offkey

Setting the stage

Privacy was dead: to begin with. There is no doubt whatever about that. I have spent the last year talking with people about privacy and reading about what it looks like in our new network-connected world and everyone agrees: privacy is dead and it was the birth of our information society that killed it.

At some point in the last 20 years computers spread far enough through society that they transformed how we live our lives. Not only could we telecommute and access unimaginable amounts of information through the air while sitting at a local coffee shop, but all the little bits of information we generate by going through our daily lives, all the little things that happen but we never write down, like what streets we walk down, what news articles we read, or what products we look at while in the store, all those little bits started getting recorded for the first time in history. When that happened, privacy died and we all became subjects for sociological study.

Whether it is Facebook trying to figure out your sexual orientation from the activity in your social network, online dating sites trying to map the decision matrix behind whether you will talk to, sleep with, or date particular people, or Google trying to burrow ever farther into your brain so they can better sell you things in the margins of all your daily activities, whatever the particulars, your information is out there and available for study.

Privacy died; everyone agrees about that. But that is where the agreement stops. What does it mean that more information is being recorded about you today than the Stazi were ever able to record about the citizens of East Germany? What does it mean that this information is being recorded by private companies and governments alike? Or that the pieces of information you manage not to share can increasingly be inferred by analyzing the mountain of information that everyone else around you has given over? How does all of this affect your right to a fair trial, or to organize politically, the confidentiality of your medical records, or your ability to receive goods and services as an equal member of society? There is no agreement about the answers to these questions, nor is there generally even discussion of them. Instead most discussions about digital privacy assume the only challenges we face in a networked society are financial fraud and junk mail.

Life without

Part of the reason we never discuss the more complicated structural and social issues involved with privacy is that we have poor instincts for these issues and they reliably lead us to poor conclusions. Consider this example.

In 2005 it became public that the US government had been collecting call records for almost everyone in the country. This caused some outrage. What it did not cause was the kind of outrage that occurred when it was made public in 1971 that the FBI had been following and profiling non-violent political organizers and public figures. Part of the reason for that is that times have changed and people’s expectations for government have changed with them, but part of it is because of how the information gathering was done. In the 1970’s the FBI had to actually follow people to find out where they were going, they had to actually infiltrate the political groups and sit in on their meetings to find out what was going on. In 2005, the NSA could plug directly into the phone company’s central line and get everyone’s records from afar.

Imagine if it had happened differently. What if, instead of going to the phone company the NSA had installed a device in your phone that records every key you press, the length of every call you make and who the call is with and then bundles that information back to a regional NSA building where it is collated with the records from identical devices in the phones of your friends, business partners, and loved ones. Imagine that rather than tapping a central fiber optic cable, the NSA conspired with each local wireless store to install these devices in all our phones, sell those phones to us, and bill us monthly for using the phones.

Can you imagine the headlines when people opened their phones and found listening devices inside, when they learned that the smiling salesperson that recommended them a new phone had installed the listening device in it first? It would have been a firestorm that cut across all segments of the political spectrum. Yet the information collected in this fictitious example is the same as was actually collected by the NSA, exactly the same.

Action at a distance

Information about us used to follow us very closely, physically. Someone knew what you were reading at the coffee shop only if they were standing behind you in the shop. Today the material you’re reading is stored on a website’s server somewhere else in the world and no one has to be standing behind you to tell what you’re reading there, everyone from the website operator, people selling ads on the website, the site’s ISP, the coffee shop’s wireless router, the coffee shop’s ISP, and, most likely, anyone else on the same wireless network, can tell that. But we don’t yet feel intruded upon by the distant watching of our activities. We’re still looking behind ourselves to see if anyone is watching.

This is a dangerous situation. The sense of feeling intruded upon is as important to our lives as social beings as the sense of pain is to our physical lives. Losing this important feedback mechanism has larger repercussions than whether you can make secure financial transactions, just as nakedness has more repercussions than being cold in the winter. Our biggest privacy problem at the moment is not a particular piece of software or changing social norm but that the technology has left behind the instincts we rely on for feeling the wind on our skins and knowing that we are exposed.

