Thoughts on privacy

In , opens with this sentence: “On any person who desires such queer prizes, New York will bestow the gift of loneliness and the gift of privacy.” Sixty-four years have passed since White wrote that, and it still makes perfect sense to me, hunched behind a desk in a back room of a Manhattan apartment.

That’s because privacy is mostly a settled issue in the physical world, and a grace of civilized life. Clothing, for example, is a privacy technology. So are walls, doors, windows and shades.

Private spaces in public settings are well understood in every healthy and mature culture. This is why no store on Main Street would plant a tracking beacon in the pants of a visiting customer, to report back on that customer’s activities — just so the store or some third party can “deliver” a better “experience” through advertising. Yet this kind of thing is beyond normative on the Web: it is a huge business.

Worse, the institution we look toward for protection from this kind of unwelcome surveillance — our government — spies on us too, and relies on private companies for help with activities that would be a crime if the  still meant what it says. ( more than two years ago.)

I see two reasons why privacy is now under extreme threat in the digital world — and the physical one too, as surveillance cameras bloom like flowers in public spaces, and as marketers and spooks together look toward the “Internet of Things” for ways to harvest an infinitude of personal data.

Reason #1

The was back-burnered when  (aka ) got baked into e-commerce in the late ’90s. In a single slide  summarizes what happened after that. It looks like this:

The History of E-commerce
1995: Invention of the cookie.
The end.

For a measure of how far we have drifted away from the early promise of networked life, re-read ‘s “Death From Above,” published in January 1995, and his “Declaration of the Independence of Cyberspace,” published one year later. The first argued against asymmetrical provisioning of the Net and the second expressed faith in the triumph of nerds over wannabe overlords.

Three years later  was no less utopian. While it is best known for its 95 Theses (which include “” and ““) its most encompassing clue came before of all those. Chris Locke wrote it, and here’s what it says, boldface, color and all:

if you only have time for one clue this year, this is the one to get…
we are not seats or eyeballs or end users or consumers. we are human beings and our reach exceeds your grasp. deal with it.

Note the first and second person voices, and the possessive case. Our reach was everybody’s. Your grasp was companies’.

Fourteen years later, companies have won. Our reach has not exceeded their grasp. In fact, their grasp is stronger than ever.

Another irony: the overlords are nerds too. And  they lord over what Bruce Schneier calls a feudal system:

Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether … for Facebook.

These vendors are becoming our feudal lords, and we are becoming their vassals. We might refuse to pledge allegiance to all of them – or to a particular one we don’t like. Or we can spread our allegiance around. But either way, it’s becoming increasingly difficult to not pledge allegiance to at least one of them.

Reason #2

We have loosed three things into the digital world that we (by which I mean everybody) do not yet fully comprehend, much less deal with (through policy, tech or whatever). Those are:

  1. Ubiquitous computing power. In the old days only the big guys had it. Now we all do.
  2. Ubiquitous Internet access. This puts us all at zero virtual distance from each other, at costs that also veer toward zero as well.
  3. Unlimited ability to observe, copy and store data, which is the blood and flesh of the entire networked world.

In tech, what can be done will be done, sooner or later, especially if it’s possible to do it in secret — and if it helps make money, fight a war or both. This is why we have bad acting on a massive scale: from click farms gaming the digital advertising business, to the NSA doing what we now know it does.

Last month I gave a keynote at an  event in New York. One of my topics was personal privacy, and how it might actually be good for the advertising business to respect it. Another speaker was , a “gentleman hacker” and CEO of WhiteOps, “an internet security company focused on the eradication of ad fraud.” He told of countless computers and browsers infected with bots committing click-fraud on a massive scale, mostly for Russian hackers shunting $billions from the flow of money down the online advertising river. The audience responded with polite applause. Privacy? Fraud? Why care? The money’s rolling in. Make hay while the power asymmetry shines.

