Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


Industry Unbound, book review: How the tech industry pays lip-service to data protection and privacy

Law professor Ari Ezra Waldman describes how he embedded himself in three tech companies in order to document how privacy laws play out in real-world practice.
Written by Wendy M Grossman, Contributor
Industry Unbound

Industry Unbound: The Inside Story of Privacy, Data, and Corporate Power • By Ari Ezra Waldman • Cambridge University Press • 364 pages • ISBN 978-1-10849-242-3 • £20   

"I'm going to change the system from within," a university housemate said proudly as she went off to law school. A couple of years later, she was more sanguine: "The pressure on you to conform is so strong that you give in."  

I think of her every time a privacy advocate friend takes a job with a huge data-guzzling firm, always ardently believing their hiring proves that their new employer really cares about privacy. From there, either they become assimilated into defending practices they used to excoriate, or they quit in frustration.  Usually, the latter. 

It is this experience that Northeastern University professor Ari Ezra Waldman documents in Industry Unbound: The Inside Story of Privacy, Data, and Corporate Power, for which he embedded himself in three (unnamed) companies in order to document how privacy laws play out in real-world practice. From this vantage point, he attends meetings and watches as his chosen companies design and release products, write privacy policies, and brief politicians and lobbyists. Cloud computing security: Five things you are probably doing wrong

Waldman's findings in the book, described in a recent talk at the Computers, Privacy, and Data Protection (CPDP) conference, are depressing -- especially for those who have spent large parts of their careers ushering data protection and privacy laws into existence.  

"An army of foot soldiers, who ironically see themselves as part of the resistance," is what he calls the legions of privacy professionals on whom Silicon Valley CEOs depend for a privacy-friendly veneer over the manipulation and deception that are endemic in today's apps and online services.

Information capitalism

Over and over again, Waldman sees engineering and design teams exclude the privacy personnel he watches, while the privacy teams themselves spend enormous effort writing the kinds of policies that none of us want to read. Does their work "performing accountability" eventually result in consumer-friendly changes to products? Well...no. All the impact assessments in the world are insufficient to stop these companies from putting out products that default to "dark patterns" or change the relationship they have built between collecting data and generating profits. 

SEE: Cloud computing security: Five things you are probably doing wrong

"Information capitalism," as Waldman calls it, survives the entire process of legal compliance unchanged. It has assimilated the privacy laws and normalised warping the laws' intent to serve its own interests. 

Often, the laws themselves don't help as much as they should. Vaguely written clauses enable businesses to stay inside the law without really changing their data extraction practices. What's needed in such cases, Waldman writes in a chapter on how to make changes, is unequivocal bans. No amount of tweaking, for example, will make facial recognition benign, and someone whose life has been damaged by a decision made by an algorithm is not sufficiently protected by a law that gives them the right to understand how the decision was made. In addition, privacy law could learn from other sectors such as securities law, which specifies standards for independent audits and oversight. 

No-one wants to blame well-meaning, highly-trained professionals who are doing their best. But, Waldman concludes, the reality is that information capitalism survives in part because of the efforts of today's privacy professionals. Next time a friend says they're taking one of those jobs, get them to read Waldman first.


How to delete your Twitter account and protect your data

The best encryption software: Protect your data

UK privacy watchdog fines Clearview AI £7.5m and orders UK data to be deleted

Murena, the privacy-first Android smartphone, arrives

Meta updates privacy policy with more detail about what data it collects

Read more book reviews

Editorial standards