The few people with a better understanding of our current reality, the data aggregators, the service builders, spend all their time exploiting our failed instincts by selling us one-sided tools: practices and services that make our lives transparent to them without ever alerting us to how thoroughly we are being studied. We need to take a hard look at what society looks like when some people have that kind of power to strip away the outer layers of our lives. If we miss out on our chance to do so now, as we choose and shape the communication tools of tomorrow, we will end up more than just cold.

If it never occurred to you that how you interact with computers might impact your ability to get a fair trial or choose your political representatives, keep reading. In the next few posts we’ll look at those issues and some ideas for alternative tools to help us control our own communications without turning our lives into a currency for digital power brokers in the process.

Last Friday morning I sat down at my computer and tried to answer a simple question: whether I needed to move the car that day. On a normal Friday the answer would have been “Yes”, but last Friday there was a light coat of snow over the city that I hoped would bring a snow day from the street cleaning regulations. I ended up disappointed, not because the rules were in effect, they had been suspended hours before, but because the government sites hosting that information (DoT’s site and NYC’s 311 site) were not updated so I ended up with no better information at the end of my search than when I started.

Instead of putting snow day suspensions on the Department of Transportation’s official website, the DoT sent the announcement via twitter, an external, closed, data feed service, though admittedly one with many users. So, rather than using smart tools that could send out twitter feeds and update the official site as part of the same action, or using simple tools like the official website, which would let more capable tools like civx process the information into whatever formats you want, the DoT did the digital equivalent of announcing the news at church and assuming all the relevant people would be there.

Twitter is a closed community with membership and the technology of communication controlled by one company. What bothers me is not that the government went into that system to spread public information; I think we should spread public information wherever the public is, which is why in 2008 I advocated running “get out the vote” drives in World of Warcraft, an online video game much more closed off than twitter. What bothers me is that a single, closed, tool has taken the place of meaningful change in how government communicates with citizens.

Spreading time-sensitive information like parking rule suspension or weather-related school closings using a live feed is a great idea. We should do more information sharing like that but we shouldn’t be doing it only in closed communities and only using closed tools. We should not abandon the simple tools like department websites or the open tools like RSS in an attempt to follow users down whatever latest rabbit hole of closed communication tools it is that they’re using today. And if the tools our government has for publishing information aren’t as capable at distributing that information as twitter, then our government needs new tools, not just twitter accounts.

If you are curious about how I spend my time, as I know handfuls of people on earth are, here is today’s answer: Bkrpr Blog – Paperback testing begins in earnest.

The longer answer is that it is a device I’ve been working on since the summer to more easily convert my paper books into a digital form. I’ve had test hardware working for a number of months but things were going pretty slowly until James decided to build some image processing scripts to accompany the effort. Those scripts became a fully fledged python application around the end of the year, and we’ve since begun documenting the project in earnest.

The bkrpr wiki has all the relevant links, and a nice front page YouTube video of the device in use. Or a very poor YouTube video of the inside of my room, depending on how you look at it.

If you’re curious to check it out, take a look at the site, or grab the processed test pages online or in pdf.

Shortly before christmas last year I had an experience with the internet that left me speechless. The actual effects, besides possibly this blog post, aren’t exactly negative, but the implications of it, and the incredible ease with which it happened, left me a little stunned.

To put it simply, my past caught up to me. A friend, who I had trouble even recognizing at first, friended me on facebook. This one connection was enough to fill my notification streams with the faces of people I hadn’t seen since childhood and pictures I was in before I knew how to read, let alone had heard of something called the “Information superhighway”. My newly rediscovered friend was one of a small handful that I had actually gone to school with continually from Elementary school through High School. Growing up in the NYC School system, that was natural. Equally natural to me was losing touch with most of the other kids as we moved up and between different schools. But now, by reconnecting to a single relationship that ran all the way back in school, I was around them again. Curious, I dove into the stream of new profiles.

What I found was part photo album and part class reunion. Old friends were getting back together, talking about old times and updating each other about all the new things happening in everyone’s lives. Old pictures were scanned and reminisced about, any relationship status of “married” received obligatory public comments of impressed congratulation, and a couple people threw up class photos from back in elementary school, tagging most of the names with either the person’s direct facebook link, or just their name if no one was yet connected to them. That is about when things started getting weird for me.

Something about seeing everyone’s picture streams mesh together Jr. High school, College, Elementary school, and wedding pictures side by side made me a little uneasy. Coincidentally, I had seen one of the posted class pictures a few weeks before while at my mother’s house for the holidays. Looking at the electronic version I realized that it had more people identified than I had been able to identify when trying on my own. On the first grade class picture I couldn’t even find my face without the tag someone put on it. In some ways, facebook knew these events from my life better than I did.

That’s when I realized that this was not just a class reunion or looking through an old photo alum, this was history rebuilding. The activity is much the same, you get together with your friends, talk about the old days and who we all used to be, but when it happens in a social networking site the result is very different. This time, when you reconstruct what happened way back when, it stays reconstructed. The more people that join in, adding details, fleshing out stories, agreeing and disagreeing about how things happened, the better the history becomes, until our childhood photos sit side by side with our wedding portraits in the public profile of our lives and arguments we have forgotten are summarized and immortalized on someone’s Wall.

I was stunned at the ease with which social networking tools allowed this kind of collaborative memory rebuilding to happen. If you had asked me two months ago how to go about getting in contact with my 3rd grade teacher, I would have stared at you blankly. Now, I would just go and reply to her facebook mail (I will soon Ms. Santiago! I just don’t like facebook mail). I almost dismissed the original friend request as SPAM, but the strength of our mutual connection to one of my/our Jr. High teachers made me stare at my friend’s picture until I could put an identity to the face.

If you are a big user of social networking tools you are unlikely to be shocked by anything I’ve said. Even as an arms-reach user I understand that this is simply the tool working as advertised, and I’ve always known that this kind of full-life documentation was possible. I’ve known that it was possible but I always thought of it as a problem for the next generation, the one that is growing up inside the social network right now as the only natives in a strange land. What I didn’t see, or didn’t let myself realize, is just how fast the network is filling in our lives behind us. To a large degree, the online reconstruction of our pasts is happening whether we participate or not.

My childhood happened before the internet, most of my life occurred before digital cameras became mainstream, and I managed to get out of college without anything that current social networking users would recognize as a profile. But the network is there with family and friends on it and the old connections can be re-connected as easily as new ones can be built. If I am going to have to live with this in my lifetime, without the experience or established social norms that would have come along with growing up with such a system, I want good tools and a deeper look at what kinds of things our society might have to change in order to keep up.

The whole experience greatly increased my interest in ideas for a free, and truly user-controlled, social network as well as in the book on privacy, the law, and networked society that I’m attempting to work with Eben on over the course of this semester. More on both later.

The incident

At the end of July a small PA lawsuit gained relatively wide coverage when Google, who was being sued, filed papers with the court that mentioned how satellite imaging impacts privacy. The story is interesting not because of what Google said, though that is what most stories focused on, but because of what it shows about the public sensitivity towards Google on matters of privacy.

Background

Back in the spring, a couple in Pittsburg sued Google for posting pictures of their home on the company’s Street View map of the area. They claimed that having a “private road” sign on the street made Google’s picture taking a “grossly reckless invasion on Plaintiffs’ seclusion” and that publishing them in the Street View map of the area caused them “mental suffering and diminished the value of their property,” for which they sought $25,000 in damages from Google, and the destruction of the pictures of the house.

While the “private road” sign might make you wonder whether the pictures should have been taken, the idea that taking them caused mental suffering and diminished the value of the house, or that $25k is somehow warranted to make amends, those just seem far fetched. The couple’s claims seem even worse once you find out that the county’s Office of Property Assessments already had a picture of the house on their own website, as well as a floor plan and details about the price the couple paid for the property, the age of the structure, and the size of the lot.

What Google said, in context

In their reply to the couple’s complaint Google points out that similar pictures of the house were already available on the internet. They also point out that the view of the house is not really private at all, being routinely viewable to the several other families on the road, delivery and salesmen, and other members of the community in the common course of going about their daily business. As additional evidence that no invasion of privacy occurred, Google cites the Restatement (Second) of Torts. The Restatement series are:

highly regarded distillations of common law. They are prepared by the American Law Institute (ALI), a prestigious organization comprising judges, professors, and lawyers. The ALI’s aim is to distill the “black letter law” from cases, to indicate a trend in common law, and, occasionally, to recommend what a rule of law should be. In essence, they restate existing common law into a series of principles or rules.

law.harvard.edu

In this case Google quotes a section dealing with the idea of complete privacy, saying:

[c]omplete privacy does not exist in this world except in a desert, and anyone who is not a hermit must expect and endure the ordinary incidents of the community life of which he [or she] is a part.

Which Google follows up by saying “Today’s satellite-image technology means that even in today’s desert, complete privacy does not exist” (Google’s filing), a single sentence to help bring the 1977 Restatement into line with our current realities.

Regardless of the comment’s brevity and the fact that Google’s point about satellite imaging is entirely correct, seeing Google state that “complete privacy does not exist” was enough to get people upset and talking about it. Even in the context of elaborating on a quote

Why?

Why did this sentence, or rather the second “no complete privacy” half that most of the coverage focused on, get people upset? Other people have said similar things, and in context it is clearly uncontroversial. But this time Google is saying it.

As a result of their success, Google has become something of a bag man for the information age. They know about the things you like, and the things you are curious about, and they probably know where the bodies are buried. So when they talk about the limits, or lack thereof, of modern information gathering, people get nervous. Even if what they say is obvious, or uncontroversial, or has been said many times by others. It is one of the reasons that bag men don’t talk much, though of course that just adds impact to the few things they do say.

They understand privacy better than we do

People are nervous because Google has them at a disadvantage. Our social sense of privacy is in a period of flux, still adapting to the rise of computers and the digital networking of information around them. The first half of making that adjustment is knowing just what information is currently being kept quiet and what information we are all broadcasting to each other. Google has a pretty good idea, most of us don’t. Though attempts have been made at documentation.

What should bother you

You don’t know

While the privacy implications of Street View are interesting to talk about, it is only a single instance of a larger problem. In the world before networking, we had photographs of every building in every city. Some few iconic pictures became famous and were accessible to a wide audience, but the majority remained in the hands of the original photographer or a small collection of people around the photographer. The change from that world to the world we are entering where all our pictures get networked, and overlayed, and geo-tagged, and are in general becoming available to anyone with an internet connection at any time, that change from isolated pockets of information to wide pools of networked information does just as much to change our expectations of privacy as the movement from small towns to cities.

The thing is, everyone who has moved from a small town to a city, or from a city to a small town, can tell you about the changes in privacy expectations that come with the move. Both ways of life are familiar enough that the trade-offs of space vs. anonymity are well understood and there are social coping mechanisms to help people adjust in either direction. But when I talk with people about the rapid networking of personal information online, about the power and knowledge of your life that you give to other people when you feed everything you do online through other people’s social networking sites and webmail, the changes are so new that there is no vocabulary, no set of examples with which to illustrate the new trade-offs.

It is hard to put your finger on…

Right now, it is hard to even talk about the social impacts of this networking, about the changes in power relationships between family, friends, businesses, and government because those relationships are still changing. Except for an increased risk of credit fraud and the still mention-worthy instances of people fired based on information from social networks, the larger social consequences of personal information networking have not yet started working through society. Because of this newness most of the public discussion of these issues is reactionary, like these pieces about the PA lawsuit. Over time we will move past reaction. Private records of presidential candidates will continue to be inappropriately accessed and large databases of personal information will continue to be lost by government and private industry alike, until it becomes clear just what kinds of new illicit behavior are made possible by all this new information.

In the meantime, I’m trying to work with my boss on a book that will explore how some of these changes can impact the historical social and power dynamics embodied in our legal system and government. Even if contextualizing the issues doesn’t give us a crystal ball to see how they will evolve over time, it should give us a better understanding of what the stakes are and structure some of the wild reactions, like these and other privacy stories about Google. Hopefully it will help the conversation.

Update:

Case dismissed

Looks like the case was dismissed because, among other things, “[t]he Plaintiffs have failed to plead — much less set out facts supporting — a plausible claim of entitlement to injunctive relief”. Not surprising.