Just today an executive with a giant company whose name we all know told me about visiting “click farms” in India, which he calls “just one example of fraud on a massive scale that nobody in the industry wants to talk about.” (Credit where due: the IAB wouldn’t have had us speaking there if its leaders didn’t care about the issues. But a .org by itself does not an industry make.)

Yet I’m not discouraged. In fact, I’m optimistic.

These last few months I’ve been visiting dozens of developers and policy folk from Europe to Australia, all grappling productively with privacy issues, working on the side of individuals, and doing their best to develop enlightened policy, products and services.

I can report that respect for privacy — the right to be left alone and to conceal what one wishes about one’s self and one’s data — is far more evolved elsewhere than it is in the U.S. So is recognition that individuals can do far more with their own data than can any big company (or organization) that has snarfed that data up. In some cases this respect takes the form of policy (e.g. the EU Data Protection Directive). In other cases it takes the form of advocacy, or of new businesses. In others it’s a combination of all of those and more.

Some examples:

 is a policy and code development movement led by Ann Cavoukian, the Information & Privacy Commissioner of Ontario. Many developers, enterprises and governments are now following her guidelines. (Which in turn leverage the work of Helen Nissenbaum.)

, the Fondation Internet Nouvelle Génération, is a think tank of leading French developers, scientists, academics and business folk, convened to guide digital transformation across many disciplines, anchored in respect for the individual and his or her full empowerment (including protection of privacy), and for collective action based on that respect.

 is a Fing project in which six large French companies — Orange, La Poste, Cap-Digital, Monoprix, Alcatel-Lucent and Societe Generale — are releasing to 300 customers personal data gathered about those customers, and inviting developers to help those customers do cool things on their own with that data.

The  in the UK is doing a similar thing, with twenty UK companies and thousands of customers.

Both Midata and Etalab in France are also working the government side, sharing with citizens data collected about them by government agencies. For more on the latter read Interview with Henri Verdier: Director of Etalab, Services of the French Prime Minister. Also see Open Data Institute and

In Australia,    and  are working on re-building markets from the customer side, starting with personal control and required respect for one’s privacy as a base principle.

In the U.S. and Europe, companies and open source development groups have been working on personal data “stores,” “lockers,” “vaults” and “clouds,” where individuals can harbor and use their own data in their own private ways. There is already an  and a language for “” and “pclouds” for everything you can name in the Internet of Things. I posted something recently at HBR about one implication for this. (Alas, it’s behind an annoying registration wall.)

On the legal front, Customer Commons is working with the  at the Berkman Center on terms and privacy requirements that individuals can assert in dealing with other entities in the world. This work dovetails with , the  and others.

I am also encouraged to see that the most popular browser add-ons and extensions are ones that block tracking, ads or both. AdblockPlus, Firefox’s Privowny and  are all in this game, and they are having real effects. In May 2012,  a 9.26% ad blocking rate in North America and Europe. Above that were Austria (22.5%), Hungary, Germany, Finland, Poland, Gibraltar, Estonia and France. The U.S. was just below that at 8.72%. The top blocking browser was Firefox (17.81%) and the bottom one was Explorer (3.86%). So it was no surprise to see Microsoft jump on the Do Not Track bandwagon with its latest browser version. In sum what we see here is the marketplace talking back to marketing, through developers whose first loyalties are to people.

(The above and many other companies are listed among developers here.)

More context: it’s still early. The Internet most of us know today is just eighteen years old. The PC is thirty-something. Pendulums swing. Tides come and go. Bubbles burst.

I can’t prove it, but I do believe we have passed Peak Surveillance. When Edward Snowden’s NSA revelations hit the fan in May, lots of people said the controversy would blow over. It hasn’t, and it won’t. Our frogs are not fully boiled, and we’re jumping out of the pot. New personal powers will be decentralized. And in cases where those powers are centralized, it will be in ways that are better aligned with individual and social power than the feudal systems of today. End-to-end principles are still there, and still apply.

