Soooo. Harry and Meghan got married. It was a saturday and the world had to 'see it'. How the good ol' US of A finally infiltrated into the womb of its own origin. There is just no escape from such an event. So I bore it with pride and sat down to make sure I could have the invitable conversation at the next birthday party.
I'm not much of a fan of the celeb world. But then we saw something innovative. Our friends at Amazon displayed their digital prowess by doing
- Real Time facial recognition
- Augment the image with information about this person
And then it got my attention. This time the "No Escape" clause was upon the celebs. It brought me back to a topic I discussed with peers as early as 2006 and that has been buzzing in my mind ever since. So while others enjoyed the US version of a preach in a very traditional English church, I thought about an article written by Law Professor Corien Prinsin 2007 about the Right to Identity.
As minds do, they connect impressions from different sources. At least mine does :-). There is a brilliant (awarded) commercial of a Temp agency called Tempo Team in which the chef tells a cook that he is missing a vital ingredient: "taste!". As it so happens, the Royal Wedding was in the same time as the deadline of GDPR and also with GDPR I feel we are missing a vital and fundamental ingredient: The Right to Identity. The right for a person to BE SOMEBODY, regardless of whether you are a royal celeb or a coal miner in China. Despite that there may be information about you publicly available, it still doesn't give you the right to use that information without the consent of the person. Amazon displaying this information is imho 'crossing a not so well defined line'.
Essentially when you implement GDPR you fundamentally recognize the Identity of this person and recognize that the information that DESCRIBES THE IDENTITY of a person is the sole property of this person. This goes beyond getting your legal disclaimers in place, send a mail to agree and modify some processes so only people in the EU can do the same as previously was done by people outside the EU.
With Big Data, AI and ML, we will see a surge of ethical dilemmas that require us to recognize the Right to Identity in the same way as modern countries recognize the Integrity of the Human Body and the sole decision to 'invade" the body is with the individual.
It is a bit of a crying shame that policy makers are running behind the technology makers and that the technology makers fail to call things as they are. I know, big money. But if you want to do it right and you design this with the Identity-right in mind, then you will lead because, the next generation will simply switch off the grid as your company cannot be trusted. For that matter the internet is akin the dark medieval times. No trias politica (multi billion users in a digital community with no 'digital congress or senate' ), no power separation, a few Lords promising to protect their flock against bush robbers and villians and in return own the people.
A way out of this is to declare the Right to Identity to be a Human Right. GDPR is nothing but a first move towards rewriting the book about who owns which data ABOUT YOU and who decides about collecting, using and displaying information that describes your identity.
Try to think about how it will reshape the Internet game. GDPR was just setting the tone, not playing the concert.