Technology and Privacy, Cont’d…

The ongoing controversy surrounding Edward Snowden has reminded me that the issues of privacy are not recent. Indeed, the notion of “other people” knowing what you are doing at all times was very much a 20th Century concern, albeit a mostly analog one. Certainly the advent of the Internet and sites like Facebook have made “big data” a complicated issue: we tend to embrace innovation when it suits us and resist—or fear—it when we see potential threats.

It obliges questions like, what is Big Data and how is it used? Is it mostly good or entirely bad? What, for that matter, is privacy as it relates to our personal lives in the new millennium? It is also imperative to recognize that technology is never a static phenomenon; by the time we grapple with one aspect of a particular product or progression, it often has already mutated, improved or become something else altogether. I spent the summer of 2010 puzzling over the facts, figures and opinions in a piece for our annual Five Technology Trends To Watch.

One thing is certain: the intersection between the private and the public when it comes to data collection is never simple and at best is always uneasy. The debate about privacy—collective and individual—is ultimately an issue of control. The reality, which is good, bad and ugly (or all three depending upon your perspective) is that we reside in an odd era where we at once have as much and as little autonomy as any time in history. How you process this ostensible contradiction will likely determine how troubled, or not, you are by recent events.

The concept of privacy and technology is nothing if not complicated, intriguing and, importantly, ever-changing. As is always the case, before we can predict with any hope of accuracy what the future will look like, we need to adequately understand both the present and the past. Any conversation about Big Brother running roughshod over our privacy rights needs to acknowledge that this is not remotely a new phenomenon. For an artistic meditation on the paranoia the Watergate scandal begat, Francis Ford Coppola’s The Conversation is essential viewing. For a more contemporary take on professional surveillance, David Simon—creator of The Wire—has an enlightening and provocative piece available on his blog.

To be certain, the idea of the most powerful government in the world snooping on a citizen’s online activity is something out of an Orwell novel. Indeed, the entire notion of online activity would be something even Orwell could never have conceived. As always, there is a flip side to every innovation: as the Internet has empowered individuals to write, speak, and shop, it also extends the possibility of these endeavors being overseen. What is undeniable is that when it comes to privacy (online or otherwise) it’s very often only the occasional abuses or oversights that catch our attention.

For instance, consider the recent bombing at the Boston Marathon. Less than a decade ago a tragedy of this magnitude might have left us paralyzed: with fear, misinformation and false leads. Of course, with technology and the expertise with which everyday Americans utilize it, pictures, social media and cooperation by diverse communities enabled the perpetrators to be identified—and captured—in remarkably short order. It always raises eyebrows and elicits skepticism, but it’s difficult to deny that the government has used techniques—however controversial—to foil terror attacks and yes, keep us safe. Accepting and/or endorsing this does not require providing an apathetic blank check to the powers that be.

We need to keep our public officials as accountable, and ensure that incompetence—or worse—does not occur on our watch, in our names. On the other hand, we have to be cognizant that a million spies with a million hours could scarcely begin to keep track of all the correspondence occurring every minute via email, Facebook and Twitter. Privacy itself may seem a quaint or antiquated notion, but the truth is, we live in a very different, very digital world. What we do know might unnerve us, but what we do not know is capable of damage that extends beyond privacy concerns.

Share

Selling The Stories Of Our Lives: Technology and Privacy (Part Three)

THE PRICE OF ONLINE PAYMENT

The final frontier, at least for now, where online interaction and privacy may or may not find practical synergy is mobile payment. Predictably, the convenience and cost-saving possibilities are prompting serious discussion as well as intense debate. For anyone late to this party, there is already technology being implemented that enables consumers to make credit card transactions on their smartphones.

Advocates for this progressive capability claim it’s simply the next logical step toward increased consumer freedom. Many of us already conduct business online, whether it involves purchases at Amazon.com or maintaining a Netflix account—just to mention two of the more prevalent options. And just as digital files have made compact discs more archaic and e-Readers threaten to supplant paperbacks, online banking accounts have made the act of writing a check antiquated. All of these advancements incorporate convenience and reduced costs. The caveat is that the final costs might not be measured in dollars and cents.

A simple Google search will quickly reveal plentiful stories exemplifying how easily technical glitches can expose credit card information, and how simple it is for sophisticated hackers to infiltrate the typical firewalls. We will be hearing—and seeing—a great deal more about the viability, and potential repercussions, of online mobile payment. Once again consumers are obliged to ask themselves what types of exposure they might tolerate for the sake of expediency.

Almost three-fourths (74%) of online adults are concerned or very concerned about the security of any financial transactions they may conduct online. This level of trepidation extends to all age groups and income brackets: across the board at least 70% of respondents indicated a high level of concern regarding the prospect of purchases or banking online.

Every day new articles appear attempting to negotiate the increasingly complex matrix of potential pros and cons. The early adopters represent one end of the spectrum while the unconvinced and skeptical characterize the other. But what about the majority of us, who fall somewhere in between these two extremes? And how many people will be influenced as more anecdotes (the good, the bad and especially the ugly) become publicized?

Between growing awareness of how—and how much—personal data is collected and utilized, with Facebook’s awkward PR spectacle this summer being the first firestorm and the expected onslaught of consumer pushback, a groundswell demanding accountability is inevitable. A more transparent explication of policies and SOPs will be a welcome, if overdue development. It also seems safe to suppose, not unlike the recent environmental or auto-safety incidents (BP and Toyota), it will require some sort of calamity to get the public’s attention, finally compelling pro-active accountability from the companies.

IS LEGISLATION INEVITABLE?

It is not exactly a stretch to see where some of these open issues are headed, and how they may ultimately be resolved. The question for now is: is legislation necessary and how effective can it possibly be? Certainly, if companies are slow or reluctant to fully disclose their business practices as they relate to data capture, there will be a concerted push to create and enact new laws.

This will make businesses bristle, but it should also make consumers wary. With general sentiment toward government at a nadir, the prospect of entrusting politicians to wrangle with these issues is not exactly consoling. And then there is the proposition of a clichéd “Big Brother” in charge of overseeing this bounty of personal detail. Put bluntly, the one thing some Americans may fear more than unregulated corporations is a feckless government with good intentions.