Another reason for my optimism is metaphor, the main subject in the thread below. In , George Lakoff and Mark Johnson open with this assertion: The mind is inherently embodied. We think metaphorically, and our metaphorical frames arise from our bodily experience. Ideas, for example, may not be things in the physical sense, but we still talk of “forming,” “getting,” “catching” and “throwing out” ideas. Metaphorically, privacy is a possession. We speak of it in possessive terms, and as something valuable and important to protect — because this has been our experience with it for as long as we’ve had civilization.

Possession is “nine-tenths of the law” because it is nine-tenths of the three-year-old. She says “It’s mine!” because she has hands with thumbs that give her the power to grab. Possession begins with what we can hold.

There is also in our embodied nature a uniquely human capacity called indwelling. Through indwelling our senses extend outward through our clothes, our tools, our vehicles, enlarging the boundaries of what we do and experience in the physical world. When drivers speak of “my wheels” and pilots of “my wings,” it is because their senses dwell in those things as extensions of their bodies.

This relates to privacy through exclusion: my privacy is what only I have.

The clothes we wear are exclusively ours. We may wear them to express ourselves, but their first purpose is to protect and conceal what is only ours. This sense of exclusivity also expands outward, even though our data.

 “the Internet is a copy machine.” And it is. We send an email in a less literal sense than we copy it. Yet the most essential human experience is ambulation: movement. This is why we conceive life, and talk about it, in terms of travel, rather than in terms of biology. Birth is arrival, we say. Death is departure. Careers are paths. This is why, when we move data around, we expect its ownership to remain a private matter even if we’re not really moving any of it in the postal sense of a sending a letter.

The problem here is not that our bodily senses fail to respect the easily-copied nature of data on networks, but that we haven’t yet created social, technical and policy protocols for the digital world to match the ones we’ve long understood in the physical world. We still need to do that. As embodied beings, the physical world is not just our first home. It is the set of reference frames we will never shake off, because we can’t. And because we’ve had them for ten thousand years or more.

The evolutionary adaptation that needs to happen is within the digital world and how we govern it, not the physical one.

Our experience as healthy and mature human beings in the physical world is one of full agency over personal privacy. In building out our digital world — something we are still just beginning to do — we need to respect that agency. The biggest entities in the digital world don’t yet do that. But that doesn’t mean they can’t. Especially after we start leaving their castles in droves.

This entry was posted in Books, Business, Cluetrain, Future, history, Internet, Links, News, Past, Personal, Personal clouds, problems, Technology, VRM and tagged , , , , . Bookmark the permalink.

44 Responses to Thoughts on privacy

  1. Pingback: Thoughts on privacy | Dewayne-Net Archives

  2. Dang Doc, give yourself some time to think… and you come up with this… excellent.


  3. Seth Grimes says:

    You write: “No store on Main Street would plant a tracking beacon in the pants of a visiting customer, to report back on that customer’s activities — just so the store or some third party can “deliver” a better “experience” through advertising.”

    Yet stores are beginning to do almost exactly what you write. The difference is that the shopper has planted the beacon herself, or the store uses video. Check out “Attention, Shoppers: Store Is Tracking Your Cell” in the July 14, 2013 New York Times, .

    Retail-store video tracking began as a security measure and is expanding to encompass sales-optimization and customer-experience use cases.


    • Doc Searls says:

      Thanks, Seth. Indeed this is true.

      Stores have always had some measure of security against shoplifting and other offenses. When I worked as a department manager at Bambergers (now Macy’s) at the Garden State Plaza in New Jersey, many decades ago, there were plainclothes security people pretend-shopping on the floor and one-way glass below ceilings in some departments. As shoppers we’ve also been familiar with this, and not threatened by it.

      But today there is a mania around surveillance-based marketing, and it’s spreading to retail, just as the login-password virus (it is a bug, not a feature) spread from online to offline in the form of “loyalty” cards that require annoying authentication ceremonies at checkout counters. (I have a chapter on all this in The Intention Economy.)

      FWIW, I believe marketing jive about “customer experience optimization” is belied by the inconveniences imposed on customers by games and gimmicks that can only be fully justified inside their own echo chambers. Surveillance is among those gimmicks.

