Privacy is Big business: How Big Tech instrumentalizes PETs to expand its infrastructural power

Privacy-enhancing technologies (PETs, e.g., end-to-end encryption, multi-party computation) are aimed at protecting the privacy of end-users and constraining power asymmetries due to massive data collection. Especially since the Snowden revelations and the introduction of the GDPR, we increasingly see Big Tech companies introduce PETs. Given the reach of their infrastructures, this means billions of users get access to PETs: a win for end-user privacy. But, is it?

In more than one instance, the same PETs these tech giants boast about, allow them to also exert power over other organizations (e.g., businesses, governments) that depend on their infrastructure. Recent research suggests that privacy is ‘big business’: PETs can expand the infrastructural power of a few tech behemoths while minimizing data collection from end-users. For instance, while Amazon Web Services offers cryptographic computing technologies (e.g., secure multiparty computation, privacy-preserving machine learning) in addressing businesses’ cloud computing privacy concerns, the same technologies can boost enterprise cloud adoption. They can address data privacy concerns of businesses that previously avoided cloud adoption, accelerating their lift and shift to Amazon’s massive cloud infrastructure and increasing their dependency on the cloud. Moreover, similar concerns have been raised with other initiatives like Google Privacy Sandbox and Apple’s Ad Tracking Transparency, in particular regarding how technical reconfigurations of browsers and smartphones by these giants can impact digital advertising companies, while not actually constraining their ability to target users.

PETs in this constellation create a social dilemma: private and public institutions may need to pass through a handful of powerful tech companies in order to satisfy their end-users’ privacy rights. This dilemma sparks several questions we want to discuss with the PrivacyCamp community:
• In which ways has privacy become instrumentalized to establish market dominance or increase dependency on corporate infrastructures?
• What solutions or countervailing forces are available to resist the instrumentalization of PETs to support the expansion of big tech’s infrastructural power, and what are their limitations?
• How can we recover privacy and privacy technologies’ role in serving the public interest, and not the bottom line of corporations?

The panel will explore cases and critically engage with these questions, bringing together perspectives from academia, policy/governments, and civil society, while encouraging inputs from the audience.

Moderator:

  • Dr. Seda Gürses: TU Delft moderator

Speakers:

  • Dr. Kris Shrishak; Irish Council for Civil Liberties (ICCL)
  • Thijmen van Gend; TU Delft
  • Donald Bertulfo; TU Delft
  • Dr. Carmela Troncoso; EPFL