As usual, one way to troubleshoot the possibility of a legislative imbroglio is to review where we are and how we arrived here. Considering the regrettable fact that few people inside the corporate bubble fully grasp the nuances of Internet technology, it is unrealistic to imagine many (if any) of our politicians having an adequate handle on how things work—much less being able to cultivate a balance between the entrepreneurial spirit and consumer rights. On the other hand, the Internet—in its myriad manifestations—is a massive component of the U.S. economy. As such, it behooves tech firms to view these challenges as a potential opportunity to engage and foster a meaningful dialogue.

According to Mike Shields, a Republican political strategist with almost two decades of experience inside (and outside) the Nation’s Capitol, the people most affected by policy (e.g., the tech firms) have been very slow to recognize how powerful and important Washington, D.C. is. In other words, despite the caricature of an incompetent, money-spending monolith, the not-so-simple reality is that all these moving parts making our laws are empowered by actual people responding to what they see and hear from other people (e.g., voters).

“Having spent a good amount of time in and around Redmond, I know there was a bit of a disconnect,” Shields says. “There was a propensity to regard D.C. as archaic, and that the tech companies were too busy creating the future to get involved in any meaningful way with government.” Inevitably many companies discovered, too late and to their chagrin, that government really does matter. “Now people are coming to realize that they need a presence,” Shields suggests. “But a big roadblock remains trying to explain (to politicians or laypersons) how some of this technology really works in the first place.” Whether through outreach or pro-active lobbying efforts, tech firms will only be assisting their causes by connecting on a more human level. “What can happen,” Shields warns, “is that a simple law, especially one brought about due to a situation that resonates emotionally, can derail an entire business model.”

Right now, there has not been a critical mass, as enough emotionally-resonant crises have not (yet) taken place. If, or really, when this happens, action will occur. Helping craft sensible legislation through communication and transparency is a viable way to ensure we see regulation that integrates the needs of businesses and the rights of consumers.

THE SOLUTION TO TECHNOLOGICAL CONCERNS? TECHNOLOGY!

Even with the most well-intended and competently administered legislation, we must reluctantly concede that superior hackers can—and will—easily circumvent new restrictions. Understanding that any move to empower an ostensibly benevolent federal agency can—and will—result in consternation, we must ensure that the effort to control a small issue does not create a massive one.

One reasonable and equitable proposal could involve a concerted effort by the FTC to implement a public awareness campaign. Certainly a proactive endeavor from an “official” player might very well provide the not-so-gentle nudge certain companies require to share their business dealings a bit less begrudgingly. Naturally, if consumers and businesses meet in the middle and utilize autonomy and entrepreneurship it might equate to a much better case scenario. If we see more business models inspired to empower consumers, many of these potential roadblocks might be seamlessly bypassed.

One such start-up, San Francisco-based Bynamite, was recently profiled in The New York Times. “There should be an economic opportunity on the consumer side,” suggests Ginsu Yoon, the company’s co-founder. “Nearly all the investment and technology is (presently) on the advertising side.” Bynamite’s business model is both a commentary on the current landscape and a predictor of where it’s headed. That is, the mining of personal data is here to stay; there is simply too much money at stake to imagine otherwise. Yet the precepts of a (more) free-market arena enable—and insist upon—an exchange based on a monetized or incentivized quid pro quo. In a potentially paradigm-shifting twist, Bynamite is less focused on privacy protection and more interested in consumer choice and control.

In July the company launched software that users can download, which tracks what sites are collecting (from them). The software provides a cutting edge opportunity for consumers to see, and appreciate, in real time precisely what types of personal information they are essentially “swapping” every time they visit certain sites. “In a few years…a person’s profile of interests could be the basis for micropayment or discounts,” Yoon predicts. “A media company, for example, might charge a monthly subscription fee of $10 for news or entertainment programming, but offer it for $8 to those who exchanged their (portfolios).”

This business model seems to balance the current (and potentially future) poles of strictly—and federally—enforced privacy control and the unconstrained access companies presently enjoy. It is conceivable that a win/win scenario might unfold wherein consumers use the one-two punch of awareness and advocacy, while advertisers can increasingly fine-tune their targeted ads.

FIFTEEN MINUTES OR FOREVER: EVERYONE IS A CELEBRITY NOW (SORT OF)

Anytime you are talking about the future, it is irresponsible to express certainty, particularly when it relates to the ever-changing nature of technology. Nevertheless, it is quite evident that we will be seeing and hearing a great deal more about the delicate issue of privacy. In fact, the prediction here is that it will be a cover story in a major magazine within the next two years.

On a micro level, the conversation inexorably circles back to the basic, but occasionally contradictory notions of autonomy and access: we want quick and free content, but what are we willing to exchange for it? Perhaps more to the point, what should we be willing to exchange? The crux of the matter will increasingly be concerned with personal data susceptible to advanced algorithms and cookies that actually mine all manner of data that Internet users are mostly unaware of. The initial indifference is primarily due to lack of awareness: the only people likely to remain disinterested about potential implications are those to whom nothing has happened—yet.

On a macro level, this debate provides some fairly fascinating insights into how our social norms progress. Of course they are always in some state of transition (for better or worse, depending on whom you ask). The Internet, among many other things, has irrevocably altered the way we interact with the concept of celebrity. Instant and unending access has fed our collective appetite for information and intimacy; we “know” people in ways that were simply unimaginable less than ten years ago.

Now, along with the success and ubiquity of reality television, our culture has gone from worshipping to manufacturing celebrity. Recalling Andy Warhol’s infamous claim that “in the future, everyone will be famous for fifteen minutes”, the Internet in general and social networking in particular have ensured that some of us may have even more than fifteen minutes. No matter how banal of momentous, deliberate or unintended, these moments will all be preserved in the electronic ledger, potentially forever.

