FORTUNE – The public backlash against Dropbox for its decision to appoint former Secretary of State Condoleezza Rice to its company’s board of directors has ignited a fierce debate about a technology company’s role in mitigating government-led Internet surveillance. This is not the first time this subject has been in the spotlight and it raises some very interesting issues worth clarifying.
Outside of completely unplugging from the grid, there really is no way to avoid being a beacon of personal data for services that feed off of the minute details of your life. As an unintended side effect, unplugging may even make ourselves more conspicuous. After all, many of the top names on the National Security Agency’s suspect list are culled from the ranks of people who are habitually overcautious about leaving any trace. The year is 2014, and dissolving your digital footprint is no longer a practical option.
We live our lives online, and astronomical amounts of information are being collected from us daily — heart rates, hopes and dreams, what we had for breakfast — sometimes before we know that information ourselves. A daunting 2012 Carnegie Mellon University study revealed that an average user would need 76 work days to read through all of the privacy policies they confront in a year.
However, it’s too late for us to worry that companies might have access to our data. The truth is that they already do. These data goldmines will only continue to grow, but so too should our knowledge of the potential misuse of our private information. Consumers need to put aside their generic privacy concerns and instead redirect their attention toward ensuring increased education, accountability, and transparency.
During World War II and McCarthyism, personal information was routinely used to violate individual liberties to achieve specific political agendas. Today, if a company misuses personal data, the potential repercussions against that company would likely far outweigh any damage the individual might face. Just a few years ago, social networking service, Path, was under fire for storing users’ contact information without their permission. A developer first uncovered this security hole, and immediately ignited a PR storm with a single tweet. After intense backlash, the FTC fined Path $800,000, along with subjecting the company to 20 years of scrutiny. Despite fixing the problem and issuing a heartfelt apology, Path will forever be affected by this privacy invasion.
The Path debacle’s silver lining is that one outraged person was able to compel an entire company to change. Whistleblowers, whistle-tweeters, and anyone in between can now launch devastating PR nightmares with just a few keyboard strokes. For the first time since the dawn of the printing press, the pendulum of power has swung in favor of the individual.
Another example of the complex nature of privacy transgressions in this day and age is what happened to Google (GOOG) when it brought Germany Street View, which provides panoramic views of streets across the globe. German citizens are understandably sensitive to privacy issues, stemming from a painful history with government surveillance. Therefore, the public was outraged when Street View cars started photographing their homes, protesting to such an extent that they were soon given the ability to opt out and have their homes blurred. The story should have ended there.
Unfortunately, it was later revealed that Street View cars were also illegally collecting private data from Wi-Fi networks while they were driving through neighborhoods. A German privacy regulator fined Google 145,000 euros ($189,225), stating that it was “one of the biggest data protection rules violations known.” Google was certainly culpable for illicitly amassing this information, but did they deserve the backlash for bringing their technology to Germany in the first place? Google was both in the wrong and right, and many privacy issues also live in this murky area.
There’s a recurring theme that emerges when we look at threats of potential privacy infractions. Many users immediately put the blame on companies simply because they are using personal data to power a service — whether or not a transgression actually unfolded. This is not an effective solution to bolstering privacy protection. Users need to deflect their concerns about companies having access to sensitive information, and instead advocate for higher industry standards across the board.
Similarly, companies need to focus on preventing abuses from happening, educating their teams on the latest security threats, and releasing products with built-in privacy protections. Germany Street View should have automatically blurred out images of homes, and then allowed users to opt in if they wanted their information included.
Privacy-friendly features like Apple’s location alerts, which notify users when apps are collecting location information, need to be the norm, not the exception. The key to winning the privacy war is a mutual respect for the valuable data these services are built upon.
An informed public needs to ensure that personal data is handled responsibly by demanding that companies have the following protocols in place: 1) clear information on the way personal data is used (i.e. not buried in the Terms of Agreement), 2) a cohesive plan if a privacy infraction occurs, and 3) engineers that are up to speed on the latest security standards. If a company fails to acquiesce to these demands, then users must take a step back and balance their privacy concerns with the novelty and utility the service provides. By fighting for transparency and remaining vigilant, we can reap the benefits of the personal data economy — without ever having to take a step off the grid.
Timothy Tuttle is the founder & CEO of Expect Labs, a technology company that is building a platform to power a new generation of intelligent assistants. Tim started his career at the MIT Artificial Intelligence Lab, where he received his PhD.