  4. Hi Doc,

    Very good post! Plenty of very good information and thinking. I agree with most of your post except one thing. I think we shouldn’t care anymore about people’s privacy.

    Let me explain me better.

    Privacy is not wanted anymore. There is a new generation of people that enjoy more and more sharing their lives, their moments, their thoughts, sharing their data with others. Pictures, events, jokes, videos, whatever. Privacy is an option. Not necessarily the best or the only one. It is an option that may be preferred by people like you and me, but not by many others, like the billions of facebook, twitter or gmail users that keep using these services even after knowing that their data is scrutinized and used for the benefit of the company that provides the service.

    Privacy is, nowadays, already impossible. As you said, in tech, what can be done will be done. And all this computing, networking and storage power is there to stay and keep on growing. It is there to be used and even to make money. That means that there will be more and more services around data, based on business models where data is a source of revenue and therefore trying to convince people to use them in exchange of people’s new oil. Cloud services, wearable computers, glasses, whatever. Data will be more and more present, valuable and therefore pursued and traded by companies.

    But if I said that I agree with you is because I think I share with you your worries and thoughts. Not about privacy though, but about data ownership. Privacy is a decision, a privilege that people may enjoy provided they have a precedent higher right, the ownership of the data they produce. And I share your worries because I think we are not owners of the data we produce.

    In my view data ownership is ensured if 3 conditions are met:
    1. People are aware of the data they produce. That means that people are informed for instance that there are dozens of companies monitoring the websites that they visit in order to infer their interests and propose them new products in the form of ads for example. It is a basic condition that most of the times is not even achieved
    2. People can control who they share data with. That means that they can decide to remain private or not. But again, privacy is an option as valid as the opposite one. By the way, I think that we are sometimes a bit optimistic when we put together data control and personal vaults. Control can be achieved by other means and vaults do not necessarily guarantee control either (some people even consider data vaults as a futile effort to grasp the wind…)
    3. People can set the terms under which they share their data with companies. That means that people can trade with their own data. Rent or sell part of it for a concrete period and purpose to a specific company in exchange of a benefit (service and/or money).

    To put a extreme case, in a “privacy rules” world, facebook and services alike that have been built around the value of people’s data would not exists anymore. That also applies for Amazon, Google, Twitter, etc.

    In a world where people (citizens) are true owners of the data they produce they can decide whether they use facebook or not (being sure that they don’t share any data “seamlessly”). But they can also decide when joining facebook if they do it for free in exchange of (some part of) their data or paying a monthly fee but being sure that their data is never used. Even more, people that produce more valuable data may even ask facebook a share of the revenues generated with it or even ask a fourth party to exploit that data and share it with facebook and the user.

    As I said at the beginning, I think we agree. I guess it is just a naming issue 😉 Great post!


  5. John Murray says:

    “….no store on Main Street would plant a tracking beacon in the pants of a visiting customer…”

    Well, maybe not Main Street, but certainly the pants manufacturer would – and does.


    This quote strikes me as particularly salient………..

    “In the future I think we’ll see most garments you buy with an RFID tag that will be put on in the factory, because then you will be getting the full benefits: full supply chain visibility, anti-counterfeiting and stocktaking that is even more efficient.”

    Er…. Yes, and lots of after-sales tracking opportunities as well!


  6. Two weeks after the PRISM revelations implicated Google, almost out of nowhere came Camlistore putting privacy back into personal storage system for life. To feel the pendulum swinging back watch this thriving project

  7. Big data foster totalitarian behaviour of States and smoe companies.

    Like the atom bomb power sometimes mankind should refrain from using potential. I think bij data is one example and even more dangerous as it seems in the beginning so convenient.

    Read Eric Fromm , Karl Popper and others. Indeed, there are almost no structures to manage this development.

  8. Pingback: Doc Searls Weblog · Thoughts on privacy | Dan Siemon

  9. Pingback: Links – September 1, 2013

  10. Pingback: Doc Searls pondering surveillance and privacy

  11. Doc Searls says:

    Marcos, thanks for the long comment.

