consumer with the new GDPR? • How does the GDPR affects non-EU citizens, companies and Governments? Can it act as best practice module for the global North and South? • What is next for providers whose business models rely and trade on the currency of personal data? How will users trust be reinstated? • How to raise critical thinking on young people concerning how to understand the practices of the different parties to whom they give data? Where will the data go? What will happen to them? How the data is being used? Following the round of questions, experts are invited to give open comments, after which the moderator will turn to those attending the session and invite the audience to engage in the conversation. (Tentative) Agenda: ● Welcome and opening comments by onsite moderator (10 min) ● Round of questions (2-3 max.) to panel (40 min) ● Moderated Q&A with the audience (30 min) ● Closing remarks by onsite moderator (10 min).

Recent stories have dramatically disclosed the extent and volume of personal data being acquired by online providers to the mainstream. Personal data being used as ‘currency’ was little understood by many users and in some cases their trust has been affected. Moreover, consumers have gained the right to access data companies store about them, the right to correct inaccurate information, and the right to limit the use of decisions made by algorithms, among others. Although more models have been put forward to consumers, whether they’re based on subscriptions, ads, or other kinds of data collection, one big key is going to be making sure that people really understand the model they have chosen. Consumers are not going to use services if they don’t trust them, and building in privacy tools is essential to that. It must be taken into account that data privacy and trust are both technical and social concerns, nevertheless they also rely within the complexities of human behavior. Though the law applies only in the EU, many companies (e.g. Google and Facebook) are making changes globally. “In the mid-90s, during the heady days of the US dotcom boom, the World Wide Web ushered online marketing and data-collection practices that raised fundamental privacy concerns for children. The emerging business model of e-commerce, the increasing value of children as a target market for advertisers, and the technical affordances of the Internet made it possible for websites to collect large amounts of personal information from children by tracking their browsing behaviors and offering them incentives for filling out detailed online questionnaires.” (Data Protection for Youth in the Digital Age; Montgomery and Chester) Will GDPR help? Providers must be clear and concise about their collection and use of personal data (e.g. name, address, etc.) and need to highlight why the data is being collected and whether it will be used to create profiles of people’s actions and habits.

Online Participation

Remote participation will be ensured through prior involvement of various stakeholders from across the world. The online moderator will ensure that remote participants are able to communicate questions to the onsite moderator during and after the debate. Complementary to this, a social media campaign on Twitter will help to give further visibility to the panel session both prior, during and after the event. Live tweeting during the session will open the discussion to a wider online audience and will give remote participants the possibility to get directly involved in the debate.