Sunday, September 9, 2007

Privacy - yearning for yesteryear

I've been reading with interest the Facebook privacy conversation between Doc Searls, danah boyd, Robert Scoble, David Weinberger, et al. It revolves around Facebook's decision to open user profiles to Google search. The arguments are mostly around opt-in vs the Facebook default settings that assume people want their information to be made public. From danah boyd:

It makes sense to attract those who want to be public, but how public can they go without affecting those who relish the closed-ness? For the most part, Facebook has been immune from privacy-related attacks from the Attorneys General and press. They've been toted as the "right" solution. Can people who want to be private live alongside those who want to be PUBLIC? How are boundaries going to be negotiated? It seems to me that this all comes back to context and context is really getting cloudy here. It seems to me that there might be two totally different sets of expectations emerging without an in-between solution. And I have a sneaking suspicion that the "solution" is to push people into accepting being public.

My heart is totally with danah. She's right. The problem is -- it's not going to happen. The day where we could expect privacy has gone the way of the newspaper, the recording industry, and the mom-and-pop grocery store. We're not going to turn back the clocks. Remember DRM? Where there is a will there is a way...

All of the "partial" privacy settings that people are asking for are positive, and yes setting them to public should be on an opt-in basis. That'll work to a certain extent against nuisance sorts of invasions of privacy. In reality, however, they're not enough, and they're nothing more than bandaids. If someone wants to get your private information they will. Even if someone isn't trying to get your information, some entity will do something stupid and expose it anyway; e.g. an employee taking your credit card and social security information home on their laptop.

I'm going to argue the best privacy solution is a total lack of privacy. That the solution to our concerns should come from seeking total transparency. If you don't want people to see something then don't put it on the World Wide Web and expect it to be private. You have complete control over this. Some stuff simply does not belong on the Internet. If you put it there you should assume that the whole world can see it.

On the other hand, you shouldn't also expect to consume people's private information anonymously either. This I believe is the solution to most of our privacy concerns. In a transparent world I should have the ability to see who is looking at my information. That should be true everywhere on the Internet. I would like my Google Analytics capabilities to be extended to every location where I post content. If you're looking at photos of my children on Flickr I should be able to see that. If you're hanging on my every Twitter post -- I should know that too. Transparency needs to be a two-way street. We need our social networking sites to open-up and allow us to embed tracking scripts on our personal pages.

What's good for the goose... If people know we can watch them watching us they will be far less likely to wander in with spurious intent. It's just like Neighborhood Watch for the Internet.


DebC said...

I don't disagree with the 'if you don't want people to know it don't put it on the Internet'. However, that's not as easy a choice as it sounds when choosing not to put [whatever] on the Internet means you're opting out of, say, an entire social network or focused discussion with your classmates, or connections with your peers.

But the biggest problem that I see is that transparency only works if all participants have equal power. And that, we know is not the case. We have models for situations where everyone knows everyone else's business and doesn't act on it--villages, small rural towns. We also know such places are far from perfect and, in fact, when they break down often do because of power differentials.

And even then, those (small town people) are people that you have to stand face to face to, not someone you never met possibly in another country. It's much easier to do harm to someone you've never met and never will. It's easy to make unfair employment decisions about people because you know a little about one person and a lot about the other, but what you actually don't know about either of them is how well they'll do the job you're hiring for.

I don't have a solution to this because there's lots of incentives to 'live' a part of one's life on line. But we can't make a world where we all have to spend at least part of our life on line and then say 'oh, too bad, people found out something you didn't want them to know' as if it's an individual problem when it's actually a societal one.

Kevin Gamble said...

I agree completely, and it does make me sad. Where the Internet has the potential to make the world a smaller place and help to enlighten and inform, it can be used for evil as well.

There really isn't a best answer. I can't think of a win-win. At best it's just an accepting of reality. I think my whole point was that people shouldn't rely on technological solutions to protect themselves or their privacy. I think it could lead to a false sense of security, and possibly put people at greater risk. (Thinking out loud a bit.)

So if we can't guarantee privacy-- then I don't want the people who might yield their power in inappropriate ways to have any privacy either (not that I think they can, but I'd like to see the barriers removed sooner rather than later). I don't want the hypocrites of the world hiding behind their firewalls while everyone else is exposed.