This is the best thing I've read of Bruce's in a while.
The huge amount of social change -- instituted by the companies in question and others -- would have been science fiction or fantasy just 20 years ago. We've never dumped the personal details of billions to each other like we are now. People can wave their hands around and say it's good, or that it's bad, but we simply don't know. We do know that it's big. One of the biggest changes mankind has had in social structure and it's just happening simply because most folks haven't thought through exactly what they're doing when they participate in various forms on the internet. It's free, so they think it must be harmless.
Ironically, we could end up taking an old slogan and changing it around it for new usage: "Freedom isn't free"
People can wave their hands around and say it's good, or that it's bad, but we simply don't know.
Hmm,
It's funny but if someone said to me, "hey we're going to do this experiment on people, it might hurt them and it might harm them, would you like us to it on you or would you rather watch while we do it on Bob here", you know, I'd say "do it on Bob if you must and I'll watch and see if seems like a good idea..."
It's not presented as an experiment, even though it could be described as such. It wasn't even constructed as an experiment. It was built to allow people to do something that they want to do, but the way that it happens and the scale at which it happens are things that no one really considers. Humans have a hard time grasping the scale of things once they reach a large enough size. Similar to things like the over-hunting of the American Bison or the over-fishing of various waters around the world. "There's tons of Bison on the open plains. It's impossible for humans to put a dent in their numbers! Why should I feel bad about killing so many."
In that sense, everything we do, especially when we produce something new, is an experiment since we rarely can predict many of the consequences. Most of the people responsible for the creation of the automobile, and most who bought the early ones, would probably have preferred to keep shoveling horse manure if they could have foreseen many of the social and cultural changes the auto has brought about.
However, I would posit that, for most people to be willing to experiment and to be ready to enjoy the process, there has to be a pretty strong limit to the downside.
Being put into a position where "hey, anything can happen to you" is probably only appealing to the very small, very entrepreneurial segment of the population.
Moreover, sharing all of your intimate details with the world is much more like the situation where you have a lot to lose and mostly likely only a small amount to gain - except if you're a celebrity.
I've actually taken time to think through my personal participation of the internet. I'm always cognizant of what information I'm exposing about myself with every post (including this one). I think one has to be if one wants to protect their own privacy.
These companies sure aren't going to protect your privacy for you. I think the answer is to be aware of what sort of information trail one leaves on a particular service, then to be aware of what information is given to that service.
I don't know if this will even help, only time will tell. But I do know that just sharing everything like the services prompt you to do probably won't end up being a good thing.
Online privacy controls are like DRM. They are both attempts to control what happens to information after giving someone else complete control over it.
"We may not mind sharing our personal lives and thoughts, but we want to control how, where and with whom. A privacy failure is a control failure."
Paraphrase: "We may not mind consumption of our music and movies, but we want to control how, where and with whom. A copy restriction failure is a control failure."
If a video can be decrypted for viewing, it can be decrypted for torrenting. If Facebook can show your messages to your friends, they can show them to advertisers.
Bruce suggests legislation, but I'm afraid it will be as futile as the DMCA.
There are crucial differences between online privacy controls and DRM in not only in what kinds of information are covered, but how, and who is limited. DRM is about technological controls weaved into the information itself, applicable to all its consumers. Online privacy controls are voluntary promises made by single actors, such as Facebook and its partners.
It would be more apt to compare Bruce Schneier's proposed privacy legislation to the original introduction of copyright law than to the DMCA. Right now basic privacy laws hardly exist (EU excepted), and in their place is a frontier of one-sided contracts that change at the discretion of the information recipients. It would be skipping a step or two to go straight to DMCA-like additional legislation to prop up technological controls that attempt to narrowly enforce the basic legislation, when we haven't even figured out what the basic legislation would be.
Another big difference is the asymmetry between the number of producers and recipients: privacy is about relatively few companies receiving data belonging to many people, while copyright is about many people receiving information from fewer authors. Among other effects, that would tend to make enforcement of privacy easier than copyright, since the potential lawbreakers would be both fewer and highly visible. Facebook breaking a law is a big deal, and therefore difficult even without any technological restrictions. (Of course, getting such a law passed would be another story, and comes down to whether privacy sufficiently captures the public's imagination.)
