🌳 Regen U: Meet Yoav Aviram, Founder of Conscious Digital – a non-profit advancing digital human rights

Welcome to Regen U: Conversations with changemakers, inside and out. A monthly live interview series with impact-driven entrepreneurs that champion climate action and ecological regeneration and recognise the imperative for individual and collective healing.

This month, my guest is Yoav Aviram – a digital rights activist and a founder of Conscious Digital. A non-profit creating people-centred digital initiatives promoting and advancing digital human rights.

I always start by asking – what is regeneration for you?

The idea of replacement – replacing something damaged with something not damaged. It has an ecological and societal sense to it and it’s based, at least for me, on the assumption that humans make mistakes.

We have crossed some points of no return ecologically. The same applies in the digital domain. We may be the last generation that can fix it before it’s too late.

It is quite an overwhelming thought to realize that we are the last generation that might be able to fix things. To hear it, accept it and choose to do something about it. 

Yes, this realization came about when I had children, and I was looking at the world through their eyes, and suddenly, you get a 30-year time horizon in terms of your thinking.

You say you believe in a world where individuals, not corporations or governments, are first-class citizens of the digital domain.
What was the driving motivation to set up Conscious Digital?

I was first time on the internet in 1993 and was involved in the internet revolution from the get-go. And I remember for a long time, this seemed like a force for good. It was clear that this is intermediating, the old gatekeepers and democratising information.

However, in 2015, I started to consider whether are we heading in the right direction and didn’t like the answers I had to give myself. In 2018, when the European Union legislated the GDPR, general data protection regulations, that gave people for the first time rights about their data, my first thought was, wow, finally, there’s a step in the right direction, but I was sure it will be complicated.

But I also thought I could fix this because maybe there is just an accessibility issue. Maybe I can make legal rights more easily accessible. And this is how Your Digital Rights was born, where we enable people, help people to get companies to either give them a copy of their data or delete their data.

You’ve been running the company for a while – have you seen a change in people’s interest regarding their personal data?
Do they care more or less about it?

As far as changes, definitely, there is a very big shift. It’s slow, but it’s very noticeable. First, in terms of the different regulations out there. When we started, there was only the European Union, and then there was California. Now, there are maybe 20 or 30 different jurisdictions with data regulations and maybe seven or eight states in the United States that already have data regulations, with many more coming in the next years. Even China has a data protection regulation. 

So, in terms of the regulatory landscape, definitely a change. Also, people are much more aware that it’s a problem and that they can do things to alleviate the problem. 

The big trade-off is always between privacy and convenience. So, all the things we do that take our data away are convenient; otherwise, we wouldn’t be doing it. 

But the change is coming, and it’s inevitable that people will understand the problem.

Very positive outlook. But don’t you think that unless you’re a data rights activist, it’s really difficult to keep up with privacy laws, what’s happening in the space and to know how your data is being used?

Yeah, there are three components to this. One is the regulations, the legal infrastructure that either limits companies or whoever it is from abusing your personal data or gives individuals the means of doing something about it. 

The second part is people in terms of awareness and education, I also see the change here.

And the last bit is the enforcement because regulation is nice, but there must also be enforcement in case companies decide not to abide by the law.

Can you share some examples of how our data is being used?

In 2017, The Economist declared that oil is no longer the most profitable commodity – it is data. Data is very, very financially profitable. We need to switch our mental model from thinking about each website or service we use working as a silo. That’s not how it’s done and where the danger comes from.

There is an entire ecosystem of data. Everything we do, all our online interactions leak some sort of personal data. Many companies collect it but don’t necessarily use it themselves – they trade and sell it. There is a whole bunch of intermediaries called data brokers.

These companies that are in the business of buying and trading personal data, and they don’t provide any services or value directly to us. When this data gets bought by other companies and augmented with other data sources, and that’s where it becomes so potent where it’s compound. One data point compounds another data point.

RealPage

For example,  there is a company in the US called RealPage. RealPage sells a product that helps landlords and real estate agencies extract the most rent from renters. Part of what they do is take this personal information to figure out when you rent an apartment, how much you can afford to pay and, therefore, mesh the price to how much they can extract from you. This is very, very sophisticated market. They use everything: your consumption habits, status, other online purchases and interactions.

Another example, in May, Toyota declared a big data leak. They lost information about 2 million of their customers. And that information specifically was the location data of the car. Now the question is why they lost it and why they are collecting this data. Why is this data being collected and stored in a database where it can leak? And the answer is because like every other company, that’s another revenue stream for Toyota, they can then take this data, package it up, sell it, and make money from it. 

So, every company sitting on any kind of data now has a very easy way of monetising it if they just package it up and sell it. And most companies out there end up doing it. 

Another last example. The whole reproductive health situation in the US, where overnight abortions have been criminalised, made a lot of people regret past behaviours that they had online, which indicated their inclination or just their position towards abortions. 

And there is a big deal today with all the period tracking apps because these apps, like many other apps out there, package this information and sell it because they get paid for it. It’s another revenue stream.

That information can then be bought by just about anyone. It’s a free, open market and can be used to sell or influence commercially or politically.

And also in the case of the US straight out to take to court people who have indicated their desire or their support of someone in the case of abortions.

And this is happening without people’s consent?

Consent is tricky because of the terms and conditions we accept. Whenever we use anything, sometimes by ticking a box, sometimes just by using a website, we never read them. Nobody ever reads them. 

