It turns out that there is a low-tech solution that can help you prevent seeing photos of yourself appear in other people’s Flickr streams. I’m not sure if you can actually see through them though.
An Israeli researcher, Yair Neuman, has developed an algorithm that analyses blogs and identifies depressed bloggers based on their writing. When clinical psychologists were asked to evaluate the same blogs, their views and the software’s output matched in 80% of the cases. Neuman sees this development has having practical applications: for instance, by enabling mental health workers to identify individuals who might need psychotherapeutic help.
Neuman himself seems well aware of the privacy issues here. He had permission from all of the bloggers whose writings were included in the study to use their blog entries; also, in his description of a usage scenario of his software he says, “Through this software it will be possible to contact a blogger and request a general examination of the contents of his blog. If the blogger agrees, he will know whether he needs to seek professional counseling for any possible distress”.
There are a number of interesting issues here. First off, one might say that this has no place in a blog about privacy as people’s blogs are inherently public. If someone is blogging, they want the world to know what they have to say. However, they may not have intended their writing to be analysed for the sake of making some kind of psychological report.
Second, one might say that a blogger who wants privacy can blog under a pseudonym. Third, one might say that an algorithm that can tell me that someone who wrote “oh my god my life is not worth living i’m so depressed” is depressed is not that clever. We don’t know which texts were analysed, so we’ll have to withhold judgment on that.
If there is a privacy issue here – and I’m pretty sure that there is – it is related to the technologies I wrote about in a previous post, namely, technologies that claim to infer our psychological state of mind from remotely taken physiological readings. If this technology could create some kind of psychological profile of a blogger, even, or rather especially, when he is not writing about how he feels (but rather about sport, say, or technology and privacy), then it would be a very powerful tool. I am not saying that this is what Neuman’s algorithm can do right now; instead I’m using it to think about possible developments, one of which might be the creation of a psychological profile of a blogger that stretches over years (the internet never forgets, remember).
I’m just reading an interesting article about how the mass media (i.e. adults) talk about how children and youth use technology. You know the story: kids today share every intimate detail with each other about their lives; they have no sense of privacy; when they grow up, there really will be no privacy left in the world…
But Susan Herring makes the excellent point – one of those points which is obvious once you come across it, but which you hadn’t necessarily thought of beforehand – that today’s youth and children are the most monitored and watched over generation ever to have lived. Their schools have CCTV cameras and they pay for their lunch at the canteen electronically (meaning their parents can see what they had for lunch every day this week); their parents install internet monitoring software on their computers; their parents use their kids’ mobile phones and their cars’ GPS systems to track them…
All of which raises the slightly subversive question: when adults say with despair that “the kids” don’t care about their privacy, are the adults not being perhaps a little bit hypocritical?
It does say in the name of this blog that I am a sociologist. I think that in some of the posts I write more like a privacy advocate, but this time I’ll try to avoid that. Every day I get a few links from Google alerts – I have an alert set up for “the future of privacy”. Just now I found myself reading some kind of business blog. It included the following paragraph:
Privacy is one of today’s “hot button” issues as technological advances have enabled increased access to, accumulation and manipulation of data on an unprecedented scale. Further, there is a growing societal need to share almost everything; Geolocation services like Foursquare and sites like Blippy and Twitter being but a few examples. There also seems to be a generational divide where, as a rule, those under 30 share anything about themselves without thinking twice about it.
This paragraph concisely expresses what would appear to be the dominant views on privacy today. So let’s do some sociology and unpack these views a little bit.
We can’t argue much with the first sentence. That much is undoubtedly true.
However, I cannot accept that there is a “growing social need to share almost everything”. People share information because they “need” to? No, that will not do as an explanation. I’m not going to pretend to know why people share the information they do, but it is not because they “need” to. It might be because they enjoy getting attention, because they find it helps them form and strengthen relationships with people, because of peer pressure, because they think it’s fun, or for a number of other reasons. I don’t know. But I do know that it’s not because they “need” to. If there’s a social need to use Blippy, for instance, then why isn’t the author of the blog I’m discussing using it? Why isn’t everybody using it? (Hint: because lots of people think that their credit card information is none of anyone else’s business.)