This is a very astute comparison, but the power relationships involved are so different that we may be able to treat the two situations differently. The DMCA fails in practice because the violators are millions of isolated individuals, and trying to stop them is like trying to carry water in a sieve. A comparable website privacy act would be trying to protect the individuals from the corporations, and corporations are bigger, are easier to hit, and have more to lose. So I think it's not necessarily as futile as the DMCA.
The crux of the whole internet privacy issue is this: will people be culturally conditioned to accept whatever privacy norm their society pushes on them, or is it ingrained in our nature to find only a certain level of privacy acceptable? It's your classic nature/nurture question.
keeping google and facebook's actions fully in the light is good (and stronger privacy laws would be great), but it continues to be rather intellectually dishonest to allude to that eric schmidt quote in this context.
actually I think the recent twitter subpoena business showed him to be exactly right. hopefully no one was stupid enough to be conducting wikileaks business via twitter DMs:
Q: People are treating Google like their most trusted friend. Should they be?
A: I think judgement matters… If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. But if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it’s important, for example that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities.
Go to an cafe with no camera, use TOR, HTTPS, etc. But.. the thing with search engine terms is this:
1) Look up civil rights movement topics
2) Look at porn
3) Type up names of people you know out of curiosity
4) Type your own name
5) Look up medical conditions
Each search term alone is pretty useless, but combine them all, there's a high likehood of search terms being associated to create a rudimentary profile on the fly.
Consider that the above is a pretty weak example, the better example would be hundreds if not thousands of search terms relating to stuff of interest. Search programming topics all the time? User is programmer. Looking up porn too? User is programmer and porn searcher. etc.
What it means? Google can return programming ads and porn ads which are highly relevant. The other issue is that if you accidentally put in certain pretty unique search terms, your profile becomes very unique. A friend who works at Google could read that you search porn often. Hence, privacy advocates are pretty concerned.
“Sir, calm down, please. No, I’m not looking at your searches,” the man said in a mocking whine. “That would be unconstitutional. We see only the ads that show up when you read your mail and do your searching. I have a brochure explaining it. I’ll give it to you when we’re through here.”
Schneier says the right to privacy is a right to control personal information. While that's true, it's only part of it, and it doesn't capture the fundamental problem of privacy. The fundamental problem is about those situations where you can look into your neighbor's back yard, but you decide not to do so. It's therefore more of a civil obligation. The corresponding right for the neighbor is to have the expectation of not being watched.
I think you'll agree that privacy is about not leaking personal informations in unwanted ways, period. "Control" sounds like an excellent fit. Now there are various means of control.
One of them would be the expectation you speak of. The goal stays the same though: I don't want my neighbour to know the size of my d---. I want to control who knows that.
Another mean would be trust. When I tell something private to a friend, I may trust her not to tell anyone else. I still want to control who knows that "something private".
Yet another is plain paying attention. If my backyard is visible from the outside, then someone may look inside accidentally. In that case, I cannot reasonably expect no one will see. Same thing with Facebook, only worse.
That's the point. We increasingly can't control the information about everything we do, but we trust and have the right that the neighbor who accidentally saw us does the right thing.
You seem to have given up on direct control. Wait for the FreedomBox, it ain't over.
One neighbour may do the right thing. But 10? 100? It would be good to be able to trust them all, but I see this as even less probable than recovering direct control.
The huge amount of social change -- instituted by the companies in question and others -- would have been science fiction or fantasy just 20 years ago. We've never dumped the personal details of billions to each other like we are now. People can wave their hands around and say it's good, or that it's bad, but we simply don't know. We do know that it's big. One of the biggest changes mankind has had in social structure and it's just happening simply because most folks haven't thought through exactly what they're doing when they participate in various forms on the internet. It's free, so they think it must be harmless.
Ironically, we could end up taking an old slogan and changing it around it for new usage: "Freedom isn't free"