Collaboration optimize

Why we give away our Internet privacy, according to Cory Doctorow

Many bemoan giving up our online privacy, but few provide explanations of why we accept it. Learn what Michael Kassner found out from one who offers answers and a solution.

"Lawrence's PAN (Personal Area Network) went nuts, intrusion detection sensors reporting multiple hostile reads of his identifiers, millimeter wave radar scans, HERF (High Energy Radio Frequency) attacks, and assorted shenanigans. All his feedback systems went into full alert, going from itchy, back-of-the-neck liminal sensations into high-intensity pinches, prods, and buzzes. It was a deeply-alarming sensation, like his internal organs were under attack."

That realistic peek at the future is from "The Things that Make Me Weak and Strange Get Engineered Away," a short story by science-fiction writer Cory Doctorow. Among science-fiction fanatics -- including yours truly -- Mr. Doctorow is highly regarded for his ability to cross the threshold between today's world and tomorrow's.

Cory Doctorow also uses his unique perspective to write about current Internet issues. For example, "The Curious Case of Internet Privacy," an article in Technology Review about our trading privacy for Internet services.

An Internet story

Doctorow begins:

"Here's a story you've heard about the Internet: we trade our privacy for services. The idea is your private information is less valuable to you than it is to the firms that siphon it out of your browser as you navigate the Web. They know what to do with it to turn it into value-for them and for you."

Doctorow then points out the deal we make with Internet entities when we visit their websites:

By reading this agreement, you give -- fill in the blank -- and its partners the unlimited right to:

  • Intercept and examine your reading choices from this day forward.
  • Sell the insights gleaned thereby.
  • Retain information in perpetuity and supply it without limitation to any third party.

And:

"This agreement is subject to change at any time."

Change at any time

And change they do. Last month I mentioned in this article how Facebook revamped their privacy policy -- even replacing the word "privacy" with "data-usage." Doctorow adds:

"Facebook has more than once overridden its users' privacy preferences, replacing them with new default settings. Facebook then responds to the inevitable public outcry by restoring something that's like the old system, except slightly less private."

The Facebook tactic reminds me of the ever-increasing cost of gasoline. Not long after a bump in price per gallon/liter, resellers will lower the price -- but never to where it was before the increase.

Why is privacy set aside?

I have asked security-conscious people why they set their beliefs aside when joining sites like Facebook. All I get is a shrug or an "I don't know." In his article, Doctorow offers two possible reasons. First, Net Present Value -- I had to look it up. Here's what he said:

"Human beings are awful at pricing out the net present value of a decision whose consequences are far in the future. No one would take up smoking if tumors sprouted after the first puff. Most privacy disclosures don't put us in immediate physical or emotional distress either."

Next, Doctorow delves into psychology. He feels we are subjected to "intermittent reinforcement," a behavioral training technique perfected by B.F. Skinner. Doctorow explains:

"Give a lab rat a lever that produces a food pellet on demand and he'll only press it when he's hungry. Give him a lever that produces food pellets at random intervals, and he'll keep pressing it forever."

Doctorow feels the variability of social reinforcement on sites like Facebook keep people pressing the lever -- in hope of a quick social fix.

Is there a solution?

Doctorow feels there is a solution. To start, use Lawrence Lessig's book Code and Other Laws of Cyberspace as a guide for preserving online privacy. Doctorow offers what would work for him:

"Far from destroying business, letting users control disclosure would create value. Design an app I willingly give my location to and you'd be one of the few and proud firms with my permission to access and sell that information.

Right now, users and analytics people are in a shooting war, but only the analytics people are armed. There's a business opportunity for a company that wants to supply arms to the rebels instead of the empire."

Final thoughts

Cory Doctorow studies interfaces between humans and technology. It is apparent in his writing. When it comes to online behavior, he uses what he learned to describe a privacy anomaly in a way no one else has.

Would you still use Facebook, if...