The next sentence refers to the “generational divide” between the under-30s and over-30s, whereby the under-30s indiscriminately share any and all information about themselves. This is a very popular conception, but increasingly research is showing it to be misplaced. For instance, a fascinating article in the New York Times discusses the increasing discretion among younger internet users. Meanwhile, a review of teens’ use of the internet suggests that younger people view privacy in a different way from older people, but that this does not imply a thoroughgoing laissez faire attitude to it. For instance, kids certainly want privacy from their parents. Perhaps paradoxically, it is the kids who use the internet most who are most aware of what they can do to protect their privacy. In any case, lack of knowledge should not be read as a lack of concern.
The idea that the under-30s tell all about themselves is a popular notion, but one that doesn’t really stand up to scrutiny. I expect more and more academic studies to show this in the near future.
I’m doing some research into privacy and technology. I’ve probably mentioned that already. Yesterday, as part of my research, I interviewed an man who has been involved in the internet in Israel since 1994. We had a very interesting chat over a lovely cup of coffee in a very beautiful corner of Tel Aviv (Cafe Ben Ami, if you were wondering).
Our conversation was very interesting, but then it occurred to me that we hadn’t really explicitly defined which aspects of privacy we were talking about. We were mostly talking about how people put more and more stuff online, more and more of which is publicly accessible by other people. In other words, we were talking about privacy in terms of the stuff other people know about you.
This is no doubt interesting, but I’m not sure it’s the main point at all. I think that of more interest is what machines know about you, and how this enables them to target you with certain adverts. For instance, Google’s search logs have been called a “database of intentions”. Put very simply, your past behavior (and your searches are in some ways a proxy for your behavior) might predict your future behavior. If, every Friday, you search for a nice place to go out for dinner that night, how complicated would it be to give you an advert on Friday morning for a restaurant?
This is why Elliot Schrage, vice president for public policy at Facebook, gets it completely wrong in his really quite awkward questions and answers piece in the New York Times. As far as he is concerned, there’s no problem with Facebook sharing your data with other companies because they never share your name or other personally identifiable information. (The issue of de-anonymization is one for another post, so I’ll just put that aside for now.) The point, of course, isn’t that they have my name. The concern isn’t what other people know about me (or at least, that’s not the only concern). The concern is about how knowledge of my past behavior and interests might enable a commercial entity to have too much influence over my future behavior and consumption decisions.
A lot of the talk about privacy nowadays revolves around the ways that the bodies with whom we entrust so much information about our lives might misuse that information.
However, there is another aspect that is to do with the increasing complexity of the tools we use to manage our day to day lives. Sometimes, these tools get so complex that no one really understands exactly how the entire system works. They are so complex that changes to one part of the system are liable to have completely unintended consequences for other parts of the system. And the point is that the system is so big and complex that these consequences cannot all be checked in advance.
Facebook has become such a system. We know this because sometimes it does things that the people in charge of it are completely unaware of. For instance, for a while yesterday there was a security flaw in Facebook that could
expose personal information by enabling your Facebook friends to see both your live chats, as well as your pending friend requests.
Facebook was quick to resolve the flaw, but the point is that it was there, and it had been discovered by people from outside Facebook.
What does this mean? Well, it reminds us of another way in which personal information about ourselves that we entrust to a commercial entity might be accessible by strangers. This is not because of malintent on the part of Facebook, and I’m not even sure I’d say it was because of their negligence, but rather it is a consequence of the complexity of the systems in which we spend so much of our lives.
When you surf the internet, you are, by and large, anonymous. I don’t mean that your online activities can’t be tracked back to you via your IP number and your ISP, but that the site you are visiting doesn’t know who you are. You can log in to the site, and by doing so you are telling the site who you are. But the default is that you are anonymous.
The significance of the recent changes in Facebook that I discussed in the previous post is that they herald the end of anonymity as we surf. So far there are three sites who know who you are when you access them – Pandora, Yelp, and Docs.com. There will be more. What this means is that you will be taking your Facebook identity with you wherever you go on the internet. You will not be anonymous. Our online and offline identities, which are already merged in Facebook, will be united across the entire internet, with Facebook, a commercial company, acting as the go-between.
