If a startup becomes successful enough to corral a sizeable chunk of the online population, you can be sure that the intelligence services of the US, the UK, Canada, Australia, and New Zealand will come knocking. And if the popular sentiment is to be believed, not only are reds hiding under the bed, but Chinese hackers are all pervasive on the cybers.
Everywhere, it seems, governments of all stripes are trying to get their hands on data, whether through hacking and tapping or legal compulsion, and sometimes, companies disclose user data through error.
While telecommunications companies are caught between a rock and a hard place in terms of handing over call records, when it comes to other user data, especially that stored in cloud services, there are fewer technical excuses for failing to do more to protect users.
Time and again, politicians have failed to protect their citizens' privacy, and so it is left to the private sector to play its part and give consumers what they want and need.
In the past week, the two major parties in Australia consigned the nation to a mandatory metadata-retention scheme that will enforce and standardise the two-year storage of the telecommunications data of all Australians for warrantless access by law-enforcement agencies.
Anecdotally, one of the unsurprising consequences of the passing of data-retention legislation has been increased interest in VPN services, which means there is a market of users who will part with some of their hard-earned money in order to protect themselves online.
It's about time, and it needs to extend beyond mere tunnelling to avoid surveillance.
Last year, I wrote that the future of computing is a battle for personal information, and that information is too readily handed over to provide the latest integration with a smart band, or acknowledged and then dismissed because everyone happens to be on one particular social network, and we should watch out for companies that begin selling off the data that its users have handed over when its fortunes sour.
The latest example of such actions occurred last week, when bankrupt US electronic retailer RadioShack put its customer database up for sale. Among the assets being sold off were more than 13 million email address, and over 65 million customer names and physical addresses. Fortunately, the New York attorney general is threatening action if a sale of the customer data occurs, but it goes to show who corporations believe customer data belongs to: Not the customers.
Add to this that current startup darling and sometimes legal taxi and car-sharing service, Uber, has decided that it going to start sharing personal data with partners, according to Forbes.
Not only do Uber users have to pay to take a ride, they are then taken for a ride when Uber sells on their personal data for data mining and "free" offers. It's an unsurprising turn of events -- and in case you have been wondering why Uber is valued so highly in its funding rounds, this is why.
As the metadata debate has shown, when people learn how much their personal data is exploited, they tend to get more annoyed, even if the practice has been going on for decades.
There exists an opportunity for companies to fight against this behaviour, should they choose to do so, and compete on the basis of privacy. This change has been expected, and conditions are only improving for such a switch to occur.
The tools are available to have a business operate the same it always has, yet know very little about its customers beyond what it absolutely needs. For instance, plenty of identity and payment solutions exist that can ensure a business holds minimal records on its customers, and often helps avoid worst-case scenarios of personal information leakage if a data breach occurs.
As the number of companies that are seen as customer advocates diminishes, and others like AT&T are charging for people to opt out of data mining, it would be a pleasant change for a service provider to actually make the conscious choice to forgo the temptations of selling on big data, and avoiding any horrific security issues.
To actually have a company promise and put in systems to reduce data collection seems increasingly like the stuff of fairy tales.
It can be done, it would be a tough, and it would not involve the dazzle and spectacle that comes with being a startup darling. With the need for customers to pay upfront for the service -- the customer and their data are not the product; the product or service is the product -- the glorified heady startup days of gaining users and thinking about monetisation later would not apply.
As our privacy is slowly eroded, the prospect of a major business fighting against the tide of surveillance and big data, and users paying to avoid it, becomes greater.
Such an organisation would be quite a disruption to the status quo.
Previously on Monday Morning Opener: