The history of privacy is full of public disclosure.
My Grandmother’s notion of privacy was quite different than my own. And my teenage daughter’s notion of privacy is, correspondingly, different than my version. So while the concept of privacy changes over time, within the public imagination, we all seem to cling to some gauzy, vague notion of privacy to mean we have control over what information should be kept private and how our information is distributed over the web.
This universally romantic notion gets universal support from government agencies, the media, websites, trade organizations – just about everyone. Corporations world over struggle mightily with new, complex questions about how to assure privacy. And privacy advocacy groups vigorously defend this principle because they see privacy as the thin line in the sand that protects us against autocratic [fill in “evil” corporate or government name here] control.
So while you see a lot of lip service paid to privacy, there seems to be little concrete progress on how to execute privacy in today’s fluid information flow environment. Worse, I think all the privacy rhetoric has perhaps, imprudently, raised consumers’ privacy expectation to a level that is possibly not even achievable today.
It seems, therefore, that a recalibration of the notion of privacy is in order that strips away dogmatic devotion in favor of a real world, practical approach that can get the job done.
To gain insight about what a practical approach might look like, let’s go back a few thousands years and see how privacy has evolved. The first thing we notice when we look at this subject is that today’s concept of privacy as a universal right was simply not operative for most of civilized history (if you didn’t guess already, my early training was in history). One’s identity was assumed to be “public” and fully transparent because “people” were considered the “public assets” of the prevailing rulers. In virtually every society since ancient times, there was a rigid code for conduct and dress that clearly identified everyone by class and depending on variations of this code, by village or clan or family. Nor was privacy operative in “private spaces” since communal living was the norm.
Our modern idea of privacy really did not fully emerge until the middle of the 20th century. The massive expansion of the middle class post World War II “democratized“ lots of things like dress codes so identity became more cloaked (pun intended). The middle class could “pass off” as anyone and with that, the first modern sensibility of “privacy” was born. This budding notion of privacy was then buoyed by the new affluence of the middle class who started living in bigger homes which increased our appetite for privacy because it became a mark of success. Finally, during the paranoia of the Cold War when the government had aggressive wiretapping programs and the McCarthy black lists, our current notion of privacy hardened into the near sacred status enjoyed in our popular imagination.
Looking at it from an end user’s perspective, the view gets even more confused, (unless of course you have an advanced degree in electrical engineering plus about 10 years of hard core programming). Cookies are handy for end users but they are quite “invasive”, despite assurances from cookie crumb collectors that they only collect information, not individual user data. Or would end users consider a remarketing campaign as crossing the “privacy” line? And don’t get me started on how email privacy standards are violated shamelessly.
Now to add to the confusion, the rise of social networks raises new issues; should we assume the profiles we post in our social networks are private or public? Who should control where my profile is displayed? It’s not hard to understand why Sun Microsystems CEO Scott McNealy is famous for having said; “You Have Zero Privacy Anyway. Get Over It”.
I do see where he is coming from, but that is rather a draconian approach that undermines the value privacy does have in all societies – digital or otherwise. I would rather advocate we need to update our notion of privacy and build standards and processes with an updated vision of the concept. What I am proposing here are a few starter “how to’s” that can begin to pull us out of the quagmire we seemed to be stuck in.
First, for those of us who operate social networks, communities or websites, let’s start to apply a consistent “default public” set of business rules to reflect the general consensus that social network participation is acceptance of a public digital life. Similar to your phone listing in the phone book – you are “defaulted in” unless you opted out. That begins to shift the basic model that allows people to take full advantage of their digital social lives by helping them manage efficiently their public information. Be sure to recognize that the inevitable demographic differences in privacy requirements between groups means you will need to provide all users granular controls to keep everyone happy.
Second, it would be useful to create an industry-wide, standardized hierarchy of information sets which would have specific privacy practices appropriate to the risk factor. For instance, typical “low risk” information gathered by social networks can be handled one way whereas “high risk” information could be driven by a different set of processes. This data architecture and practices can be standardized across networks.
Third, the industry, I mean here social networks, corporations and media, need to better support the W3C’s noble work in this area. I was at a conference on Semantic technologies recently and I heard a fairly desperate appeal to help support continuing the work in this vital area.
Fourth, we need to create clear remediation processes should someone’s privacy be digitally violated. This is a place for the government to step in with clear remediation mandates similar to guidelines it mandated to companies in the case of data breaches.
Fifth, let’s accelerate development of new, Internet powered ad platforms that are consumer driven. A “pull” ad model solves many of the privacy problems that behavioral marketing programs fall prey to because it resolves the irreconcilable tension between marketers wanting to learn everything about prospects and consumers’ resistance to be so overtly “manipulated”. The Internet is incredibly well suited to this model. (A word to the IAB folks – this is a great initiative for you guys.)
Now a word of encouragement to those of us who have a fond, unabashed attachment to our privacy. First, it may be comforting to know that the fact that we ever had privacy as we know it (dare I say knew it), may have been a brief blip in history that we were lucky enough to experience. Second, I won’t tell you to get over it – but I will tell you to reverse your thinking about privacy. Shift your thinking from privacy concerns and onto how to manage what is public about you anyway.
Everything old is new again.
PS – I think the new Google Dashboard is a very positive step forward. See my YouTube video explaining why. http://www.youtube.com/watch?v=MXEiOlD7Y0I
Filed under: Google, internet security, Privacy | Tagged: judy shapiro, onlne privacy, PC security, privacy in the digital age, security, Trusted Internet | 1 Comment »