T&Cs, cybercrime, data protection – the subject of trust on the Internet.
When we trust someone, we expect them to behave in a way worthy of that trust. And trust gives us a feeling of security. How does this sense of trust work on the internet, where people are largely anonymous? An interview with Matthias Kammer, Director of the German Institute for Trust and Safety on the Internet (DIVSI).
How does trust work on the internet, where people are often anonymous?
Matthias Kammer:Trust is one of the glues that hold society together. Trust is essential whenever we come into contact with something we don’t fully understand, because when we understand something, we’re no longer relying on trust. A great deal rests on trust, and that is also true for the digital world, whether we place our trust in another person, or base it on someone else’s experience. This is simply a new experience we’re having, but because our experiences are mostly positive, we trust that it will always be that way.
But the number of negative experiences—such as cyberattacks—is steadily rising...
We’re dealing with huge numbers, sure, but they bear no relation to the experience of the individual.The concrete negative experience of one person is rarely projected to society as a whole. And that’s the funny thing, if you will, about the whole down side of digitalisation or the digital world.Those who are actually affected experience this as a personal crisis. Yet because the masses rarely share in this personal crisis, it does not overshadow the positives of digitalisation.
We accept T&Cs with blind faith, even though we don’t feel comfortable about it.
One thing our studies show is the paradox that is our everyday interaction with digital outlets. We want to enjoy the benefits of digitalisation that make our lives easier to the extent that we cannot do without them. So we take the risks it presents, all the while worrying about the potential consequences. This ongoing dilemma is very obvious in T&Cs, which in my opinion have a legal quality to them in that they protect providers against cease and desist letters. Virtually no-one can be expected to read T&Cs. If we read all the T&Cs that apply to us in a year it would take us 67 days. It's just not feasible. Something will have to change here in the long run. I don’t believe that people will be reassured by a change in T&C content, but rather a system that informs them of the nature of an offer upfront, the level of security it provides, the extent to which it protects their personal data. One way could be to introduce quality seals to grade offers. There’s a lot of possibilities out there. This is something that we in Germany are just starting to explore.
On the internet, we often ‘pay’ for services by providing our personal details. Do we simply not care?
In a survey, we found that 72% of people were aware that they were ‘paying’ with their personal data, if services were free. That result really surprised me –such a high figure. It’s also pretty telling that an even higher 80% of people would like to see such business models banned. That’s a true paradox and a real dilemma, because it shows that people do indeed want the benefits offered but at the same time they disagree with the business models that make them possible. They are aware of what’s happening, but that awareness doesn’t hold us back because we have become so enthralled by the positives of digital life, that we simply can’t stop.
What regulations are missing in the digital arena?
We need regulations and standards, of course, but they shouldn’t get in the way of innovation. The new European data protection regulation that’s coming in May will introduce a good principle. We call this ‘privacy by default’or ‘privacy by design’ that's built into digital products to ease people’s minds about the negative impact on their personal privacy. And if we can be sure that companies will properly implement the underlying technologies, we’ll be a great deal further forward.