So whether or not they ask for consent, they probably do. And we probably give it. But it’s not informed consent. It’s not conscious of that choice.

And even if we give consent, even though we have the right to take away that consent to withdraw our consent, we might give it again later in some other way. The data sources are so abundant that it’s very difficult to navigate this landscape.

What can we do about it as individuals or businesses?

The first step is to minimise the amount of data we expose. I’ll give a very simple example and how the trade-off between convenience and privacy plays a part. 

So, I think everybody by now knows that Facebook doesn’t really respect our privacy. They are in the business of collecting our data and selling it to advertisers. That’s their business model. And they’re very strongly incentivised against ever-changing that pattern. Yet most people or a lot of people still keep their Facebook profile, maybe because it’s a way to connect with their family or promote their business. And it sometimes seems like it’s a big trade-off to completely delete our Facebook account because how will we do all those things? 

But there is are middle ways. One very easy and very significant in terms of what it gives us is to decide to uninstall our Facebook app on our mobile phone and only use it from our desktop device. 

And that has a few different effects. First of all, most of the interesting data of the most obtrusive data that Facebook collects from our mobile devices. That includes our location, it includes who we’re speaking with on the phone or on other apps and what apps we’re using. The mobile is just the perfect surveillance device. So by moving to the desktop, we first don’t give them all that data.

But the second thing is that we break out of the addiction cycle. First of all, it’s just a matter of well-being in our and getting more and more addicted to these digital services. But that again, reinforces their ability to know what we’re doing and collect more information, profile us. 

So the top of my Facebook feed is not optimized to the most important topic of the day. It’s optimized to whatever increases revenue for Facebook that day. That is becoming a significant problem, especially when you think about climate and how you coordinate something on a global scale?

You really need a communication medium that serves you. And I think these communication mediums are not serving us. They’re serving someone else.

Absolutely, I always advise my clients to use socials as a first touch point but then focus on email marketing private membership sites or other platforms.

I don’t have a problem with marketing per se, and I don’t have a problem with technology. Technology is a tool, but we have to be responsible, and we have to be ethical in the way that we apply technology. I definitely do not agree that everything is legal equals everything that’s ethical. There is a big gap between where legality ends, which is covered by ethics.

So I think generally in every interaction that we have with people, we should keep in mind that these are individuals and that we have a responsibility towards them and that we need to behave in an ethical way. 

And I do think that all the marketers out there know when they cross the line and when they are doing that in sense of helping someone. And when they’re overreaching. And usually, what stands at the base of everybody’s thinking is simple economics. I want to make money. I need to spend money to make it. What does my budget allow me to do? 

I think we should switch that to a more humane approach – genually want to help people. Maybe they don’t know about my product, I then help them by educating them, but I don’t need to coerce them into buying.

Paid advertising really doesn’t respect people’s privacy and data. Meta frame tools such as Conversion API as ”privacy-enhancing technology” when in reality, they’re just finding another way to track you.

Up until now, Facebook has been using browser cookies to track people. But the EU has legislated against that, and browsers have complied (specifically against 3rd party cookies).  Now, Facebook is switching to another method to circumvent the restrictions. Instead of tracking from the client side, they will track from the server side. This is intended for all 3rd parties using the Facebook platform to display ads or share and like buttons. Then they spin it as a privacy-improving step when in fact, they are doing their best to keep on tracking everyone.

Meta and Google have absolutely no incentive to be transparent or to offer alternatives that are more privacy-preserving. This is why the regulation has a very important role. It is really stepping up first in terms of limiting what can and cannot be done. The EU has a new regulation that came online or was recently enacted called the Digital Markets Act. They are very aggressive about what big platforms like these can and cannot do, recognising how big of a role they’re playing.

The Biden administration is keen to act, and Google is in court now. Amazon is in court now, and there is a desire to break these big monopolies apart. It depends on how that goes through, but it’s not all on just on us. Sometimes, all our options are bad. That’s where regulation and enforcement come in.

And we can also also take a step regarding our data deletion.
Can you talk more about that?

We (YourDigitalRights.org) make it easy for anyone to request the data a company has on them or to request that the company delete it. We have a huge database of companies, and hundreds of thousands of people use the service.

Understand that this data is yours, it’s not the companies’. Get a copy of the data to see what the company really has on you, and then ask them to delete it. These are your rights.

Your company’s impact is incredible: 180k data requests submitted, 344 complaints to government regulators, 29k organizations mapped, 906k data brokers map – congratulations! Does it give you hope?

Yes,  people are becoming more aware of their rights, that’s very good. Then they become less exposed to all the different negative trends relating to data privacy.

Each time you send a data request, you do three things:

1. You become less exposed to all the different negative trends relating to data privacy.
2. You send a clear message to these companies that we care about our data.
3.  You make it less economically viable to collect data in the first place because companies pay a small price for each one of those requests. So, the more requests we have, the less it makes sense to collect data in the first place.

That’s great progress. How can we support Conscious Digital?

Use the service, it’s free. Use it to make sure that you own your personal data. We also have a newsletter called Privacy Alerts, where we share news about significant events that you probably want to do something about in terms of companies being breached or being irresponsible with our data – subscribe to that newsletter.

If you want to support us further, when you subscribe to the newsletter, you also have the option to pay for that subscription. It’s the same newsletter, the same alerts, but that’s giving us a donation and keeping us fair, biased, and sustainable.

Thank you so much, Yoav!

Enjoyed the conversation?

Subscribe to Regen U: Conversations with changemakers, inside and out. ⬇