On Privacy

Facebook's CEO, Mark Zuckerberg recently said that privacy is no longer a social norm, Google's Eric Schmidt has also said that if you want to do things online that you want to keep private, then you really shouldn't use online services such as Google, due to laws requiring identification and retention of data.

There are benefits to treating your privacy as a commodity.  The most obvious examples are the personalities that have achieved fame and riches through living their lives in a very public fashion, such as Paris Hilton or Kim Kardashian, but each and every one of us makes a decision to trade our privacy each time we go online, whether we do it knowingly or not.

I recently showed my Father in law how to use Picasa web-albums feature as a way that he could easily catalogue his photos from a trip, upload them to the web and then share them with people.  He was delighted and immediately started pestering his friends to view the web album, which of course involves creating a google account (if you want to restrict viewing to a group of people).  One of his friends refused, citing that he didn't want Google to know about his every move online.

This goes to show the difference between not caring about privacy online (my Father in law) and having enough knowledge to be scared but not enough to fully understand (his friend).  My Father in law knows in an abstract sense that google can track his activities, but he doesn't care.  He has made an implicit (and some would say uninformed) decision to trade some of his privacy for the additional features that Picasa gives him.   His friend doesn't want to share this information, and understands that an account is a tracking mechanism.  What he doesn't understand is that sites like google routinely issue web cookies which are almost as good at tracking people as an account when tied to server logs. Even if you don't sign up to google they will be storing information about you and your browsing habits.  It won't be as easy to pin the usage directly to you as in a person with a name, but it definitely can be, and is, done.  Google do this so that they can target adverts that are tailored to you to your screen, but that doesn't mean that the info can't be used for other means too.

In order to be completely private online, a user needs to go to extreme lengths, using cookie blocking software and IP anonymising routing.  If you do this however, many features that we have come to rely upon no longer work.  You can't browse online email.  You can't one-click share photos with friends, you can't use social networking sites.  Even if you could, there would no longer be any incentive for software giants to produce cool software for us to use, because they could no longer make money off us. The vast majority of us seem to be quite happy to make this trade.

If privacy becomes a commodity, then I would like to have control of that information.  I tend to agree with both Mark and Eric, and I am quite open on the internet, but I want to be able to control what information is used, and what isn't.  If my privacy is a commodity,  that means it has value, and I'd like to see whether I am getting value for privacy.  It is possible to envisage an architecture to the net whereby all personal information is stored locally, on a server that each of us controls, or encrypted on central servers in such a way that only people we allow can have access to that information.  In order for this to work, there would need to be legislation to enforce this separation, as there is cost associated with implementing things in this way.

And there's the problem.  There's no incentive for companies to give us privacy, or to give us control over our privacy, as it will loose them money.  There's no incentive for governments to give us control over privacy as they want to collect information on us too.  "The People" are unlikely to get thier shit together, as they are too easily distracted by the latest shiny product released by Google, or Yahoo or Facebook.   As a result I think we are doomed to a future where information is routinely collected on every aspect of our life.

This conversation has been going on for ages, and its good to see people were thinking about it decades ago.  Credit card companies have been constructing models of us consumers for years and years, based upon our purchasing history.  They then sell this information back to department stores and marketing companies.  A particularly good scenario surrounding how this could end up is played out as a side story in David Murasek's excellent novel Mind over Ship.  Its a sequel to Counting Heads, so you might like to read that first if you are interested.  Now that I think about it, there's also an interesting plot in there about the relative privacy of the rich/powerful vs the middle class.  In both novels the middle class is routinely scanned for information, and their personal AI's (called Mentars) are incapable of keeping the information gatherers out.  The rich have much better Mentars and as a result are able to navigate their way through life with relative anonymity (but of course the heroes undergo a lot more scrutiny because they are the focus of big events).  Perhaps that is our future...