    I’m with you on data ownership, even respecting the easily copy-able nature of data itself. In geek circles one sometimes hears “you own your own words,” and similar statements that respect the origins of words, thoughts, ideas and intentions.

    I disagree on privacy. Saying people don’t want it is way too broad a statement, and I believe wrong to some degree. My colleague Danah Boyd has done extensive research establishing that many young people care deeply about their privacy, and use creative means for assuring it (in settings such as Facebook where it isn’t easy).

    Also, what we have today is not the end-state of digital life. We live in a very early time when we’re all walking around naked. We want and need clothes, and we will have them, sooner or later.

  12. Dave Rogers says:

    Hi Doc. Well written piece. For the first third, I thought you’d had an epiphany and I would find myself in the unusual position of agreeing with you; but alas, no.

    As Dave Winer says (quoting The Grateful Dead), “it’s even worse than it appears.”

    We won’t be leaving the feudal castles in droves. There’s no place else to go.

    Or, let us say, the feudal castle is not the one you’re thinking about with respect to countries and companies seeking data for the purposes of control.

    The game has to change. Markets are not conversations. That’s the problem. We’ve become seduced by economic life and its material rewards, and we’ve become almost completely, utterly oblivious to any other notion of “life.”

    Commerce. Capitalism. Zero-sum competition. Darwin’s (I know, not what he said) “survival of the fittest” and capitalism, the Industrial Revolution, steam, electricity, internal combustion, all the advances of science and technology that facilitated the creation of material “wealth,” and a “scientific” rationalization for its existence (economics), have created a bubble that has burst and surpassed the bubble of individual liberty and enlightenment briefly experienced in the late 18th and early 19th centuries.

    Life is now “making a living.” Participating in an economic civilization where the rules are set by entities whose lifespans, while not eternal, far exceed our own. And those entities are growing smarter. They’re learning organisms. And their learning rates are growing exponentially now with the streams of data available to them. We cannot compete with them at their game.

    The game has to change.

    You keep trying to reform commerce. It’s wrong. Any effort there will merely be co-opted, subverted, and ultimately used to advance the very things it was intended to retard. “Markets are conversations.” Really? How’d that turn out?

    Yes, there must be some mechanism for the apportionment of resources. I don’t know what the alternative should be. But there can be an alternative. There must be. Or we’re looking at something like one of the scenarios in The Cloud Atlas.

    We have sewage treatment plants because they provide an essential public good. You don’t have a “conversation” with your sewage treatment plant, do you? Is there some “relationship” you feel you wish to “manage” with public sanitation?

    There are some models for how material things can be accomplished without necessarily embracing commerce and commercial culture. Unfortunately, all their narratives are about failure, and the commercial culture will ensure that those are the only narratives that will be permitted in the commercial commons.

    Commerce is great at competition. It out-competed Whitman, Emerson, Thoreau. And the hippies, the privileged generation that kind of reverberated a distant echo of those guys.

    Somehow, we have got to change the game. We have to get away from economic life as the dominant paradigm, the prevailing narrative.

    Making brave essays about end-to-end technology allowing us to leave the castles is just whistling past the graveyard. It’s just another aspect of the same problem.

    The answer here isn’t a technological one. It doesn’t require technology to “empower” it or us.

    The answer has to be hearts and minds open to alternative ideas of what is “a good life.” Not fighting with the technological giants, government and commerce; but ignoring them and creating good lives, as much as possible, without them. Fighting with them only serves them. You become part of their narrative. An “enemy,” a “competitor.”

    “The master does not contend.”

    “The only way to win is not to play the game.” (There’s an 80s tech reference for you.)

    I think we’re in for centuries of commercial “dark ages.” Assuming we can survive global climate change. The technology you celebrate as liberating has only served to empower the worst parts of us and utterly cement its advantage.