How we process and eventually regulate the exchange and deployment of this information will be a commentary on how we are able to exist—as employers, employees, parents, children, friends, acquaintances and enemies all with the data to contradict or redefine any of those public (and private) personas. The idea that people have different identities outside of work, whether they are teachers, executives or attorneys, will become more acceptable the more we collectively accept—and adapt to—a ceaselessly open window into the lives of others. The greater challenge is likely to remain how we reconcile the increasingly unfettered access those we know, and especially those we do not know, have into our own lives.

Share

Selling The Stories Of Our Lives: Technology and Privacy (Part Two)

PRIVACY VERSUS PROFIT: THE NEXT BIG DEBATE

Not many people would oppose the proposition that consumers enjoy convenience and appreciate value. As the Internet has expanded and advanced, free content is increasingly available—and expected. Most of us seem to be aware that the corresponding proliferation of pop-ups and full-screen advertisements is the “price” we pay for this unfettered access. In fact, free information has, in some regards, been a victim of its own success: many people now see the advertisements as a distraction and an imposition. Of course, few of them would prefer a scenario where sites withdrew the ads but began charging for content. Magazines, newspapers and popular reference sites like dictionary.com all rely on revenue from advertisers in order to remain mostly or entirely free.

If the quid pro quo of enduring minor annoyance for free information seems like yesterday’s news, that’s because it is. The latest and more profound controversy revolves around the ways companies are now using user’s personal data. In July The Wall Street Journal published a study entitled “What They Know”, containing a series of articles detailing the history, practices and implications of the “cutting-edge uses of Internet-tracking technology.” This investigation adds to a growing number of similar features, no doubt inspired at least in part by the recent Facebook controversies—and founder Mark Zuckerberg’s less than impressive response to the outcry.

The reactions, once people get a better grasp on what exactly is going on, are often (and understandably) emotional. Personal information turned into salable data is, after all, about as intimate as it gets when one considers ostensibly private and/or secret preferences and behaviors being scrutinized, tracked and ultimately sold. It is, then, perhaps fair and appropriate to further contemplate the “strictly business” rationale which posits these developments as almost entirely positive signals of progress and mutually profitable engagement.

The debate, in starkest terms, seems to revolve around the issue of free-will versus awareness. Certainly, it is fair to suggest that virtually all non-business related online behavior is voluntary. Thus, it is ultimately the individual’s responsibility to understand the risks as well as the rewards associated with web-surfing, online purchases and the dissemination (however unintentional) of personal information. A strictly business advocate might make the analogy of whether or not it is acceptable for a citizen to press charges against an establishment serving drinks that impaired their driving ability. The complicated converse of this already controversial scenario is how quickly the culpability changes if it turns out the bartender had placed undetectable alcohol in someone’s iced tea. All of a sudden, the balance of blame is considerably altered. It would not be sufficient, legally or morally, to assert that the mere act of entering a bar compels an individual to be aware of any possible repercussions.

The deeper issue, in other words, extends beyond personal choice. Facebook, to be certain, allows users to utilize an opt-in agreement for sharing certain information. In this regard, users are obliged to be informed and accountable—which is one reason the recent attention Facebook’s privacy policies are getting is undeniably a positive development. On the other hand, companies should not require federal regulation (or even public outcry) to create clear and upfront messaging regarding the data they collect and the way(s) in which they intend to use—and profit from—it.

INTERNET TRACKING: SPYING OR STRICTLY BUSINESS?

In a piece for The Wall Street Journal’s series entitled “It’s Modern Trade: Web Users Get As Much As They Give”, Jim Harper (director of information policy studies at the Cato Institute) feels the rewards considerably outweigh the risks. He suggests that “data gleaned from (our) communications and transactions grease the gears of modern commerce.” While acknowledging the legitimacy of online privacy concerns, he strongly admonishes Web users to arm themselves with information to better protect their interests. There is little question that this is the first crucial step anyone should take, but it inexorably shifts the entire burden of responsibility to consumers.

Harper rather disingenuously compares online privacy to smoking: it is a personal matter and it’s up to the individual to ascertain the dangers. As it happens, the comparison is, perhaps unintentionally, apt: we now know that for decades cigarettes were not only considered harmless, substantial sums of money got spent promulgating positive, even healthy associations between smoking and lifestyle. Once contrary evidence inevitably emerged, inconceivable amounts of dollars were allocated to try and suppress or discredit these findings. All of which is to suggest that there is a fine line between caveat emptor and the emperor’s lack of clothes.

Today it would be unfair, even reckless, to imply that consumers are—or should be—fully aware of what they do (and have “done” to them) online, particularly when substantial money is at stake to keep these seemingly innocuous business practices surreptitious (as the Zuckerberg debacle illustrated). In a companion piece entitled “Tracking Is An Assault On Liberty With Real Dangers”, Nicholas Carr (author of The Shallows: What The Internet Is Doing To Our Brains) recalls a Sun Microsystems chief executive, who in 1999 blithely explained “You have zero privacy. Get over it.” Carr then offers the examples, from 2006, of a team of scholars from the University of Minnesota, who “noted that most Americans can be identified by name and address using only their ZIP Code, birthday and gender—three pieces of information that people often divulge when they register at a website.”

According to a recent study of 1,000 U.S. adults, to date around one third (39%) of consumers admit to having posted personal contact information such as phone number, e-mail and mailing address, etc., online. Understandably, consumers have concerns regarding their privacy as it relates to their online information and activities. Over half (55%) of adults expressed concern about their privacy in relation to activities such as information, comments or opinions posted on social networking sites.

MEDICINAL PURPOSES

The stakes get more serious, and potentially far-reaching, when we consider the momentum behind making medical records available electronically. Heralded as a mutually beneficial advancement for both the industry and the consumer, the practical implications of a widespread transition are now being more closely scrutinized. For more than fifteen years, enterprising computer experts have exposed how easy it actually is to uncover an individual’s most private and sensitive information. Back in the ‘90s, medical data was aggregated (for research purposes) after being “scrubbed” of personal information such as names, addresses and social security numbers. Unfortunately, it has been proven that “87 percent of all Americans could be uniquely identified using only three bits of information: ZIP Code, birth date and sex” (Nate Anderson, 9-08-09).

