Principles of privacy in the age of internet surveillance
The whole notion of privacy is under threat in an emerging online world that some are now calling the Age of Context. This is the world where a massive amount of intelligence about us will be continuously gathered using an array of apps and sensors. This is also the world that makes no commitments on how much of it is shared? Who is it shared with? And how is it being manipulated?
It is entirely possible in the future to create a contextual mobile app that uses a mic to listen to the noises around it. On the surface, it doesn't seem to be of much use, but what if it was built to recognize vocal patterns and knows where kids mostly hang out, how lovers chat, where dogs bark.
The question is what would anyone do with that kind of information? Some make a case for better more targeted advertising to the person using the app. If the advertising giant like Google knew the kind of noises that surround a person’s daily life then it can place more effectively targeted ads about dog food, dinner dates, or diapers.
Now imagine a future where a contextual mobile app uses camera embedded inside eyeglasses to see a world around a person. It can recognize even more objects and know such intimate details as the demographics of your friends and family members; are they younger, older, high income, low income, males, females, athletic, nerdy; the possibilities are unlimited.
Now overlay the sounds on top of the images and the apps can discover the context of your conversations with friends and family. It would know your political views, job satisfactions, domestic troubles, and so much more.
Now imagine a contextual wearable device like a bracelet or a watch that can read your vital signs such as heart rate, perspiration, and so much more. In fact, a watch like this has been demoed at tech events in past, and more such devices are likely to arrive in next few years. Following is the link to the Basis watch.
I have to imagine that some big data company with enough intention can overlay the visuals, the audible, and vital signs to know where you were lying, cheating, or telling the truth.
There are clearly advantages to the users of such contextual apps and wearable devices. Our devices will get smarter about our routines, our food preferences, our favorite friends, and watch out for a possible sign of illness. The potential for wonderful solutions are abundant. I can surely envision a large army of brainy engineers that will surely be hard at work to use the contextual data from every minute aspect of our lives, and transform it into wonderful solutions to solve our grade A first world problems.
However, the potential for abuse is just as high.
There are those among us who don’t care much for their privacy, they would freely share every intimate detail of their lives with anyone who wants it. They have a right to do so, but it is the bystanders that get will get roped in to other people's context. The teenager walking down the road, the elderly person in a store, couples, kids -- all unaware of being discovered, analyzed, and cataloged without their knowledge.
The real question is at what point does the age of context turn into the age of surveillance? How much will people really tolerate it? What if government was doing it instead of private companies? Would it be better with Google tracking us or the government? Who is to decide?
What about foreign governments? The line between good guys and bad guys is very blurry in many parts of the world. Since the technology has global reach, there is a LOT of potential for abuse among those who gain a lot from abusing common citizens.
The only thing that will bring a balance to this force of seismic proportion is more attention given to privacy. Not the bare minimum privacy that would keep critics at bay, but privacy woven deep in the fabric of our increasingly contextual online world.
At the minimum, the technology industry needs to come forward and propose real solutions for allowing people to opt-out from other people’s context. This isn’t a small problem, it is massively complex problem that requires the smartest minds to figure it out. The tech industry to this day hasn’t even recognized it as a problem, let alone started any debate on this solution.
In my opinion, the generational shifts in concepts don't survive when built upon the outdated principles of yesteryear. The concept of the contextual age will surely implode if it is based on the current assumptions that the general public can be fooled into revealing and sharing intimate details of their beings without much repercussion.
The tipping point will eventually come when concerns become issues, issues become paranoia, and outright scare takes over. No one will win when people feel scared. Not the big tech companies, not government agencies. What’s more, people will sadly lose the potential of the wonderful benefits the contextual age could provide.
All one needs to do is look back in recent history to the Y2K scare. The potential for disaster may or may not have been that high, but it was certainly made to look that way by mass media -- as a terrible and certain future. History tells us over and over that a small amount of public fear in the hands of mass media turns into fear at massive scale.
The tech industry wouldn't want such a mass hysteria against their products. The only way to keep the public on its side is, I submit, a complete rethink of technology solutions using a new mantra: "Privacy First Design."
Here is my first attempt at outlining the principles for the Privacy First Design.
1. All contextual data is owned by the user of the device/app.
2. Explicit permission must be obtained from the owner of the data for any action that results in creating a value for anyone or any entity, other than the owner of the data.
3. Any contextual data gathered about the people that exists in the sight, hearing, or digital presence of the device/app user must be gathered anonymously, must never be identified as another known user, must never be tagged based on gender, age, race, religion, ethnicity, or sexual orientation.
4. Device/app owner must have the ability to be tracked using a pseudo identity. This will prevent the gathering of a person’s legal name, exact age, gender, and other identifying traits.
5. Absolutely no data collection for anyone under the age of 16 without parental consent.
6. Device/app owner must have one step ability to opt-out from all contextual gathering of data.
7. Device/app owner must have the ability to have his/her historical contextual data permanently erased.
Let me give you an indication of how badly the Privacy First Design principles are needed. In February 2012, the popular social app Path was found collecting all contacts from its users smart phones. It did so without asking user’s permission and transmitted that data unencrypted to its servers. This is a classic example of how people whose information happens to be stored on other people’s smartphone was stolen without consent. The FTC took notice of such practices and fined Path a penalty of 800K in February 2013. Following is the article on LA Times that explains the FTC’s decision.
The legal troubles of Path shed some light on the overarching concerns with privacy of information but it didn’t provide a real long term solution. I fear that without comprehensively defined Privacy First Design principles, the future will bring lot more troubles for the tech industry.
With the Internet of Things rolling out we will have cars, set-top boxes and sneakers that will offer us online services. .. it will all be driven by data. Data, data, data. Big data in the Cloud, little data in my sneakers. Whatever company, brand, government or organization that can pull together my real-time information will be able to influence accurately what my online context is like at any moment. . . For brands and the companies they represent the Contextual Web 3.0 will mean much deeper cross-department integration. Product and Marketing are already the same team, if companies recognize it or not. Sales, Customer Service, Manufacturing and Distribution will all need to be wired into the company’s Web 3.0 in order to respond in real-time or near real-time.
Welcome to Web 3.0, The Contextual Web | Social Media Today