    Fortunately, worrying about such things isn’t necessarily part of making “a good life.” Qué sera, sera. But I figured I’d speak up one more time and try to tell you that you’re barking up the wrong tree.

    Best wishes.

  13. Pingback: Have We Passed Peak Surveillance? - Feld Thoughts

  14. Randell Jesup says:

    “This is why no store on Main Street would plant a tracking beacon in the pants of a visiting customer, to report back on that customer’s activities — just so the store or some third party can “deliver” a better “experience” through advertising.”

    People have been working on this for a decade: I remember seeing trials of supermarket touchscreens on shopping carts that would alert you to sales, etc as you walked around the store. They failed because of expense (this was over a decade ago I think) and lack of a good system for monetizing them.

    So while many of the points here are relevant, this one is demonstratably wrong.

    With free wifi being offered in many stores and store-based apps, one should assume that eventually (if not already) stores will use those to track your location within the store. (Wifi could triangulate you, and trivially localize you to a hotspot, and apps could enhance that, especially if they coordinated with the hotspots, as well as serving to present you with ads – and this will be marketed as a service to the customer.)

    • Doc Searls says:

      Randell, it’s actually been more than a decade. And I don’t disagree with you. One of my points in this post is that the rise of bad acting offline followed the lead of bad acting online. From The Intention Economy:

      Some viruses can move from one species to another. Rabies, swine flu and HIV are three examples. The name for this transfer is zoonosis.

      The same thing can happen with marketplaces, where both good and bad ideas can “go viral.” In the last decade and a half, we’ve seen zoonosis happening between the commercial Web and the brick and mortar world, as new ideas for capturing customers have moved virally from the former to the latter.

      Capturing customers has always been a fantasy of vendors in any case, so the offline marketplace was ready to listen to the virtual voice that said something like, “Hey, forcing people to become voluntary slaves to websites seems like a good idea; and consumers don’t seem to mind logging in all over the place, rather than just showing up. So let’s coerce loyalty by making our customers carry around cards and key tags. We’ll post discount prices just for card-carrying customers, and overcharge everybody else for the same stuff. We can track customers and their purchases by the data we gather, increase their switching costs, and personalize our promotions.”

      Spying on customers is of the same breed. Again, as I said, what can be done will be done. The difference between main street and online is that bad manners are much more easily seen and exposed on main street.

  15. Doc Searls says:

    Hi, Dave, and thanks for weighing in.

    The choice we all have is to do nothing or to do something. I’m doing something, and supporting others doing something. Those things are not all commercial, financial or technical.

    You’re right that we have nowhere to go when we leave the castles today — at least if we’re muggles, which most of us are, rather than geek wizards, many of which have found ways to survive and thrive outside castle walls. (And they’re not fully safe either, as we now know.) So we have to build those places. If it takes centuries, so be it. I expect it to take less, but I don’t know.

    What I do know is that work needs to be done.

  16. Dave Rogers says:

    Doc, I’m saying that sometimes the right answer really is “Don’t just do something! Stand there!”

    In any case, I wish you luck.

  17. SAA says:

    You might appreciate our June 2013 paper on workplace processes as a form of surveillance that restrict human agency. We extend the argument to life in general, but for the purposes of the paper, focus on the workplace. There is much expansion on agency that you might find helpful.

    Watching Me, Watching You. (Process Surveillance and Agency in the Workplace) From IEEE ISTAS ’13 (‘veillance 13) in Toronto, June 2013.

  18. Pingback: Links for 1378079900 - Abstract PHP

  19. Pingback: Have we passed peak surveillance? | VentureBeat

  20. Pingback: Thoughts on privacy |

  21. John Moore says:

    The author is too optimistic when stating that we have reached “peak privacy” – at least regarding government issues.

    The odds of a terrible terrorist event, resulting in demands for greatly increased surveillance, are very high – given enough time.

    Consider the following example:

    US strikes Syria (or Iran).

    Hezbollah is tasked to respond.