When asked, seven in ten (72%) of adults expressed concern involving the use (and potential misuse) of their online medical records; ranking third among concerns such as identity theft and security of financial transactions.

For seemingly unobjectionable items such as photos or online movie reviews, there is the aforementioned caveat emptor element involved. When it comes to medical records (think diagnoses, prescriptions, family histories, etc.) the potential repercussions are almost indescribable. To be certain, much of the impetus behind making previously private (and in most cases, safeguarded) files more accessible is driven by the notion of patient empowerment. Many people have a legitimate and understandable desire for free and unencumbered access to their own health histories. This inclination is exacerbated by growing opinion that some doctors (and/or hospitals) have a guarded interest in making this information difficult to obtain.

Of course there are also undeniable practical considerations: just as e-books are environmentally friendly and potentially cost-efficient, much of the paper and proverbial red tape is eliminated once files are transferred online. It is then easier to imagine a best case scenario involving increased efficiency and more affordable health care. Or does it?

Obviously there is considerable up-front cost involved that will presumably equate to significant savings down the road, once the paperwork and administration costs are largely eliminated. Yet being compelled to comply with new procedures (overseen by the Health and Human Services Department) may prove onerous to smaller practices. Federal funding is available, which indicates the level of seriousness—and amount of deliberation—this project has already generated. Not surprisingly, widespread consumer acceptance and utilization of this development will require each individual to measure the rewards (easier access to one’s files) versus the risks (a computer glitch that with one errant keystroke could publish highly personal information). If people don’t (yet) take their Internet habits seriously enough, almost everyone has vested interest in their health. As such, public sentiment on this matter will be measured slowly over the next several years.

Share

Selling The Stories Of Our Lives: Technology and Privacy (Part One)

*Recent events reminded me that the issues of privacy are not recent. Indeed, the notion of “other people” knowing what you are doing at all times was very much a 20th Century concern, albeit a mostly analog one. Certainly the advent of the Internet and sites like Facebook have made “big data” a complicated issue: we tend to embrace innovation when it suits us and resist –or fear– it when we see potential threats. It obliges questions like, what is Big Data and how is it used? Is it mostly good or entirely bad? What, for that matter, is privacy as it relates to our personal lives in the new millennium? I grappled with some of these issues in a piece written almost three years ago, which proves on one hand that these concerns are practically antiquated, in Internet terms, and also that they were, and are, always developing. One thing is certain: the intersection between the private and the public when it comes to data collection is never simple and at best is always uneasy. More on this topic to come. For now, here is the large piece, in three parts, that I spent the summer of 2010 puzzling over.

***

In a recent issue of Esquire there is a humorous feature entitled “Help Us Serve You Better!” which imagines a series of correspondence from various companies. The consumer to which these missives are directed is offered, in not very subtle terms, a variety of “helpful” suggestions. For instance, he is reminded of the items he searched for before choosing the sale item (cheapskate!), he is pressured into upgrading the bouquet of flowers he sent his mother, he is “thanked” for buying a pair of shoes that had languished for months in the warehouse (fashion faux pas!), and then he is sardonically asked about the success of his “business trip” in Thailand. Finally, one site suggests some self-improvement books to ameliorate his work and relationship issues.

While this scenario is amusingly over-the-top, and of course could never play out as depicted, many people might be surprised—and mortified—to discover how much information regarding their personal lives is readily available, and how easy it is to draw accurate (and potentially embarrassing) conclusions based on relatively minimal amounts of data.

The concept of privacy and technology is nothing if not complicated, intriguing and, importantly, ever-changing. As is always the case, before we can predict with any hope of accuracy what the future will look like, we need to adequately understand both the present and the past. It is also imperative to recognize, or accept, that technology is never a static phenomenon; by the time we grapple with one aspect of a particular product or progression, it has already mutated, improved or become something else altogether.

This is not to suggest that one can’t hope to become familiar with the processes and behind-the-scenes methodologies that transform ideas into innovations. Indeed, whether we are talking about home audio, portable video or eReaders, most of these products have discernible histories that illustrate how they evolved. Speaking of the Internet (in general) and concepts like cookies, aggregated information, behavioral targeting and data exchange (in particular) is, understandably, more problematic. A recent study in this series closely examined specific elements of this technology story (“The Future Has Already Arrived: The Localization of the Internet”, 5 Technology Trends to Watch 2008).

Most of us are reasonably familiar with the technologies—or at least their existence—that sites utilize to store and share the data we provide. Cookies, for instance, refer to text files websites store on your PC: they are used for such commonplace, and innocuous tasks as automatically recalling passwords and auto-populating previously sent information (a shipping address or friend’s e-mail address). Cookies are also used for more sophisticated purposes, such as compiling data based on where we go and what we do (each day; over time) on the Internet. The concept of cookies, and the ways in which they have been utilized, informs any discussion about Internet privacy. Before we contemplate the implications of tomorrow’s experience, let’s briefly take stock of how far—and fast—we’ve arrived where we are today.

THE FACEBOOK PHENOMENON

Anyone who has spent any time on a social networking site likely has personal experience with a 21st Century dilemma we’ll call “poster’s remorse”. This is a subtle but potentially catastrophic derivation of what is commonly referred to as buyer’s remorse. Poster’s remorse involves the ill-advised, mistaken or accidental disclosure of information and its aftermath. This information, sent innocently, unknowingly or while in an impaired state, with one click of the mouse becomes public knowledge. Examples range from the relatively harmless to the profound and permanent. The former might involve the inadvertent announcement (or uploaded pictorial evidence) of one’s whereabouts: for instance, being at one friend’s party and not out of town—the excuse used to get out of the other friend’s party. The latter could include a Facebook update, or picture, sent in retaliation (divorce lawyers are now happily incorporating these types of disclosures into their cases). Finally, there are the sorts of indicting evidence that an employer can see, situations that tend to end badly.

