Monday, 24 May 2010
Online privacy is not a myth, just do your homework and model human nature
A friend congratulated me after a recent talk I gave at Digital Surrey for being brave enough to talk and host a discussion about digital rights in a public forum. It's a big amorphous subject with no clear answers; a subject about which everyone (in the industry at least) seems to have a strong opinion on one or more of the sub-topics: privacy and data protection, rights management, censorship etc.
My talk was on rights management, namely copyright protection and the Digital Economy Act, however online privacy is perhaps a subject which carries far more emotive overtones. Like with censorship, there are unavoidable links with extremely difficult and sensitive subjects such as child protection. The "nothing to hide, nothing to fear" mantra is largely discredited, yet is often quoted without even a hint of irony.
A kind of Goodwin's Law for both privacy and internet censorship is that the discussion inevitably tends to the subject of child abuse. But please I beg that this unsavoury premise does not become known as Firth's Law! I'm probably not the first to make this parallel, and on the slim chance I am let's call it the law of disproportionate fear. Speak out against censorship and people inevitably scrabble to find an example of why censorship is sometimes OK. Argue for privacy rights and you can literally feel the question brewing, "what are you hiding?".
With that out of the way I can say I firmly believe privacy is as important today as it ever was, despite the internet and our love to share, be creative and show off. It's important despite our disproportionate fear that those who crave privacy are up to no good.
Think of an embarrassing story you wouldn't mind sharing with your friends, or even broadcasting on Twitter or Facebook. Your parents may or may not be following you on your social networks, but I'll bet most of us can find at least one example of a story they wouldn't mind sharing with friends down the pub but would be uncomfortable, mortified even, if our parents found out.
Article 8 of the European Convention on Human Rights provides the right to privacy in home and family life. It does so because it's widely acknowledged that privacy is an important side of human nature that we must respect. Breaching a person's privacy can severely upset that individual. Many victims of home burglaries speak of the anger they feel that someone has been through their private belongings. But what we each choose to cherish as private in our life differs from person to person, and from culture to culture.
Respecting an individual's privacy boils down to respecting that individual's choice. This is no different on the internet than in the real world, but the internet introduces some new concepts, particularly trust and complexity.
In the physical world we have a well established principle of "home life". There are things we chose to do behind closed doors despite the fact that doing the same thing in public would not be illegal. Obviously this preference varies from individual to individual.
One such common example is singing. I love to sing in the shower, but I'm embarrassed to be overheard - even by my wife! Yet I'm a bit of an extrovert, so there's no logic to my discomfort of making a "tune" in public - apart from being crap at singing. But so are many other people, yet they're happy to warble away down the karaoke every Tuesday.
Society has evolved over thousands of years to provide structures to accommodate human emotion in this area; to respect our choice over what we do in public and what we do in private. By and large we don't live in large communal halls without screens or doors to afford us a private space. Some communities do, through necessity or choice, but a far larger proportion of the population chose privacy.
Furthermore social norms reflect a strong respect for privacy. We don't like to intrude, we knock before entering, and we look away if we feel our presence may prove embarrassing.
Of course there is no absolute right to privacy. Society has evolved to remove some of our rights, e.g. for public officials and celebrities choosing to live in the public eye - an important concept, a safeguard to prevent abuse of power for those who have a strong influence on the lives of others. We also accept as a society our privacy might be invaded in the course of an investigation into a serious crime, although the definition of serious and the concept of private (e.g. contents of a mobile phone, home computer) are continually under review.
In contrast to the physical world, confusion reigns online. There are no absolutes, no givens. So some argue simply privacy is a myth. Well, it probably is - if you confuse privacy with traceability.
Almost everything is traceable back to an individual unless one undertakes concerted measures to avoid detection. Just like plotters throughout history, the people who really need privacy and to avoid traceability - the criminals - will find that privacy and non-traceability in one way or another.
And conversely the extroverts who crave publicity have in the internet found just that. Those who, self included, are not perturbed - excited, in fact - by broadcasting and sharing information and ideas in the public arena are making the most of the opportunity.
But what then for the masses, the ordinary folk who see this pervasive and useful tool but remain too confused or afraid to embrace its potential?
In some respects it's not possible to build the concept of a "home life" central to Article 8 of the ECHR on the internet due mainly to the issue of trust.
Your physical home is a domain under your control (exclusively, or jointly with those you chose to live with). Yet to build a private space on the internet over which you retain exclusive control is all but impossible. It can be done, should one host one's own service and use encryption for all external communications, but it remains largely impractical.
But we shouldn't just accept this as a fait acompli and declare, as many seem to be suggesting, that all information posted online is public, is "fair game". As humans, in Western culture at least, we choose to spend rather a lot of our free time indoors; in private. Internet services offering social experiences should take note and reflect this.
We must not let the internet, or at least the interactive aspect of the internet in social media, become the sole preserve of the extroverts comfortable with living their entire lives in public and sharing their thoughts with absolute strangers.
I happen to love this aspect of the internet, hence why I write a blog and tweet. Over the years I've participated in numerous public mailing lists. I think ultimately the "extreme sharing" principle will be an incredibly positive force in our evolution. It's already providing a rich data source that new applications are already tapping.
But this is a personal choice and we should not overlook the majority who want to exert closer control over their online image, the information they chose to share and the people they chose to share it with.
When such delicate psychological issues exist we must model software on society rather than expecting society to embrace our software. What we absolutely must not do is attempt to force society to comply with revenue models heavily reliant on exploiting the value of private data.
Service providers and ISPs must accept that they are custodians of our data, not owners. These companies must provide a foundation of trust on which people are able to build a digital home life.
Without this trust its clear that a digital equivalent of a home life cannot be built, and online privacy will indeed become a myth. I hope that governments will act under Article 8 of the ECHR to ensure that ISPs and service providers contribute the building blocks - trusted communications and protected data storage - to allow a private digital home life to be built and function.
Once trust is established, a simple privacy model also needs to be defined. A model whereby individuals can make a clear choice for any given online activity of where the activity is to be performed: in public, or in private. Two choices, the former having a presumed right of access (e.g. being photographed walking down the street) and the latter where no right of access, by anyone, can be presumed; behind closed and locked doors.
I'm not just defining how "friends" or "followers" can access information; the concept runs far deeper. Information which the owner has deemed private for whatever reason should be protected from advertisers, even staff working for the service provider. It should be encrypted in "the cloud" - all necessary steps should be taken to prevent accidental disclosure. Systems must be designed with privacy in mind. Law enforcement officials should not have access to private data without a warrant. Private data should be treated in all cases as if it was locked inside a private residence.
And critically it is up to the individual and no-one else to decide what class (public or private) each piece of information belongs. Information commissioners for various governments have struggled to define the concept of "personally identifiable information" for the purposes of data protection legislation. This definition is largely unnecessary in a model which respects consumer choice. It is up to the information owner to decide whether any given piece of data is public or private.
That's not to say that private activities can't be shared, but the owner remains in full control; they send the invites, and act as doorman able to chuck out guests at any point.
Of course the nature of the internet introduces new problems or complexities that don't exist or are far easier to handle in the physical world. Will your guests misbehave by capturing and re-broadcasting in public your private performances? Such problems still need to be addressed by society, but social norms will be established, just like one knocks on a door before entering and doesn't film at a friend's house without permission.
If and only if the data owner remains in full control of the guest list can such problems be addressed. Guests will not want to jeopardise a friendship from anti-social behaviour. Once the data owner loses control of the guest list - keys to his or her digital home - the concept collapses.
Ultimately it's up to us as a society to choose whether we want to endorse the concept of a digital home life and consequently make available the necessary building blocks in terms of trust structures and, where needed, legislation to support them.
I see a clear business opportunity for any organisation wanting to put the individual back in control of the personal data they chose to share. I'm optimistic that government intervention needed is minimal, namely to define when and how law enforcement can access one's digital home and extending the existing principles of data protection so that there's a clear commercial incentive to ensure custodians of our data act resposibly at all times.
I don't see an end to profiling of individuals by advertisers nor do I believe that returning control of personal data to the owner will be a death-knell for exciting new services which rely on personal information being shared. I think over time individuals will become more comfortable living more of their life in public, just as we're now far less squeamish dealing with issues of sex, race or disability on prime-time TV.
There's a clear danger in rushing to persuade people to adopt a more public private life. Many will resist this change, and the backlash could stymie adoption and extend the normalisation period - the time society needs to adopt and adapt.
Advertisers will be free to build behavioural models on the data we chose to make public, and I predict the public proportion will increase over time. There may still be restrictions imposed on analysing even public activities to prevent exploitation. After all whilst it's not illegal to take a picture of a random stranger in public, it is not usually acceptable to exploit this person's image, e.g. to endorse a product or service, without clear permission.
Only by returning control of data back to the owner will we encourage those who currently don't feel comfortable sharing any information online to use these services and find their comfort zone at their own pace.
Posted by Unknown at 17:54