Saturday, February 4, 2012

Privacy, Extremism, and Learning from the Military

When I started using the internet 15 years ago, one of the biggest rules on German newsgroups (usenet) was to use your real name for posting. This was considered courteous. Using a nick name, a pseudonym, was considered rude—to the point where quite a large number of people would simply not respond if you used a pseudoynm.

Now, 15 years later, the requirement to use your real name, be it with Google, Facebook, or other service, causes the same people to be upset about the breach of privacy. To the point where those who require real names to be considered “evil.”

What happened?

Privacy Awareness

It would be nice to claim that everyone achieved a new level of awareness for privacy concerns. Sadly, that’s not the case. There’s a lot of hysteria and FUD around about privacy.

Some examples?

I was told that putting where I work on my Google+ profile would be weird because I publish too much information about myself that way. A quick google for my name plus “Mitarbeiter” (German for employee) found my employer’s homepage as the first hit. Oh shit, sue them for breaching my privacy!

Later, I mentioned how I put some notes about what I wanted to talk about with my bank in my Google Calendar. I was asked, “why would you tell Google about that?” That left me a bit baffled. Putting it on Google Calendar via HTTPS is a lot more secure than, say, talking with a goodfriend about it via unencrypted e-mail. Google gives me a legal list of what they do with that information, and it’s encrypted. But it’s evil Google. FUD.

Finally, I once forwarded some article that a friend gave me. I did what every good scientist does: I attributed the source to him. But he told me that he’d rather not have his real name on the net. Not even that he would rather not be associated with that article (it was innocent enough), but that he’d rather not have his name on the net.

On the other hand, not every privacy concern is unwarranted. Telling the world where I currently am, via services like Foursquare or Google CheckIn, feels pretty over the top. What possible good would that do? I can see how telling your friends might be nice, for incidental meet-ups because you happened to be close-by—but telling the world? The most obvious case of abuse are burglars who can more easily check whether you are at home or even on vacation, and that’s not very far-fetched as a concern.

The problem I think we have here is that there is no well-understood idea of what privacy is and what it is meant to do. Hence, it is difficult to communicate to others why it is important to keep some things private. We have a vague feeling that it is important, but are not really sure why.

What can be kept private?

There is an interesting debate going on about what can be kept private at all. A group of people go as far as to claim that in the information age, keeping information private at all is impossible. This so-called “post-privacy” claims that we should simply stop being concerned about privacy, and start learning to live with a mostly-transparent society.

This is an interesting approach. As usual with leftists, it reeks of false dilemma fallacies and black-or-white-thinking, but the basic idea has some merit. It is indeed difficult to keep information private. That means we, indeed, should simply accept that information, once communicated, might in some form or other become public. On the other hand, there is no reason why we should make that process easier.

What should be kept private?

Leaves us with a simple question: What should we tell others about us? What should we communicate on the net at all? Because the problem is that we have a rather annoying predicament here. Extremes are obviously bad.

On one hand, telling the world everything about us makes us vulnerable. Vulnerable to theft, burglary, libel, attacks, etc. Our children already have to deal with websites that defame them. Something that can harm their development a lot—the bullying now can not be gotten rid of simply by switching social groups anymore. The same is true for adults as well. Bullying is a net problem now. What is known about us will follow us forever. If there is something we would not want to be known to the world at all, as opposed to it being simply kinda annoying if it was know, it should not be on the net, period.

On the other hand, the internet is undeniably useful. Social networks are great. And most information about us is not going to be dangerous or problematic at all. Simply opting out of all internet work is not helpful and not communicable. We need to find a middle ground.

So, how much information to pass on? It’s interesting to note that this problem is not new, just the scale is. Military and espionage services have faced such for a long time: Anything they tell anyone might lead to dire consequences, but on the other hand not telling anyone anything makes them useless. The solution they found this is called “need-to-know”. The basic idea here is to transfer all information that the other side needs to know to fulfill their role, but not more.

Or, to put it in a different phrase, as little as possible, but as much as necessary.

In an era where information is free and permanent, we all have to be careful with our information. But we all also have to stop being more careful than is good for us.