The cover story came a single year before Google became the world’s search engine, seven years before Facebook emerged to connect over two billion people and nine years before Twitter exploded with 500 million tweets a day.
"We need to adopt a privacy-by-design approach which embeds privacy and ethical standards into all initiatives which collect, manage and use data to proactively protect customer rights.”
Following in Time’s footsteps, 17 years later Forbes declared - perhaps even more dramatically - Privacy is Completely and Utterly Dead, and We Killed It.
Forbes puts the guilt squarely in the hands of us, the consumers, telling us we were guilty of killing privacy with insatiable searches, a tendency to respond to every online survey or competition with a ‘free’ prize and our non-stop online shopping addiction.
For some the trade-off between handing over personal information for the privilege of buying coffee with a swipe of your phone or receiving alerts for cheaper flights are worthwhile trades. To these consumers, losing a little bit of privacy for the sake of convenience is reasonable.
For those with a keen sense of privacy it is isn’t easy to wade through - let alone understand - pages of legal-speak privacy statements or figure out how to manage the settings on all their apps.
Organisations have not made it simple for consumers to control their preferred level of privacy and consumer voice has traditionally not been loud enough to trigger much investment in greater data control above what is required by local legislation.
In March 2018, the game changed. The Facebook and Cambridge Analytica scandal drew global attention to the power of data. Through the use of personal information gleaned from Facebook, data scientists were able to obtain a picture of a person’s character better than those closest to them - and in some circumstances better than their spouse.
Millions of people impacted in the scandal were largely unaware their personal information had been retained, was being used to produce psychometrics about them and in some cases utilised to manipulate their emotions.
Facebook users provided their data to a third-party app for the primary purpose of being provided with a point-in-time profile. But information was kept and used for other commercial purposes which were not transparent to the user.
The psychometrics highlighted to Cambridge Analytica the emotional vulnerabilities of each person profiled, and those vulnerabilities were exploited through non-transparent means - such as non-verified news items and online articles designed to swing their voting preferences.
It did not pass the ‘reasonable use’ test in the eyes of those impacted, nor to the rest of the world.
With Facebook CEO Mark Zuckerberg recently enduring 10 hours of grilling by the US Senate and House Representatives, the privacy debate has been globally resurrected.
Canadian, Australia, Irish, US state and federal agencies and EU Privacy Commissioners have all launched investigations and new EU General Data Protection Regulation laws came into effect on May 25.
Privacy is back haunting debates in legislative chambers, senate floors discussions, media and consumer forums because data was allegedly used to manipulate people, pushing their emotional buttons to change the way they think and feel - and ultimately influence society. All of this shows how powerful data can be and why the privacy debate can never die.
On a practical level, the Facebook scandal has created a surge of people asking for understandable terms and conditions, changing their privacy settings (when they can find them), and asking for details about when, where and how their personal information is being shared with third parties.
It has taken a worldwide breach of trust to arouse privacy from its slumber. For business, it’s also a huge wake-up call – but there are positives.
There is a big opportunity for organisations which capture, manage and use personal information - like banks - to get on the front foot and improve their privacy settings, provide more-transparent and nuanced consent management frameworks than the current binary opt-in and opt-out systems and take a more consumer-centric view of privacy. It isn’t just a compliance or legislative requirement - it is right thing to do.
Indeed, from a compliance requirement organisations may not have a choice. Given almost all global corporations buy, sell, or use personal data, the new EU legislation - GDPR- is legislating for a stronger, pro-consumer data protection regime.
This means greater demands for transparency on how and where personal information is being used, simple consent offerings so consumers can more easily object to direct marketing and profiling, 72 hour data breach notifications, and the right to have personal information deleted.