You can opt out of this. Right now it’s easy enough – there are only three sites you need to do it for. But as Facebook spreads out to more and more sites, it will become harder for us to control. This means that sites will be able to serve us with more personalized experiences (and more individually-tailored advertisements, of course), which for many people may be a worthwhile benefit. Other people may be slightly anxious that a privately-owned company is becoming the mediator between us and the internet.
This morning I logged onto Facebook and found a message up there at the top of the page. This message was telling me that I can connect with my friends on my favourite websites. Ooh, I thought, lucky me.
Right there in the box is a link that I can click on in order to learn more, and understand my privacy. So I clicked. I learnt that I can expect to see a “Like” button on various sites that I can click on to share the site with my friends. The site gets no information about me. This can be quite useful to people who like to post links to sites they think other people might like to see and I can’t see any privacy issues here.
The other thing they mention is something about partner sites, including Microsoft Docs. From what I can glean, this is to be a service that competes with Google Docs. You can create documents and share them with your Facebook friends in much the same way that you share photos. So where’s the privacy issue? It says on the Facebook site, “You can easily opt-out of experiencing this on these sites by clicking here or clicking “No Thanks” on the blue Facebook notification on the top of partner sites”. So far so good. But, it goes on: “If you opt-out, your public Facebook information can still be shared by your friends to these partner sites unless you block the application.” What does this mean? What is “the application”?
I did some digging and found out that I can block the Facebook application, Docs. I didn’t install it. Why should I have to block it in order to prevent it from getting information from me?
I think there are three things to note here:
- This is actually normal Facebook app behaviour. They all try to get information about our friends from us. You should check how much of your profile is public, because you have no control over the apps your friends install.
- I don’t like the opt out option. Surely it should be opt in? Shouldn’t it always be opt in?
- How long before someone creates a personal doc and shares it with the world? And when they do, is it their fault for not reading the manual properly?
I just read about yet another location-based service. This one is called Glympse, and it looks very cool. The privacy issues with location=-based services are so blatant and manifold. What is also clear is that users are concerned about their privacy, and so Glympse goes to great lengths to assure us that we have nothing to worry about.
The way it works is that you send a “glympse” to someone, or a group of people, or all of your Facebook friends. They receive a link. When they click on that link, they can see a map with your location on it. If you are moving, they can see that too. If two people send each other glympses on their phones, then I guess they should be able to walk in each other’s direction until they find each other.
The people at Glympse have built privacy into this app in a number of ways. One is that you can define how long you want to be visible to system for. The default is 15 minutes; the maximum is 4 hours. Another is that you decide who can see your location.
I think this is an example of how a company is showing awareness of the privacy needs or wishes of its potential end users, and is designing privacy into what is clearly a privacy-threatening application.
I read this morning that the Israel Police want to hook up existing CCTV cameras in businesses in Tel Aviv to a central police observation station. Let’s admit it – this is a very clever idea. Instead of buying all the equipment yourself, just use someone else’s. On second thought, though, aren’t most businesses CCTV cameras pointed at their shelves of goods to prevent people stealing? Are many of them pointed at the street at all? Either way, that’s not really the point (also because the plan includes CCTV cameras owned by the municipality and public buildings).
The point is that Tel Aviv is joining that growing list of cities with extensive CCTV camera coverage. The police say that it will give them another set of eyes wherever there is an event going on. A consequence of this is not that we (people like me who live in and around Tel Aviv) will be filmed in more places, but rather that the police will be able to access these images in real time across the city. Also, the police will be able to store these images indefinitely, which businesses may not do for more than a day or two. There’s no word in that article as to whether they intend to do that or not.
But the part of the police’s plan that is most worrying for anyone concerned about privacy is their stated wish that anyone wishing to install a camera in his or her business will be legally required to put it online and make it accessible by the police. I have no idea whether this will become law, but it’s a pretty radical idea.