What we talk about… when we ask startups about privacy
- 20 april 2016
- Foto: T U R K A I R O
The Ubers and Googles of the future are just around the corner and we had no idea who they are. Together with Studio Spomenik we decided to take a look into the Dutch startup scene. What can we learn from them and how do they think about privacy and data protection?
Studio Somenik located and mapped out the startup scene through a data analysis of Twitter data. This data was subsequently validated and enriched with data from five in-depth interviews with relevant actors.
There is no such thing as a Dutch identity
We were unable to locate an explicitly Dutch identity. Dutch startups are incredibly focused on the United States. That’s where the opportunities, the money and the inspirational role models are.
Startups like all things “new”
This didn’t really come as a surprise: startups are primarily concerned with the newest trends, the newest design, the newest technology and the newest applications of that technology. New is always better than less-new. A lot of the conversations online are about the services and products of the future.
Startups have an enviable amount of focus
Those we spoke to are completely focused on getting from idea to product through a process of making, failing, growing and improving. All with the aim of making an impact. It’s pretty much startup culture as we know if from books like Lean Startup by Eric Ries or From Zero to One by Peter Thiel. Everything that isn’t strictly necessary is put to the side. We encountered this in the startups’ organizational processes and in the type of information that startups share online. We see a possible downside to this focus: long-term consequences aren’t top of mind, the broader societal context a new product is launched into, isn’t always fully considered.
The broader societal context? We were, of course, mostly interested in the role privacy and data protection play. We think these are essential for our individual freedoms, for a free society and for a functioning democracy. To broaden the focus a little.
Managing your privacy isn’t a startup’s main concern
Startups feel it’s the responsibility of users to safeguard their own privacy and data. If users are OK with trading their souls for free e-mail, soit. A startup’s primary reason of existence isn’t “to be responsible”, but to turn a hunch into a commercially viable product. As long as companies are clear about what they do with – and to – your data, and about how they do or don’t secure it, you can’t tell them off.
Privacy is like filing your tax return
Privacy and data protection? Like sand in the already unsteady wheels of the lean startup. This is where our research lost some of its focus. Because what is privacy really? In the conversations we had, the technocratic, legal, “tick the boxes”-definition of privacy often came up. Startups didn’t seem to care much for this dimension of privacy. Laws are unclear, cookie-notices disastrously ugly and most important: it draws attention away from the core focus of the company and therefore becomes a hurdle addressed, reluctantly, at the latest possible moment. We also talked about the human dimension of privacy. The experience of this dimension was almost physical: close to the body and highly personal. The founders we spoke to, were surprised about how much data people “voluntarily” share online, and how there seems to be a different set of rules for the digital world than for the physical world. Why do we allow infringements online we would never allow anywhere else?
So what do we take away from all this?
It’s unclear who protects our values, beliefs and boundaries
Who’s responsible for our society being one we still want to spend time in five, ten, twenty years down the road? Is it the companies behind the products and services that shape society? The government that watches over it? Or is it us, the people?
There’s a lack of vision
Admittedly, at times we find ourselves among those quick to blame companies for developments we think are detrimental. But is that really fair? As long as no real vision for privacy and data in the networked age is developed, there’s only so much the law can do to regulate the Wild West, where data is the new frontier. Leaving companies as well as citizens without clear guidelines or bearings.
The way we deal with privacy isn’t sustainable
Our current judicial framework seems to result in two things: not enough incentive for companies to safeguard data protection and privacy, and inadequate protection for citizens. And in the meantime our privacy – and freedom – is crumbling.
Where to go from here? There are a few things we want to take a deeper look into.
We want to know more about the companies responsible for the services and products of the future.
Who are the people and ideas behind these products and what do they think about us, their users?
How can we stimulate good privacy and data protection practices?
And more generally speaking, is it perhaps even possible for something like a Dutch identity to evolve? A scene with its own stories, heroes and enemies, its own mission and culture? Where privacy is more than just a legal inconvenience? (Yep, all of this and we’re still just nerds on a mission…)
This research is made possible thanks to the financial support of the SIDN Fund. We owe a big thank you to Bram Kanstein, Edial Dekker, Jons Janssens, Joost Aartsen, Nalden, Renato Valdes Olmos, Sarah Hagens and Yuki Kho for sharing their beliefs, ideas and insights.