    They send 50 teams of two terrorists each across our southern border (there is strong evidence that they are already tightly tied to drug smuggling networks). 30 of those teams make it to their destinations: grade schools across the nation. Each team attacks the school Mumbai style – using automatic weapons, explosives and incendiaries. Each term kills, on average, 100 children and 10 teachers – death toll total: 3000 children, 1000 teachers.

    Won’t happen? Wanna bet?

    • Doc Searls says:

      John, I didn’t say “peak privacy.” I said “peak surveillance.” And the odds of everything are high, given enough time. As for terrorist responses to government military actions, while interesting as a subject of speculation, the subject is outside the scope of this post.

  22. Pierre Wolff says:

    Always nice to read your thoughtful pieces, Doc. As you and many of those researching and thinking about privacy have realized, the very notion of what privacy means is a tough one to articulate and define. Does meta-data about what movements or keystrokes were initiated on someone else’s web site belong to the user who created those even if they are not identified by name? Seems that a site’s desire to track some activity that it creatively has determined is useful to them but has no specific bearing on the use or benefits that the user extracts from the site, cannot really fall into a category of “belonging to the user”. Certainly no more than saying that mud tracks of my boots belong to me.

    Separately, not sure if you’ve been keeping up with the work by Alessandro Acquisti from Carnegie Mellon University, but a worthwhile paper he collaborated on titled “Privacy and the Control Paradox” ( provides some interesting insights. Some of it reminds me of work by Daniel Solove where he discusses that while it may be too late to prevent individuals’ information collection, how it’s used is where we should seek legislative or judicial relief. In the case of Acquisiti, he explains the challenges for most users in assessing the future risks of their present uses of sharing technologies. I view that in part as the asymmetric benefits between user and the companies that collect the information. One could also view this on economic terms as arbitrage, where the value of what one may share in one instance seems (to me as being) of low economic value (ie. I share w/some FB friends that my wife is having a baby) but to the companies who track such information this has significant signal to generate outsized rents from advertisers wanting to know this (or for government to know that I have a weakness they can better exploit ;).

    Then there’s the issue of trust asymmetries that we never stop to really think about in the “meat space” (though they exist equally), but are magnified online. So let’s consider a private matter between two people which we can call a secret. So long as just those two people are aware of it, it remains private. As soon as one of those two people decides to discuss it with one other person, regardless of the trust they have in that third person, they have violated the covenant of the trust with the first person. I’ll use a silly example to make the point. Consider a business card exchange. We meet for a business discussion and right at the outset I hand you a card and you reciprocate with one of yours. There’s an implied social contract here which says that we respect each other and we have gifted each other our respective contact info for the purpose of being more easily accessible in the future. At no point did the two of us expect that either one of us would post the other’s business card on the stall of a men’s bathroom for any purpose. Then along came Jigsaw, which in effect let salespeople wanting to find more contacts, the ability to exchange their existing contacts’ info for a set of new ones they might be seeking. This created a bit of an outrage, but the outrage at Jigsaw was misdirected since there had never been a formal contract suggesting that in exchanging business cards either of us was promising not to share that contact info with the world. There was however, a social norm that says you don’t do that. It’s all tied to trust. Trust feels like a greatly under-emphasized component of the online privacy equation as considered today.

    Finally, my third disjointed comment on the topic of privacy is that we’ve seen the disruptive impact that the digitization of information (or the normalization of information), has had on various industries’ ability to control their works. The book, music, TV and film publishing industries have all struggled with this, as had the software development industry (which eventually moved to SaaS models to more effectively protect itself from people simply copying its works). DRM has met an untimely demise in most information industries where it has been tried. So why, oh why, do we believe that information about individuals is protectable any more than we believe a sound track or a movie is? The four forces that have conspired to “free” information are first (as you pointed out), the network or the fact that information can easily be communicated between computers. Second, the rapidly dropping costs of storing and processing data at scale. Third, the ability to aggregate information from various sources rapidly and at scale. Fourth, the ability to combine and cross-reference different sources of information in new and novel ways to solve for specific objectives. What’s clearly troublesome is that no one knows how the data obtained about me today, will be used tomorrow. This probably lies at the heart of everyone’s concerns over the NSA disclosures, and in hearing about the latest DEA disclosures and work with the telcos, this becomes truly alarming. But this is also the case with more mundane applications like insurance companies cutting deals with loyalty card providers to start assessing how people’s diets should affect their medical or life insurance premiums.

