Not the Messiah, just a very very nasty boy:

Uber abhorrent actions on huge data breach

https://www.technologyreview.com/s/609539/uber-paid-off-hackers-to-hide-massive-data-breach/?utm_source=newsletters&utm_medium=email&utm_content=11-22-2017&utm_campaign=the_download

Another day passing, another Uber’ story exploding, another data breach threatening privacy of millions. 

I have a confession to make: I always was quite a sceptic of Uber and felt less then enthralled by the company culture, principles and ethics, for what I knew. I have had many arguments with friends about it. I also did not work for them, even when contacted and having to deal with the not very dignified interview process told Uber to basically not contact me anymore. But I would be lying saying I am not using Uber, because I do.

I have a strong belief that the emerging data economy is full of promises and could help solve many important economic, social, societal problems. I don’t believe though that to be successful it has to destroy or flout existing regulations and laws. Or not comply with obvious minimal requirements like immediately reporting a breach. And even worse... Trying to hide and to sort the things in another ridiculously amateurish way. Really not.

Beyond the frankly gobsmacking lack of ethics and principles that have supported the exponential development of Uber -which raises by itself many angry questions in many areas- what happened also interrogate the status of data protection in the U.S.

But first, it is high time to say loudly that being a player in the digital economy is not making you per se a good corporate citizen. Let’s burst this bubble right now, right there. The “don’t be evil” from yesteryear is fast becoming “a touch of evil” because of a number of ambitious, principles entrepreneurs who believes that they can act as the rubber and oil barons of the 19th Century. Well, no, simply no. Enough. 

The many shocking failures and actions that are emerging from the horrid Travis Kalanick reign’s of terror are putting into both stark light and terrible risk the further development of data-driven digital innovation.

Not that he is the only instance: Facebook or Twitter lack of principles and control on fascist and nationalist trolls, the Russia intervention in the U.S. elections and the Brexit Referendum campaign, many other instances of the like are a damning compendium of out-of-control ambitions and hubris, lack of ethics and moral principles and total disregard of rules and privacy of individuals.

To the data protection issues now. 

While around 45 U.S. States have enacted data protection laws including some quite advanced like California, the lack of a harmonised, strong Federal framework is becoming a truly problematic issue at a times where both the number and the number of people impacts is growing to ridiculous numbers (e.g. 57 millions impacted with Uber, 143 million users impacted with Equifax, 400,000 of them in the UK, etc.). 

Despite the Supreme Court ruling in Griswold vs. Connecticut case in 1965 that the Constitution, through the Bill of Rights implies a fundamental right to privacy a in Griswold vs. Connecticut case in 1965, very few states, however, recognize an individual's right to privacy.

It is now time for the major market players, both incumbent and start-ups and indeed for the Federal (not very hopeful there) and States Administrations to act. With some vision and drive. 

There is simply no justification whatsoever at a time where some of most pervasive and essential digital technologies are data-driven with huge potential impacts on future economic, social, societal impacts that are just emerging: the data economy, Artificial Intelligence, etc. contained many promises to disrespect and flout individuals privacy. 

It is a dangerously short sighted view.

It is possible, as both the European Union and its Member States demonstrate, to have both very strong data protection legislation and also have a buoyant, innovative digital scene developing full speed. Even more important, many start-ups are actually pro-actively using transparency including on the use of data in commercially successful ways. 

And finally, the principle that individual’ data actually belong to the said individuals seem pretty logical. It is however still not the case in the U.S. and this is at the basis of many of the existing woes. Data subjects are only giving a right of access and use to market players and that it can be removed and the user forgotten, access to the information held is key including the right to ask modifications in case of errors, etc.

It is high time for the U.S. to come to their senses on privacy. Any further Uber or Equifax horror could create a massive consumer and citizens backclash that will threaten future U.S. prosperity and competitiveness.

Not less.