EOF - Privacy Is Relative

Meaning, its context is relationship—or the absence of one.

Years ago, I worked with PGP (Pretty Good Privacy) when it was a startup company and not what Phil Zimmerman created in the first place: a pretty good way to keep communications private. In the course of that work, I developed a belief that privacy was one of those topics that was too important to ignore, yet too complex for most people to understand, especially if it involved technology more complex than a key and a hole. So I've mostly avoided the topic, leaving the worrying up to people who are required to wrestle with it—meaning, developers.

But now, I'm running a development project, and not a day goes by that privacy doesn't come up—or worse, require consequential thinking about nitty-gritties: code, protocols, policies and (worst of all) legal stuff. So I've been trying to think in new ways about privacy—what it means and how to put that meaning to work.

Let's start with celebrities. These creatures can play a helpful role in studies of privacy, because they have less of it than the rest of us. Celebrity is a kind of albinism. It robs its victims of the pigment we call anonymity, even as they are dressed in fame. So they stand out. Worse, they attract the attention of paparazzi, whose purpose in life is to maximize celebrity exposure.

Mass media (the natural environment of celebrity) reduce and confine the degree to which celebrities can enjoy simple one-to-one, or one-to-any, relationships. So celebrities hide. Or give up. Or both.

Scott McNealy famously said, “You have no privacy. Get over it.” Asked by a gaggle of San Francisco Chronicle reporters to expand on that, he replied, “The point I was making was someone already has your medical records. Someone has my dental records. Someone has my financial records. Someone knows just about everything about me. Gang, do you want to refute my statement? Visa knows what you bought. You have no privacy. Get over it. That's what I said.”

For years I thought, “Well, that's true for him.” Because he's a celebrity. But lately, I've thought more about the rest of what he said, which was about data. The fact is, your medical, financial and dental records are not yours. They might be about you, but they don't belong to you. They belong to your credit-card company, your broker, your dentist.

We go to those professionals because we can't or won't perform their work by ourselves. So, because they're the ones producing data about us, it only makes sense for the data to be “theirs”—at least in the locational sense. After that, the distinction between control and possession comes up only when somebody else needs the data. If that's you, all you need to do in most cases is authenticate yourself. Then you can have it.

In the physical world, that's fairly easy. We just show up looking like ourselves. If we have a familiar working relationship with our dentists, bankers or brokers, they won't bother asking for our drivers' licenses. They'll just shake our hands, tell us to have a seat and ask us how we're doing.

This illustrates how there are essentially two forms of privacy. One is the kind where you hide out. You minimize exposure by confining it to yourself. The other is where you trust somebody with your information.

In order to trust somebody, you need a relationship with them. You're their spouse, friend, client or patient.

This isn't so easy if you're just a customer, or worse, a “consumer”. There the obligation is minimized, usually through call centers and other customer-avoidance mechanisms that get only worse as technology improves. Today, the call center wants to scrape you off onto a Web site or a chat system.

Minimizing human contact isolates your private information inside machines that have little interest in relating to you as a human being or in putting you in contact with a human being inside the company. Hence, your data is indeed safe—from you. It's also safe from the assumption that this data might in any way also belong to you—meaning, under your control. It's still private, but only on the company's terms. Not on yours.

This mess can't be fixed just by humanizing call centers. It can be fixed only by humanizing companies. This has to be done from both inside and out.

Recent changes in the sounds coming from the CRM community are highly encouraging. So is the growth of free and open-source CRM systems and the interest of CRM giants such as Oracle in VRM (vendor relationship management), which is the development movement I'm involved in.

Paul Trevithick, the main developer behind Higgins (www.eclipse.org/higgins), makes an interesting point: both the Net and the Web were born without the concept of an individual. There are endpoints on the Net and files on the Web—and the presumption that somebody will do browsing or viewing. But here is no instantiation of the individual himself or herself, except inside company silos.

Keith Hopper says, “The customer should be his own silo.” Building those won't be easy, but it will be necessary if we want privacy that's more than pretty good. Those silos will have two effects. One is to contain our data and put it under our control. The other is to position us as an equal: a free and independent entity rather than a captive and dependent one.

Doc Searls is Senior Editor of Linux Journal. He is also a fellow with the Berkman Center for Internet and Society at Harvard University and the Center for Information Technology and Society at UC Santa Barbara.

______________________

Doc Searls is Senior Editor of Linux Journal

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

X-RM, Your own personal data silo

Graham Sadd's picture

As you know Doc, this is what we have been preaching and building for some time. The recent collapse of TRUST has created a climate of change in which the PAOGA proposition can now thrive.

White Paper
Linux Management with Red Hat Satellite: Measuring Business Impact and ROI

Linux has become a key foundation for supporting today's rapidly growing IT environments. Linux is being used to deploy business applications and databases, trading on its reputation as a low-cost operating environment. For many IT organizations, Linux is a mainstay for deploying Web servers and has evolved from handling basic file, print, and utility workloads to running mission-critical applications and databases, physically, virtually, and in the cloud. As Linux grows in importance in terms of value to the business, managing Linux environments to high standards of service quality — availability, security, and performance — becomes an essential requirement for business success.

Learn More

Sponsored by Red Hat

White Paper
Private PaaS for the Agile Enterprise

If you already use virtualized infrastructure, you are well on your way to leveraging the power of the cloud. Virtualization offers the promise of limitless resources, but how do you manage that scalability when your DevOps team doesn’t scale? In today’s hypercompetitive markets, fast results can make a difference between leading the pack vs. obsolescence. Organizations need more benefits from cloud computing than just raw resources. They need agility, flexibility, convenience, ROI, and control.

Stackato private Platform-as-a-Service technology from ActiveState extends your private cloud infrastructure by creating a private PaaS to provide on-demand availability, flexibility, control, and ultimately, faster time-to-market for your enterprise.

Learn More

Sponsored by ActiveState