By Bruce Schneier - Privacy and Control
In January, Facebook Chief Executive Mark Zuckerberg declared the age of privacy to be over. A month earlier, Google Chief Eric Schmidt expressed a similar sentiment. Add Scott McNealy'sand Larry Ellison's comments from a few years earlier, and you've got a whole lot of tech CEOs proclaiming the death of privacy -- especially when it comes to young people.
It's just not true. People, including the younger generation, still care about privacy. Yes, they're far more public on the Internet than their parents: writing personal details on Facebook, posting embarrassing photos on Flickr and having intimate conversations on Twitter. But they take steps to protect their privacy and vociferously complain when they feel it violated. They're not technically sophisticated about privacy and make mistakes all the time, but that's mostly the fault of companies and Web sites that try to manipulate them for financial gain.
To the older generation, privacy is about secrecy. And, as the Supreme Court said, once something is no longer secret, it's no longer private. But that's not how privacy works, and it's not how the younger generation thinks about it. Privacy is about control. When your health records are sold to a pharmaceutical company without your permission; when a social-networking site changes your privacy settings to make what used to be visible only to your friends visible to everyone; when the NSA eavesdrops on everyone's e-mail conversations -- your loss of control over that information is the issue. We may not mind sharing our personal lives and thoughts, but we want to control how, where and with whom. A privacy failure is a control failure.
Group behavior matters; we're more likely to expose personal information when our peers are doing it. We object more to losing privacy than we value its return once it's gone. Even if we don't have control over our data, an illusion of control reassures us. And we are poor judges of risk. All sorts of academic research backs up these findings.
Here's the problem: The very companies whose CEOs eulogize privacy make their money by controlling vast amounts of their users' information. Whether through targeted advertising, cross-selling or simply convincing their users to spend more time on their site and sign up their friends, more information shared in more ways, more publicly means more profits. This means these companies are motivated to continually ratchet down the privacy of their services, while at the same time pronouncing privacy erosions as inevitable and giving users the illusion of control.
You can see these forces in play with Google's (GOOG -News-People) launch of Buzz. Buzz is a Twitter-like chatting service, and when Google launched it in February, the defaults were set so people would follow the people they corresponded with frequently in Gmail, with the list publicly available. Yes, users could change these options, but -- and Google knew this -- changing options is hard and most people accept the defaults, especially when they're trying out something new. People were upset that their previously private e-mail contacts list was suddenly public. A Federal Trade Commission commissioner even threatened penalties. And though Google changed its defaults, resentment remained.
Facebook tried a similar control grab when it changed people's default privacy settings last December to make them more public. While users could, in theory, keep their previous settings, it took an effort. Many people just wanted to chat with their friends and clicked through the new defaults without realizing it.
Facebook has a history of this sort of thing. In 2006 it introduced News Feeds, which changed the way people viewed information about their friends. There was no true privacy change in that users could not see more information than before; the change was in control -- or arguably, just in the illusion of control. Still, there was a large uproar. And Facebook is doing it again; last month, the company announced new privacy changes that will make it easier for it to collect location data on users and sell that data to third parties.
With all this privacy erosion, those CEOs may actually be right -- but only because they're working to kill privacy. On the Internet, our privacy options are limited to the options those companies give us and how easy they are to find. We have Gmail and Facebook accounts because that's where we socialize these days, and it's hard -- especially for the younger generation -- to opt out. As long as privacy isn't salient, and as long as these companies are allowed to forcibly change social norms by limiting options, people will increasingly get used to less and less privacy.
There's no malice on anyone's part here [BULLSHIT!]; it's just market forces in action. If we believe privacy is a social good, something necessary for democracy, liberty and human dignity, then we can't rely on market forces to maintain it. Broad legislation protecting personal privacy by giving people control over their personal data is the only solution.
Bruce Schneier is a security technologist and the Chief Security Technology Officer of BT. You can read more of his writing at www.schneier.com
[Google backs Yahoo in privacy fight with DOJ] [Microsoft vs. DOJ]....OPSEC Ops...Shhhhhhhh
[DOJ abandons warrantless attempt to read Yahoo e-mail] Yeah Right! LOL LOL LOL
[Word War III: Google vs. Governments] ...Like I said....S H I T is getting D E E P!
[Open Letter Signed by 10 Countries Slams Google’s Privacy Policies] E.X.C.E.L.L.E.N.T.
Now if we can just get rid the the NSA/SAIC cancer!
[07.19.10 Group Calls for Hearings Into Google’s Ties to CIA/NSA] ? More Damage Control
[06.08.10 Aussie police probe GoogleNSAholes] Yesssssssssssss! :O|O:
[06.03.10 More Google Side Jacking] Rated Top Hack 2007 :O
[06.02.10 Facebook 'Like' Button Draws Privacy Scrutiny] More DoD R&D Backdoors!
[06.01.10 Researchers Beat Clickjacking Defenses of Top Websites] Ya don't say! :O
[06.01.10 Clickjacking Worm Hits Facebook] More DoD R&D Backdoors!
[05.26.10 EU says Google and Microhoo still violate data protection law] E.X.C.E.L.L.E.N.T
LOL LOL LOL [05.21.10 Congress Urges FTC to Investigate Google] LOL LOL LOL
[05.21.10 Germany to Google: Respect data privacy] E.X.C.E.L.L.E.N.T.
[05.19.10 Pakistani court orders gov't to block Facebook] E.X.C.E.L.L.E.N.T.
[05.16.10 Germany Lashes Out at Google for Privacy Breach] E.X.C.E.L.L.E.N.T.
[05.10.10 Scroogle Has Been Blocked By Google] NSA We Can Spy Over SSL Connections :(
[05.09.10 Facebook's Gone Rogue] No Kidding!!!
[05.08.10 Heads Up! Plague in (Security) Software] Intel back-doors
[05.07.10: Stealth installs and adware come to Facebook] Duhhhhhhhhhhhhhh
WAKE UP AMERICA.....IT(s) OUR COUNTRY!!!
Love "Light" and Energy
References: [GoOgLe: We DiDn'T hElP tHe NSA (Or dId wE?) - "TeMpUs OmNiA ReVeLaT"]
[How To Fight The New Cyberspies]
[What Your iPhone Apps Know About You]
[ID Theft: Don't Take It Personally]
[No Hacker Left Behind]
[Cybercrime Checks Into Hotels]
[Oracle Hacker Gets The Last Word]
[Zuckerberg on privacy]
[Schmidt on privacy]
[McNealy on privacy]
[Ellison on privacy]
[Danah Boyd on privacy and younger people]
[The Supreme Court on privacy and secrecy]
[Privacy and Salience]
[Social networking sites downplaying privacy concerns]
[Sites that make misleading privacy claims]
[Humans are a poor judge of risk]
[Academic research on how people make privacy decisions]
Facebook's privacy problems:
Facebook's New Privacy Changes: The Good, The Bad, and The Ugly
Facebook's "Evil Interfaces"
[Time For Google to Grow Up: Open Wi-Fi Privacy Mistake Must Be The Last] :O
Facebook's latest privacy changes:
The value of privacy:
Google responds: LOL
Another essay on the topic: