offkey

Aaron Williamson, one of my friends and colleagues at the SFLC, put up a great piece yesterday running through the various panoptic services that google offers. It is well put and worth reading in full. Unfortunately, Aaron’s site requires registration in order to leave comments so I’m going to respond here instead and let Planet NYC’s feed pull together the discussion.

Aaron makes reference to a couple of points that are key, both in critiquing Google’s specific practices, and in picking up the discussion from last time.

The first, Paul Ohm’s piece “Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization “, does the same thing to the field of information sharing that an expose that condoms don’t work at stopping STDs would do to the field of Sexual health medicine.

Professor Ohm documents the field of “Information reidentification”, and that field’s success in countering so called “anonymization” techniques used to remove the personally identifying bits of information (name, address, SSN, etc.) from things like your medical history or web search history before releasing that information to the public.

In a nutshell, “anonymization” is really just obfuscation; the data we are collecting about people is so rich and precise that we can take supposedly anonymous records and fill in all the missing information by fitting the record into all the rest of what we know. This should be a basic piece in discussions of our digital lives and public policy, but it has gotten almost no coverage since the initial publication.

The second point I want to talk about is that this is not about Google. This is not personal. It is not fueled by some thought-less hatred. We talk about Google and Facebook in these discussions, just as we talk about Apple in discussions of closed vs. free software, not because we have fanboyish love for a different team but because they are the most successful at popularizing practices we are concerned about.

This is a structural critique, just as arguing that banks shouldn’t be allowed to gamble with other people’s money is a structural critique. If you want to talk about whether particular organizations, whether that is Goldman Sachs or Facebook have been malfeasant, or behaved with a lack of respect for the interests of their customers, that is a different discussion.

I spent a year trying to write these posts around the theme of “Towards a Free Facebook” before realizing that the biggest problem with Facebook is how much they have popularized unsafe data systems. That’s what this is actually about.

Setting the stage

Privacy was dead: to begin with. There is no doubt whatever about that. I have spent the last year talking with people about privacy and reading about what it looks like in our new network-connected world and everyone agrees: privacy is dead and it was the birth of our information society that killed it.

At some point in the last 20 years computers spread far enough through society that they transformed how we live our lives. Not only could we telecommute and access unimaginable amounts of information through the air while sitting at a local coffee shop, but all the little bits of information we generate by going through our daily lives, all the little things that happen but we never write down, like what streets we walk down, what news articles we read, or what products we look at while in the store, all those little bits started getting recorded for the first time in history. When that happened, privacy died and we all became subjects for sociological study.

Whether it is Facebook trying to figure out your sexual orientation from the activity in your social network, online dating sites trying to map the decision matrix behind whether you will talk to, sleep with, or date particular people, or Google trying to burrow ever farther into your brain so they can better sell you things in the margins of all your daily activities, whatever the particulars, your information is out there and available for study.

Privacy died; everyone agrees about that. But that is where the agreement stops. What does it mean that more information is being recorded about you today than the Stazi were ever able to record about the citizens of East Germany? What does it mean that this information is being recorded by private companies and governments alike? Or that the pieces of information you manage not to share can increasingly be inferred by analyzing the mountain of information that everyone else around you has given over? How does all of this affect your right to a fair trial, or to organize politically, the confidentiality of your medical records, or your ability to receive goods and services as an equal member of society? There is no agreement about the answers to these questions, nor is there generally even discussion of them. Instead most discussions about digital privacy assume the only challenges we face in a networked society are financial fraud and junk mail.

Life without

Part of the reason we never discuss the more complicated structural and social issues involved with privacy is that we have poor instincts for these issues and they reliably lead us to poor conclusions. Consider this example.

In 2005 it became public that the US government had been collecting call records for almost everyone in the country. This caused some outrage. What it did not cause was the kind of outrage that occurred when it was made public in 1971 that the FBI had been following and profiling non-violent political organizers and public figures. Part of the reason for that is that times have changed and people’s expectations for government have changed with them, but part of it is because of how the information gathering was done. In the 1970’s the FBI had to actually follow people to find out where they were going, they had to actually infiltrate the political groups and sit in on their meetings to find out what was going on. In 2005, the NSA could plug directly into the phone company’s central line and get everyone’s records from afar.

Imagine if it had happened differently. What if, instead of going to the phone company the NSA had installed a device in your phone that records every key you press, the length of every call you make and who the call is with and then bundles that information back to a regional NSA building where it is collated with the records from identical devices in the phones of your friends, business partners, and loved ones. Imagine that rather than tapping a central fiber optic cable, the NSA conspired with each local wireless store to install these devices in all our phones, sell those phones to us, and bill us monthly for using the phones.

Can you imagine the headlines when people opened their phones and found listening devices inside, when they learned that the smiling salesperson that recommended them a new phone had installed the listening device in it first? It would have been a firestorm that cut across all segments of the political spectrum. Yet the information collected in this fictitious example is the same as was actually collected by the NSA, exactly the same.

Action at a distance

Information about us used to follow us very closely, physically. Someone knew what you were reading at the coffee shop only if they were standing behind you in the shop. Today the material you’re reading is stored on a website’s server somewhere else in the world and no one has to be standing behind you to tell what you’re reading there, everyone from the website operator, people selling ads on the website, the site’s ISP, the coffee shop’s wireless router, the coffee shop’s ISP, and, most likely, anyone else on the same wireless network, can tell that. But we don’t yet feel intruded upon by the distant watching of our activities. We’re still looking behind ourselves to see if anyone is watching.

This is a dangerous situation. The sense of feeling intruded upon is as important to our lives as social beings as the sense of pain is to our physical lives. Losing this important feedback mechanism has larger repercussions than whether you can make secure financial transactions, just as nakedness has more repercussions than being cold in the winter. Our biggest privacy problem at the moment is not a particular piece of software or changing social norm but that the technology has left behind the instincts we rely on for feeling the wind on our skins and knowing that we are exposed.

The few people with a better understanding of our current reality, the data aggregators, the service builders, spend all their time exploiting our failed instincts by selling us one-sided tools: practices and services that make our lives transparent to them without ever alerting us to how thoroughly we are being studied. We need to take a hard look at what society looks like when some people have that kind of power to strip away the outer layers of our lives. If we miss out on our chance to do so now, as we choose and shape the communication tools of tomorrow, we will end up more than just cold.

If it never occurred to you that how you interact with computers might impact your ability to get a fair trial or choose your political representatives, keep reading. In the next few posts we’ll look at those issues and some ideas for alternative tools to help us control our own communications without turning our lives into a currency for digital power brokers in the process.