An important distinction here is that all of the above examples typify shared information (however unfortunate or regrettable) that the individual involved is aware of. What about the ease with which we can—unknowingly, maliciously or even with genuinely good intentions—share information about someone else? A twitter update, or a re-tweet the person may have intended (however naively!) for a limited audience, or the old-fashioned forwarded e-mail are all exemplify ways we have less control than we might prefer regarding what the world knows about us. Perhaps the most complicated contemporary dilemma is the ability of relatives, friends and even (or especially) mere acquaintances to post and tag photos on Facebook.

Lest this sound straightforward or even simple, the implications are actually deep and ever-expanding. It is, for instance, now common practice for HR departments to compile what amounts to a personal dossier of any given applicant’s online history. This would include anything from the obvious social networking posts to the type of interaction many would assume is safe or anonymous, such as blog posts or participation in discussion groups or forums. Even the more savvy Internet users who actively control and limit the people who can “see” them may find that their very lack of transparency arouses suspicion. It can become a Catch-22 revolving around the inference that if you’ve done nothing “wrong” you have nothing to hide. A blocked or inaccessible identity might, in some eyes, be as provocative as having shared too much information.

We already have had widespread disenchantment regarding Facebook’s less than transparent privacy policies, and the site’s increasing popularity will be the front line of this debate—in its myriad facets—for the foreseeable future. Indeed, as this piece was being written a fresh controversy erupted concerning “Facebook Places”—the new geo-location feature (similar to the incredibly successful foursquare, which enables people to “check in” from any location). Ostensibly these services are opt-in and self-serve, but consistent with the less savory implications of photo-tagging, people may find their whereabouts being broadcast to unwanted parties (think everything from potential burglars to stalkers). Because of the remarkable influence of these services, it seems likely that only eventual hassles ending with legal consequences will inspire concerted efforts to educate and even regulate their use, especially for minors.

Once we begin to acknowledge the ways our activity (and the activity of those in our close and extended networks) can have far-reaching and unintended effects, the whole notion of what we do online becomes more intricate, and serious. Then when we consider the fact that our personal data is being tracked and sold, the situation becomes more than a little problematical.

Share

Selling The Stories Of Our Lives: Technology and Privacy (Part Three)

THE PRICE OF ONLINE PAYMENT

The final frontier, at least for now, where online interaction and privacy may or may not find practical synergy is mobile payment. Predictably, the convenience and cost-saving possibilities are prompting serious discussion as well as intense debate. For anyone late to this party, there is already technology being implemented that enables consumers to make credit card transactions on their smartphones.

Advocates for this progressive capability claim it’s simply the next logical step toward increased consumer freedom. Many of us already conduct business online, whether it involves purchases at Amazon.com or maintaining a Netflix account—just to mention two of the more prevalent options. And just as digital files have made compact discs more archaic and e-Readers threaten to supplant paperbacks, online banking accounts have made the act of writing a check antiquated. All of these advancements incorporate convenience and reduced costs. The caveat is that the final costs might not be measured in dollars and cents.

A simple Google search will quickly reveal plentiful stories exemplifying how easily technical glitches can expose credit card information, and how simple it is for sophisticated hackers to infiltrate the typical firewalls. We will be hearing—and seeing—a great deal more about the viability, and potential repercussions, of online mobile payment. Once again consumers are obliged to ask themselves what types of exposure they might tolerate for the sake of expediency.

Almost three-fourths (74%) of online adults are concerned or very concerned about the security of any financial transactions they may conduct online. This level of trepidation extends to all age groups and income brackets: across the board at least 70% of respondents indicated a high level of concern regarding the prospect of purchases or banking online.

Every day new articles appear attempting to negotiate the increasingly complex matrix of potential pros and cons. The early adopters represent one end of the spectrum while the unconvinced and skeptical characterize the other. But what about the majority of us, who fall somewhere in between these two extremes? And how many people will be influenced as more anecdotes (the good, the bad and especially the ugly) become publicized?

Between growing awareness of how—and how much—personal data is collected and utilized, with Facebook’s awkward PR spectacle this summer being the first firestorm and the expected onslaught of consumer pushback, a groundswell demanding accountability is inevitable. A more transparent explication of policies and SOPs will be a welcome, if overdue development. It also seems safe to suppose, not unlike the recent environmental or auto-safety incidents (BP and Toyota), it will require some sort of calamity to get the public’s attention, finally compelling pro-active accountability from the companies.

IS LEGISLATION INEVITABLE?

It is not exactly a stretch to see where some of these open issues are headed, and how they may ultimately be resolved. The question for now is: is legislation necessary and how effective can it possibly be? Certainly, if companies are slow or reluctant to fully disclose their business practices as they relate to data capture, there will be a concerted push to create and enact new laws.

This will make businesses bristle, but it should also make consumers wary. With general sentiment toward government at a nadir, the prospect of entrusting politicians to wrangle with these issues is not exactly consoling. And then there is the proposition of a clichéd “Big Brother” in charge of overseeing this bounty of personal detail. Put bluntly, the one thing some Americans may fear more than unregulated corporations is a feckless government with good intentions.

As usual, one way to troubleshoot the possibility of a legislative imbroglio is to review where we are and how we arrived here. Considering the regrettable fact that few people inside the corporate bubble fully grasp the nuances of Internet technology, it is unrealistic to imagine many (if any) of our politicians having an adequate handle on how things work—much less being able to cultivate a balance between the entrepreneurial spirit and consumer rights. On the other hand, the Internet—in its myriad manifestations—is a massive component of the U.S. economy. As such, it behooves tech firms to view these challenges as a potential opportunity to engage and foster a meaningful dialogue.

According to Mike Shields, a Republican political strategist with almost two decades of experience inside (and outside) the Nation’s Capitol, the people most affected by policy (e.g., the tech firms) have been very slow to recognize how powerful and important Washington, D.C. is. In other words, despite the caricature of an incompetent, money-spending monolith, the not-so-simple reality is that all these moving parts making our laws are empowered by actual people responding to what they see and hear from other people (e.g., voters).

“Having spent a good amount of time in and around Redmond, I know there was a bit of a disconnect,” Shields says. “There was a propensity to regard D.C. as archaic, and that the tech companies were too busy creating the future to get involved in any meaningful way with government.” Inevitably many companies discovered, too late and to their chagrin, that government really does matter. “Now people are coming to realize that they need a presence,” Shields suggests. “But a big roadblock remains trying to explain (to politicians or laypersons) how some of this technology really works in the first place.” Whether through outreach or pro-active lobbying efforts, tech firms will only be assisting their causes by connecting on a more human level. “What can happen,” Shields warns, “is that a simple law, especially one brought about due to a situation that resonates emotionally, can derail an entire business model.”

Right now, there has not been a critical mass, as enough emotionally-resonant crises have not (yet) taken place. If, or really, when this happens, action will occur. Helping craft sensible legislation through communication and transparency is a viable way to ensure we see regulation that integrates the needs of businesses and the rights of consumers.

THE SOLUTION TO TECHNOLOGICAL CONCERNS? TECHNOLOGY!

Even with the most well-intended and competently administered legislation, we must reluctantly concede that superior hackers can—and will—easily circumvent new restrictions. Understanding that any move to empower an ostensibly benevolent federal agency can—and will—result in consternation, we must ensure that the effort to control a small issue does not create a massive one.

One reasonable and equitable proposal could involve a concerted effort by the FTC to implement a public awareness campaign. Certainly a proactive endeavor from an “official” player might very well provide the not-so-gentle nudge certain companies require to share their business dealings a bit less begrudgingly. Naturally, if consumers and businesses meet in the middle and utilize autonomy and entrepreneurship it might equate to a much better case scenario. If we see more business models inspired to empower consumers, many of these potential roadblocks might be seamlessly bypassed.

One such start-up, San Francisco-based Bynamite, was recently profiled in The New York Times. “There should be an economic opportunity on the consumer side,” suggests Ginsu Yoon, the company’s co-founder. “Nearly all the investment and technology is (presently) on the advertising side.” Bynamite’s business model is both a commentary on the current landscape and a predictor of where it’s headed. That is, the mining of personal data is here to stay; there is simply too much money at stake to imagine otherwise. Yet the precepts of a (more) free-market arena enable—and insist upon—an exchange based on a monetized or incentivized quid pro quo. In a potentially paradigm-shifting twist, Bynamite is less focused on privacy protection and more interested in consumer choice and control.

In July the company launched software that users can download, which tracks what sites are collecting (from them). The software provides a cutting edge opportunity for consumers to see, and appreciate, in real time precisely what types of personal information they are essentially “swapping” every time they visit certain sites. “In a few years…a person’s profile of interests could be the basis for micropayment or discounts,” Yoon predicts. “A media company, for example, might charge a monthly subscription fee of $10 for news or entertainment programming, but offer it for $8 to those who exchanged their (portfolios).”

This business model seems to balance the current (and potentially future) poles of strictly—and federally—enforced privacy control and the unconstrained access companies presently enjoy. It is conceivable that a win/win scenario might unfold wherein consumers use the one-two punch of awareness and advocacy, while advertisers can increasingly fine-tune their targeted ads.

FIFTEEN MINUTES OR FOREVER: EVERYONE IS A CELEBRITY NOW (SORT OF)

Anytime you are talking about the future, it is irresponsible to express certainty, particularly when it relates to the ever-changing nature of technology. Nevertheless, it is quite evident that we will be seeing and hearing a great deal more about the delicate issue of privacy. In fact, the prediction here is that it will be a cover story in a major magazine within the next two years.

On a micro level, the conversation inexorably circles back to the basic, but occasionally contradictory notions of autonomy and access: we want quick and free content, but what are we willing to exchange for it? Perhaps more to the point, what should we be willing to exchange? The crux of the matter will increasingly be concerned with personal data susceptible to advanced algorithms and cookies that actually mine all manner of data that Internet users are mostly unaware of. The initial indifference is primarily due to lack of awareness: the only people likely to remain disinterested about potential implications are those to whom nothing has happened—yet.

On a macro level, this debate provides some fairly fascinating insights into how our social norms progress. Of course they are always in some state of transition (for better or worse, depending on whom you ask). The Internet, among many other things, has irrevocably altered the way we interact with the concept of celebrity. Instant and unending access has fed our collective appetite for information and intimacy; we “know” people in ways that were simply unimaginable less than ten years ago.

Now, along with the success and ubiquity of reality television, our culture has gone from worshipping to manufacturing celebrity. Recalling Andy Warhol’s infamous claim that “in the future, everyone will be famous for fifteen minutes”, the Internet in general and social networking in particular have ensured that some of us may have even more than fifteen minutes. No matter how banal of momentous, deliberate or unintended, these moments will all be preserved in the electronic ledger, potentially forever.

How we process and eventually regulate the exchange and deployment of this information will be a commentary on how we are able to exist—as employers, employees, parents, children, friends, acquaintances and enemies all with the data to contradict or redefine any of those public (and private) personas. The idea that people have different identities outside of work, whether they are teachers, executives or attorneys, will become more acceptable the more we collectively accept—and adapt to—a ceaselessly open window into the lives of others. The greater challenge is likely to remain how we reconcile the increasingly unfettered access those we know, and especially those we do not know, have into our own lives.

Share

Selling The Stories Of Our Lives: Technology and Privacy (Part Two)

PRIVACY VERSUS PROFIT: THE NEXT BIG DEBATE

Not many people would oppose the proposition that consumers enjoy convenience and appreciate value. As the Internet has expanded and advanced, free content is increasingly available—and expected. Most of us seem to be aware that the corresponding proliferation of pop-ups and full-screen advertisements is the “price” we pay for this unfettered access. In fact, free information has, in some regards, been a victim of its own success: many people now see the advertisements as a distraction and an imposition. Of course, few of them would prefer a scenario where sites withdrew the ads but began charging for content. Magazines, newspapers and popular reference sites like dictionary.com all rely on revenue from advertisers in order to remain mostly or entirely free.

