Experts: 2020 to bring new data privacy, content protections

Two Carnegie Mellon University professors expect 2020 could bring new regulations and laws to protect consumers from data privacy risks and block pirate sites.

In the coming year, Ari Lightman, professor of digital media and marketing at Carnegie Mellon’s Heinz College of Information Systems and Public Policy, predicts that lawmakers will tighten regulations on social media networks as part of a push for more transparency from digital giants. These would legally mandate auditing of third-party applications to ensure that the user data they collect adheres to security and privacy measures.

Lightman expects such regulations also would address data ownership and rights.

Michael D. Smith, professor of information technology and marketing at CMU’s Heinz College and Tepper School of Business, questions whether U.S. policymakers will follow the lead of more than 40 countries that have blocked access to known pirate sites. These websites provide free downloads of movies, music and other content.

Smith points to research that shows digital piracy harms artists and consumers “by reducing the amount of content that can be produced profitably, particularly projects with high artistic value.”

Lightman and Smith’s full 2020 predictions are listed below.

Ari Lightman, professor of digital media and marketing, Heinz College:

“In 2020, organizations will have to be more transparent to individuals on how data is being collected, shared, used and monetized. In addition, it will be their responsibility to communicate to users how personal data that they collect and distribute can be used in aggregate for malicious intent. 

Organizations constantly are collecting users’ data, including their personal identifiable information — such as social security numbers and drivers licenses — and less sensitive information — like streaming video consumption patterns and content generation. However, even less sensitive data can be combined to socially engineer someone’s identity, making it potentially as risky as personal identifiable information.

The other issue is data use. Does the data collected remain stored by the company for research and development, marketing, customer service and support? Or does it get shared with other authorized partners, third-party data aggregators or commercial brokers? Classification of data and use of data, therefore, needs to be shared with consumers who will make decisions on whether to allow this activity and consider what it might mean for them. For example, this has huge implications for social media networks that aggregate user data on just about everything, combine it with other data stores and provide an opportunity for advertisers to hyper target consumers. Since they have a treasure trove of user data, social media networks allow users to share their data with third-party applications rather than reenter their data to begin using an application. 

If social networks are responsible for safeguarding user data and now need to be transparent on how that data is collected, shared and used, it could mean that they have a regulatory requirement (not just ethical) to audit third-party applications that use data they have collected from the network to see whether they adhere to security and privacy measures. 

I expect this regulation will be proposed and put forward in 2020. It will also have wording on data ownership and data rights. This will provide greater clarification on who owns online user information and who has the rights to use it, which includes monetization.”

Michael D. Smith, professor of information technology and marketing, Heinz College and Tepper School of Business:

“The peer-reviewed academic literature consistently shows that digital piracy causes economic harm to creative artists, which in turn harms consumers by reducing the amount of content that can be produced profitably, particularly projects with high artistic value.

These findings raise an important question: given the harm from pirate content, should governments pass laws to block access to sites providing pirate content?

Many industry observers argue that such laws will be ineffective. Piracy, they say, is a game of whack-a-mole: shut down one site, and five others will pop up in their place — and as long as consumers can find piracy, they will never switch back to legal channels. A 2019 peer-reviewed study I co-authored with Rahul Telang through Carnegie Mellon’s Initiative for Digital Entertainment Analytics shows otherwise. Our research finds that a law in the U.K. requiring ISPs to block access to major pirate sites caused U.K. consumers to increase their use of legal channels by 7 to 12%.

This finding, in turn, raises another question: Should 2020 be the year where U.S. lawmakers join lawmakers from 42 other countries worldwide who have already passed laws to protect their consumers — and their creative industries — by blocking access to well-known pirate sites?”

Carnegie Mellon University is committed to educating, empowering and aligning its community around the world to address the Sustainable Development Goals, also known as the Global Goals, which aim to create a more peaceful, prosperous planet with just and inclusive societies. Recognizing the critical contributions that universities are making through education, research and practice, CMU publicly committed to undertaking a Voluntary University Review of the Global Goals. The 17 Global Goals cover wide-ranging issues, including reducing violence, ending extreme poverty, promoting equitable education, fighting inequality and injustice, advancing economic growth and decent work, and preventing the harmful effects of climate change by 2030.

The preceding story demonstrates CMU's work toward attaining Global Goal 12.