It’s P7012: Standard for Machine Readable Personal Privacy Terms, which “identifies/addresses the manner in which personal privacy terms are proffered and how they can be read and agreed to by machines.”
P7012 is being developed by a working group of the IEEE. Founded in 1963, the IEEE is the largest association of technical professionals in the world and is serious in the extreme.
This standard will guide the way the companies of the world agree to your terms. Not how you agree to theirs. We have the latter “system” right now and it is failing utterly, massively, and universally. Let me explain.
First, company privacy policies aren’t worth the pixels they’re printed on. They can change on a whim, and there is nothing binding about them anyway.
Second, the system of “agreements” we have today do nothing more than put fig leaves over the hard-ons companies have for information about you: information you give up when you agree to a consent notice.
Consent notices are those banners or pop-overs that site owners use to halt your experience and shake down consent to violations of your privacy. There’s usually a big button that says ACCEPT, and some smaller print with a link going to “settings.” Those urge you to switch on or off the “necessary,” “functional,” “performance,” and “targeting” or “marketing” cookies that the site would like to jam into your browser.
Regardless of what you “choose,” there are no simple or easy ways to discover or dispute violations of your “agreement” to anything. Worse, you have to do this with nearly every freaking website you encounter, universalizing the meaninglessness of the whole thing.
But what if sites and services agreed to your terms, soon as you show up?
We have that in the natural world, where it is impolite in the extreme to look under the personal privacy protections called clothing. Or to penetrate other personal privacy protections, such as shelter, doors, shades, and locks. Or to plant tracking beacons on people to follow them like marked animals. There are social contracts forbidding all of those. We expect that contract to be respected, and for the most part it is.
But we have no such social contracts on the Net. In fact, we have the opposite: a feeding frenzy on private information about us, made possible by our powerlessness to stop it, plus boundless corporate rationalization.
We do have laws meant to reduce that frenzy by making some of it illegal. Others are in the works, most notably in Europe. What they have done to stop it so far rounds to zero. In his latest book, ADSCAM: How Online Advertising Gave Birth to One of History’s Greatest Frauds, and Became a Threat to Democracy, Bob Hoffman has a much more sensible and effective policy suggestion than any others we’ve seen: simply ban tracking.
While we wait for that, we can use the same kind of tool that companies are using: a simple contract. Sign here. Electronically. That’s what P7012 will standardize.
There is nothing in the architecture of the Net or the Web to prevent a company from agreeing to personal terms.
In fact, at its base—in the protocol called TCP/IP—the Internet is a peer-to-peer system. It does not consign us to subordinate status as mere “users,” “consumers,” “eyeballs,” or whatever else marketers like to call us.
To perform as full peers in today’s online world, we need easy ways for company machines to agree to the same kind of personal terms we express informally in the natural world. That’s what P7012 will make possible.
I’m in that working group, and we’ve been at it for more than two years. We expect to have it done in the next few months. If you want to know more about it, or to help, talk to me.
And start thinking about what kind of standard-form and simple terms a person might proffer: ones that are agreeable to everyone. Because we will need them. And when we get them, surveillance capitalism can finally be replaced by a much larger and friendlier economy: one based on actual customer intentions rather than manipulations based on guesswork and horrible manners.
One candidate is #NoStalking, aka P2B1beta. #NoStalking was developed with help from the Cyberlaw Clinic at Harvard Law School and the Berkman Klein Center, and says “Just give me ads not based on tracking me.” In other words, it does permit advertising and welcomes sites and services making money that way. (This is how the advertising business worked for many decades before it started driving drunk on personal data.)
Constructive and friendly agreements such as #NoStalking will help businesses withdraw from their addiction to tracking, and make it easier for businesses to hear what people actually want.