If the quid pro quo of enduring minor annoyance for free information seems like yesterday’s news, that’s because it is. The latest and more profound controversy revolves around the ways companies are now using user’s personal data. In July The Wall Street Journal published a study entitled “What They Know”, containing a series of articles detailing the history, practices and implications of the “cutting-edge uses of Internet-tracking technology.” This investigation adds to a growing number of similar features, no doubt inspired at least in part by the recent Facebook controversies—and founder Mark Zuckerberg’s less than impressive response to the outcry.

The reactions, once people get a better grasp on what exactly is going on, are often (and understandably) emotional. Personal information turned into salable data is, after all, about as intimate as it gets when one considers ostensibly private and/or secret preferences and behaviors being scrutinized, tracked and ultimately sold. It is, then, perhaps fair and appropriate to further contemplate the “strictly business” rationale which posits these developments as almost entirely positive signals of progress and mutually profitable engagement.

The debate, in starkest terms, seems to revolve around the issue of free-will versus awareness. Certainly, it is fair to suggest that virtually all non-business related online behavior is voluntary. Thus, it is ultimately the individual’s responsibility to understand the risks as well as the rewards associated with web-surfing, online purchases and the dissemination (however unintentional) of personal information. A strictly business advocate might make the analogy of whether or not it is acceptable for a citizen to press charges against an establishment serving drinks that impaired their driving ability. The complicated converse of this already controversial scenario is how quickly the culpability changes if it turns out the bartender had placed undetectable alcohol in someone’s iced tea. All of a sudden, the balance of blame is considerably altered. It would not be sufficient, legally or morally, to assert that the mere act of entering a bar compels an individual to be aware of any possible repercussions.

The deeper issue, in other words, extends beyond personal choice. Facebook, to be certain, allows users to utilize an opt-in agreement for sharing certain information. In this regard, users are obliged to be informed and accountable—which is one reason the recent attention Facebook’s privacy policies are getting is undeniably a positive development. On the other hand, companies should not require federal regulation (or even public outcry) to create clear and upfront messaging regarding the data they collect and the way(s) in which they intend to use—and profit from—it.

INTERNET TRACKING: SPYING OR STRICTLY BUSINESS?

In a piece for The Wall Street Journal’s series entitled “It’s Modern Trade: Web Users Get As Much As They Give”, Jim Harper (director of information policy studies at the Cato Institute) feels the rewards considerably outweigh the risks. He suggests that “data gleaned from (our) communications and transactions grease the gears of modern commerce.” While acknowledging the legitimacy of online privacy concerns, he strongly admonishes Web users to arm themselves with information to better protect their interests. There is little question that this is the first crucial step anyone should take, but it inexorably shifts the entire burden of responsibility to consumers.

Harper rather disingenuously compares online privacy to smoking: it is a personal matter and it’s up to the individual to ascertain the dangers. As it happens, the comparison is, perhaps unintentionally, apt: we now know that for decades cigarettes were not only considered harmless, substantial sums of money got spent promulgating positive, even healthy associations between smoking and lifestyle. Once contrary evidence inevitably emerged, inconceivable amounts of dollars were allocated to try and suppress or discredit these findings. All of which is to suggest that there is a fine line between caveat emptor and the emperor’s lack of clothes.

Today it would be unfair, even reckless, to imply that consumers are—or should be—fully aware of what they do (and have “done” to them) online, particularly when substantial money is at stake to keep these seemingly innocuous business practices surreptitious (as the Zuckerberg debacle illustrated). In a companion piece entitled “Tracking Is An Assault On Liberty With Real Dangers”, Nicholas Carr (author of The Shallows: What The Internet Is Doing To Our Brains) recalls a Sun Microsystems chief executive, who in 1999 blithely explained “You have zero privacy. Get over it.” Carr then offers the examples, from 2006, of a team of scholars from the University of Minnesota, who “noted that most Americans can be identified by name and address using only their ZIP Code, birthday and gender—three pieces of information that people often divulge when they register at a website.”

According to a recent study of 1,000 U.S. adults, to date around one third (39%) of consumers admit to having posted personal contact information such as phone number, e-mail and mailing address, etc., online. Understandably, consumers have concerns regarding their privacy as it relates to their online information and activities. Over half (55%) of adults expressed concern about their privacy in relation to activities such as information, comments or opinions posted on social networking sites.

MEDICINAL PURPOSES

The stakes get more serious, and potentially far-reaching, when we consider the momentum behind making medical records available electronically. Heralded as a mutually beneficial advancement for both the industry and the consumer, the practical implications of a widespread transition are now being more closely scrutinized. For more than fifteen years, enterprising computer experts have exposed how easy it actually is to uncover an individual’s most private and sensitive information. Back in the ‘90s, medical data was aggregated (for research purposes) after being “scrubbed” of personal information such as names, addresses and social security numbers. Unfortunately, it has been proven that “87 percent of all Americans could be uniquely identified using only three bits of information: ZIP Code, birth date and sex” (Nate Anderson, 9-08-09).

When asked, seven in ten (72%) of adults expressed concern involving the use (and potential misuse) of their online medical records; ranking third among concerns such as identity theft and security of financial transactions.

For seemingly unobjectionable items such as photos or online movie reviews, there is the aforementioned caveat emptor element involved. When it comes to medical records (think diagnoses, prescriptions, family histories, etc.) the potential repercussions are almost indescribable. To be certain, much of the impetus behind making previously private (and in most cases, safeguarded) files more accessible is driven by the notion of patient empowerment. Many people have a legitimate and understandable desire for free and unencumbered access to their own health histories. This inclination is exacerbated by growing opinion that some doctors (and/or hospitals) have a guarded interest in making this information difficult to obtain.

Of course there are also undeniable practical considerations: just as e-books are environmentally friendly and potentially cost-efficient, much of the paper and proverbial red tape is eliminated once files are transferred online. It is then easier to imagine a best case scenario involving increased efficiency and more affordable health care. Or does it?

