Yeah, true. But after the whole Facebook debate, I think future social technology needs stronger privacy protection built-in. If the only option is to share with everybody, then I suppose that's a bit simplistic and probably not what people need/want.
> after the whole Facebook debate, I think future social technology needs stronger privacy protection built-in. If the only option is to share with everybody, then I suppose that's a bit simplistic and probably not what people need/want.
I think one of the big problems with Facebook and the like is the idea that things can be uploaded to the Web but remain "private". It's an insidious lie IMO, and is one reason I refused to go near it.
Any "revelations" about data brokers, (mis)use, breaches, etc. are just confirmations that the premise itself is flawed (from a user privacy perspective; I know it's a lucrative business proposition).
Attempting to build "privacy" into a decentralised publishing protocol seems to me like a bottomless rabbit hole without any real solution (a bit like DRM). It's perhaps an interesting question in terms of fundamental CS research, but AFAIK no practical implementations exist even in centralised systems, so it seems counterproductive to burden protocols with constraints that aren't actually possible to satisfy.
Even encrypted email only remains private if both parties keep it that way. Privacy can't be "imposed" by an author/"owner". Consider that even proprietary silos like Snapchat have spawned tools to automatically strip their "privacy" features ( e.g. https://drfone.wondershare.com/snapchat/snapchat-screenshot-... ). An open protocol which encourages third-party clients (both human-operated and bots) would be in a much worse situation.
So you are saying that since the recipient of an email can forward it to a third party, we should abolish the privacy aspect of email altogether, and make all emails public?
> So you are saying that since the recipient of an email can forward it to a third party, we should abolish the privacy aspect of email altogether, and make all emails public?
That's absolutely not what I said, and I can't see anything in what I wrote that could be sincerely interpreted into such a weak straw man:
- My only mention of email was descriptive ("Even encrypted email only remains private if both parties keep it that way") not prescriptive ("We should do XYZ")
- The only prescriptive remark I made was to avoid delaying/constraining protocols with requirements that are difficult/impossible to actually implement. I believe that 'private sharing', as found on social media sites, is an example of such an impossible requirement.
- At no point did I say that any existing technology should be "abolished"
Based on this, I'm going to assume that your comment was not made in good faith. Even then, what you say doesn't seem to make much sense. In particular:
- Emails are public. That's why sensitive information like passwords and financial credentials should never be sent via email, unless the email body is encrypted before sending. Email transports are only encrypted opportunistically (STARTTLS), and even if a client/server enforce their connections to be secured, the message may hop between subsequent relays through unencrypted channels before arriving at the recipient. These days there are alternative mechanisms which might provide more security, e.g. composing a message in a browser connected to gmail.com over HTTPS and sending it to another Gmail address, but (a) this isn't "private" since our plaintext is being shared with a third party (Google, who is mining it to profile us; this is also why Facebook's claims of "privacy" are a lie) and (b) it's unlikely that any email protocols or formats would actually be used in such a setting; Gmail/Exchange/etc. are more like self-contained messaging platforms, which interoperate with email.
- I don't understand what "abolish" would even mean, in the context of email. Encrypting emails, whether it's with GPG or pen + paper, is not something that any centralised authority can 'turn off'; it's purely at the whim of the users. If we include steganography as a "privacy aspect" then it's not even possible to know if it's being used or not.
