There's nothing more annoying than getting phone calls and emails after a company sells your data, but that doesn't mean it should always be banned.
Create a free account to read this article
$0/
(min cost $0)
or signup to continue reading
So here's an unpopular opinion: allowing companies to sell your data to third parties is often a good thing.
Banning or restricting this practice would have a lot of unintended consequences.
The Australian Competition and Consumer Commission (ACCC) has stirred up debate after it released its latest Digital Platform Services Inquiry report last week.
They found that the average privacy policy - the things that flash up on our screens which we quickly ignore by clicking "accept" - takes about 29 minutes to read.
If you add them all up, the ACCC reckons it would take up to 46 hours for the average punter to read through every privacy policy they receive each year.
Nobody does that.
Does it matter?
The ACCC reckons it does.
They warn that these privacy policies often contain broad terms that allow companies to sell people's data to third parties.
Reading the privacy policy doesn't mean you can stop the sale of your data, but the ACCC argues that it's impossible to argue there is informed consent if nobody is reading these things.
Makes sense. But is selling data to third parties a problem?
Consider these points.
The reason the government couldn't means test the $300 energy bill relief that went to rich households as well as poor households was because of a lack of data.
A key reason why we had lockdowns during COVID was that our contact tracing was too weak because of a lack of data.
The reason the JobKeeper payment went to so many companies that didn't need it was because of a lack of data.
The reason dodgy companies can rip off consumers, phoenix and re- emerge later under a new name is because of a lack of data.
A key reason we can't do more to support the LGBT community, support vulnerable youth and do more to defeat domestic violence is because of a lack of data.
As the old saying goes, if you can't measure it, you can't manage it.
The reality is that every problem we face as a society could be more easily solved if we had more data.
Every policy implemented by government could be improved if we had more data.
Every policymaker in the country would be more accountable if we had more data.
The good news is that, as a country, we have lots of data. The bad news is that the best data isn't held by the best people: the people who can do the most with data often aren't the people who have the data.
This is why selling data to third parties becomes necessary.
Banks, for example, could use transaction data to measure how effective government policies are in real time: everything from welfare payments to instant asset write-offs.
But banks are busy being banks. They have no incentive to use this data to scrutinise government policy.
Data from GPs, hospitals - even dating apps - could help predict where health problems will emerge and better target resources, but the data is again tied up in organisations that are busy with their day jobs.
Location data from our mobile phones, cars and smart devices could revolutionise our policies on infrastructure, climate change and emergency services. But, alas, it often sits unused.
These are the benefits we risk losing if we ban the sale of data to third parties.
How do we square these benefits with the need to protect privacy?
First, it's worth noting that the data breaches we read about in the news have nothing to do with the sale of data to third parties. That's just good old-fashioned stuff ups by companies who don't properly protect your data.
The reason we are seeing high-profile data leaks is not because data are dangerous. It's because we are not taking data safety protocols seriously.
Weak corporate governance is to blame, not data.
What we need is a regulatory framework that allows us to reap the benefits of data while protecting privacy.
Luckily, we've got one. The Australian Bureau of Statistics' "five safes" protocol uses safe people, safe projects, safe settings, safe data and safe output.
READ MORE:
Data is anonymised. Nobody can be identified. It can only be accessed by those who have received training and have been approved to access the data.
Seeking to identify an individual or company can result in jail time.
It's a framework that has proved effective. It shows that we can manage risks without killing the golden goose. It's a framework that should be more widely adopted.
Trying to eliminate data risks is impossible, and harmful. Our focus should be on how to manage those risks to maximise the benefits.
Mathematician, Clive Humby, said "data is a new oil". He's right. The current and future waves of technological change are fueled by data.
If we want our children to have a higher standard of living than what we enjoyed, we need to lift productivity growth. One way or another, this will come from data.
In the end, a lack of data doesn't make you safer. It just makes you blind to what's happening.
- Adam Triggs is a partner at the economics advisory firm, Mandala, and a visiting fellow at the ANU Crawford School and a non-resident fellow at the Brookings Institution.