Obviously there is considerable up-front cost involved that will presumably equate to significant savings down the road, once the paperwork and administration costs are largely eliminated. Yet being compelled to comply with new procedures (overseen by the Health and Human Services Department) may prove onerous to smaller practices. Federal funding is available, which indicates the level of seriousness—and amount of deliberation—this project has already generated. Not surprisingly, widespread consumer acceptance and utilization of this development will require each individual to measure the rewards (easier access to one’s files) versus the risks (a computer glitch that with one errant keystroke could publish highly personal information). If people don’t (yet) take their Internet habits seriously enough, almost everyone has vested interest in their health. As such, public sentiment on this matter will be measured slowly over the next several years.

Share

Selling The Stories Of Our Lives: Technology and Privacy (Part One)

In a recent issue of Esquire there is a humorous feature entitled “Help Us Serve You Better!” which imagines a series of correspondence from various companies. The consumer to which these missives are directed is offered, in not very subtle terms, a variety of “helpful” suggestions. For instance, he is reminded of the items he searched for before choosing the sale item (cheapskate!), he is pressured into upgrading the bouquet of flowers he sent his mother, he is “thanked” for buying a pair of shoes that had languished for months in the warehouse (fashion faux pas!), and then he is sardonically asked about the success of his “business trip” in Thailand. Finally, one site suggests some self-improvement books to ameliorate his work and relationship issues.

While this scenario is amusingly over-the-top, and of course could never play out as depicted, many people might be surprised—and mortified—to discover how much information regarding their personal lives is readily available, and how easy it is to draw accurate (and potentially embarrassing) conclusions based on relatively minimal amounts of data.

The concept of privacy and technology is nothing if not complicated, intriguing and, importantly, ever-changing. As is always the case, before we can predict with any hope of accuracy what the future will look like, we need to adequately understand both the present and the past. It is also imperative to recognize, or accept, that technology is never a static phenomenon; by the time we grapple with one aspect of a particular product or progression, it has already mutated, improved or become something else altogether.

This is not to suggest that one can’t hope to become familiar with the processes and behind-the-scenes methodologies that transform ideas into innovations. Indeed, whether we are talking about home audio, portable video or eReaders, most of these products have discernible histories that illustrate how they evolved. Speaking of the Internet (in general) and concepts like cookies, aggregated information, behavioral targeting and data exchange (in particular) is, understandably, more problematic. A recent study in this series closely examined specific elements of this technology story (“The Future Has Already Arrived: The Localization of the Internet”, 5 Technology Trends to Watch 2008).

Most of us are reasonably familiar with the technologies—or at least their existence—that sites utilize to store and share the data we provide. Cookies, for instance, refer to text files websites store on your PC: they are used for such commonplace, and innocuous tasks as automatically recalling passwords and auto-populating previously sent information (a shipping address or friend’s e-mail address). Cookies are also used for more sophisticated purposes, such as compiling data based on where we go and what we do (each day; over time) on the Internet. The concept of cookies, and the ways in which they have been utilized, informs any discussion about Internet privacy. Before we contemplate the implications of tomorrow’s experience, let’s briefly take stock of how far—and fast—we’ve arrived where we are today.

THE FACEBOOK PHENOMENON

Anyone who has spent any time on a social networking site likely has personal experience with a 21st Century dilemma we’ll call “poster’s remorse”. This is a subtle but potentially catastrophic derivation of what is commonly referred to as buyer’s remorse. Poster’s remorse involves the ill-advised, mistaken or accidental disclosure of information and its aftermath. This information, sent innocently, unknowingly or while in an impaired state, with one click of the mouse becomes public knowledge. Examples range from the relatively harmless to the profound and permanent. The former might involve the inadvertent announcement (or uploaded pictorial evidence) of one’s whereabouts: for instance, being at one friend’s party and not out of town—the excuse used to get out of the other friend’s party. The latter could include a Facebook update, or picture, sent in retaliation (divorce lawyers are now happily incorporating these types of disclosures into their cases). Finally, there are the sorts of indicting evidence that an employer can see, situations that tend to end badly.

An important distinction here is that all of the above examples typify shared information (however unfortunate or regrettable) that the individual involved is aware of. What about the ease with which we can—unknowingly, maliciously or even with genuinely good intentions—share information about someone else? A twitter update, or a re-tweet the person may have intended (however naively!) for a limited audience, or the old-fashioned forwarded e-mail are all exemplify ways we have less control than we might prefer regarding what the world knows about us. Perhaps the most complicated contemporary dilemma is the ability of relatives, friends and even (or especially) mere acquaintances to post and tag photos on Facebook.

Lest this sound straightforward or even simple, the implications are actually deep and ever-expanding. It is, for instance, now common practice for HR departments to compile what amounts to a personal dossier of any given applicant’s online history. This would include anything from the obvious social networking posts to the type of interaction many would assume is safe or anonymous, such as blog posts or participation in discussion groups or forums. Even the more savvy Internet users who actively control and limit the people who can “see” them may find that their very lack of transparency arouses suspicion. It can become a Catch-22 revolving around the inference that if you’ve done nothing “wrong” you have nothing to hide. A blocked or inaccessible identity might, in some eyes, be as provocative as having shared too much information.

We already have had widespread disenchantment regarding Facebook’s less than transparent privacy policies, and the site’s increasing popularity will be the front line of this debate—in its myriad facets—for the foreseeable future. Indeed, as this piece was being written a fresh controversy erupted concerning “Facebook Places”—the new geo-location feature (similar to the incredibly successful foursquare, which enables people to “check in” from any location). Ostensibly these services are opt-in and self-serve, but consistent with the less savory implications of photo-tagging, people may find their whereabouts being broadcast to unwanted parties (think everything from potential burglars to stalkers). Because of the remarkable influence of these services, it seems likely that only eventual hassles ending with legal consequences will inspire concerted efforts to educate and even regulate their use, especially for minors.

Once we begin to acknowledge the ways our activity (and the activity of those in our close and extended networks) can have far-reaching and unintended effects, the whole notion of what we do online becomes more intricate, and serious. Then when we consider the fact that our personal data is being tracked and sold, the situation becomes more than a little problematical.

Share