    OK, plenty to chew on, but thanks opening up the conversation here.

    • Doc Searls says:

      Thanks, Pierre. No time at the moment to respond at length. Just a quick one for now to say I’ve met Allesandro, admire him, and am familiar with his work. Daniel Solove’s too. I’m less eager than Solove to seek regulatory relief at this stage, but I also consider it inevitable as the abuses increase. (Never mind the irony of government, especially in the U.S., committing some of those abuses as well.) My personal goal is to solve some of the asymmetry by increasing agency at the individual level. As for the impact of digitization of information (and of everything possible), this development is as new and irreversible as the acquisition of lungs by our ancestors as they first crawled out of the sea. We have hardly begun to fully contemplate the implications. Take insurance, for example. (A good one you bring up.) What happens when all our genomes and disease risk factors are know-able? Today we have disease and death caused in many cases by patients *not* disclosing their histories or known risks for fear of rising insurance costs or denied coverage. The know-ability of Biggest Data kind of obviates the whole health insurance business, no? Then what? Do we socialize medicine by pooling the entirety of humanity? I think that’s where this goes. But obviously there isn’t a direct path. Out of time…

  23. Pierre Wolff says:

    Doc, I really like this focused statement, “My personal goal is to solve some of the asymmetry by increasing agency at the individual level.”. Part of me feels that this goal is best achieved by educating or providing the tools for the youth of the world to drive the agenda. As you pointed out Danah Boyd’s work has clearly shown that young people do care a tremendous amount about these matters of privacy and surveillance and are working the system through *how* they make use of social networks and various apps. It may look to some like they’re using these the same way as everyone else, but Danah provided some great insights into the fact that this is far from the case. Developing compelling products for them, or teaching them about these issues and providing the tools for them to build those appropriate products might be one good way to attain the goal you’ve established. I feel that anyone over 30 is a lost cause for many of these ideas given the preponderance of folks from that age group on who seem to shrug their shoulders and deliver the lazy answer, “I don’t care if my privacy is violated ’cause I have nothing to hide” 😉

  24. Todd says:

    The conversation that ends all conversations about data privacy is the conversation about data ownership.

  25. Pingback: else 9.3: Staring at the Tiny Screens | John Battelle's Search Blog

  26. mark says:

    Doc — the link to JPB‘s “Death From Above” is broken.
    Great piece.

  27. Doc Searls says:

    Thanks, mark. Fixed the link.

  28. Doc Searls says:

    Todd, that’s pretty much true. It’s like who owns one’s breath, or one’s shadow. But it’s still a conversation we can’t avoid having.

  29. Pingback: addictive! the full service mobile agency

  30. Pingback: Weekly Filet #127: Peek Surveillance. And more.

  31. Pingback: Doc Searls Weblog · Daily Outline

  32. Pingback: Doc Searls Weblog · The postal model of privacy

  33. Pingback: Doc Searls Weblog · On manners, privacy and evolution

  34. Pingback: Intent Data: Intent Data Weekly News Sep 13 2013 | Intent Data:

  35. Pingback: Yes We Scan.

  36. People support these privacy-busting tech companies (Google, Apple, Mircosoft and the like) like they support sports teams. Everyone has a favourite and they egg them on with just as much fanaticism and red-hot emotion. But wait, Snowden’s revelations have shown us that they are all cheats. Big fat lying cheats. Perhaps it is time that we switched to teams that play fair and respect the rules?

  37. Pingback: Circular dependent | The network society and the upside of our diminishing privacy

  38. Pingback: Web 3.5 | paulwlee

Leave a Reply

Your email address will not be published. Required fields are marked *