(The illustration is courtesy of Red Nose Studio and Cory Doctorow's image is courtesy of Jonathan Worth/Creative commons.)

var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");

document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));

// -->

try {

var pageTracker = _gat._getTracker("UA-9822996-4");

pageTracker._trackPageview();

} catch(err) {}

// -->

About

Information is my field...Writing is my passion...Coupling the two is my mission.

95 comments
AZ_IT
AZ_IT

Wow any article I've read in the last few months about the internet leaves a sinking feeling in my gut. I remember the good old days before the internet where computers were still able to increase productivity without the trade-offs of being online. I remember when learning used to be found in books instead of webpages, when people were more concerned with family and friends then the latest "trending" video or post or tweet, when a phone call and letters were the staples of communication. It's sad that for several millenia people were able to survive just fine without the internet and yet today people claim the internet as an inalienable right--something that they can't possibly live without or thrive without. Seriously when did our online connections start to take precedence over our families and neighbors and friends. The reason I joined facebook was to keep in touch with old friends and acquaintances. But 90% of them I haven't seen in years and even after joining facebook my digital--read as: not actual-- interactions with them have been minimal at best. My wife found out the wedding date of her cousin (who she is quite close to) via facebook rather than an announcement, phone call, or even email. When I heard that I was shocked and saddened. I think Tolkien may have been speaking of the internet when he penned the words, "one ring to rule them all, one ring to find them, one ring to bring them all, and in the darkness bind them." What other construct has the same ability to strip our identities and humanity away into a series of ones and zeros and then trap us in the illusion that those ones and zeros have any real meaning. I think I'm going to go and call my wife and ask her how her day is going.

emenau
emenau

Oil-sharks and privacy-sharks, both from the same corporate-shark family. It is time that it is going to change into the other direction, that good sites stand up and GIVE people privacy and freedom. Win customers by being humane, kind and just, instead of greedy, blunt and EVIL. Another BIG / HUGE niche in the market, a new social network that stands up for the right of it's customers. Come on all entrepreneurs! Start launching new search engines, social networks, mailhosts, etc. Make privacy and freedom the new trend. Then Facebook and others either have to comply or just go out of business. Don't let the few control the many, there are more people then facebooks, choose freedom! Just monetize on this niche. The net is big enough for all of us. And if Zucherman doesn't mind about privacy, then why doesn't someone make "zuckermansdata.com" and show the world all the data that he and his family generate.. Oh, I got carried away? :-D Just make things just. Just do it. ....And VOTE on the right things, not on lies.

numaroth
numaroth

Is anyone else having problems seeing the last illustration? For me the last part of the article appears as: "Would you still use Facebook, if??? (The illustration is courtesy of Red Nose Studio and Cory Doctorow???s image is courtesy of Jonathan Worth/Creative commons.)"

pgit
pgit

Every now and then I run by content that I can't access, which through trial and error I have discovered is served off facebook. Whatever the content, usually video, has been uploaded to their facebook account, and is linked (or embedded) on another page, usually a news source. If I want to access the content, I have to temporarily allow scripts from facebook. Any hope of avoiding those tentacles is out the window. Toast. Like unprotected sex with a hooker with AIDS. Has anyone compared fb to a hooker with AIDS before? Wadda ya think? Apt? Over the top??

littlepitcher
littlepitcher

I don't have a Facebook page. Someone does have a Facebook page in this name, opened after I began to use the name, and a previous screen name met the same fate. Many blogs will not allow you to change your screen name, and associate it permanently with your IP address. I've seen Terms and Conditions similar to the one cited, and decline every time. The attorneys who draft this do not expect people to recognize that this means "When you check this box, we own your computer and all of the actions of anyone who uses it, in perpetuity, and we will use this information to own your employment and your life, if we can get away with it." I signed something like this at the ripe old age of 12, to get my dad out of a child support jailing, and a couple of White criminal racketeering families made good money out of raiding my writing and running my employers into short sales for several years.

AlexBert
AlexBert

as much as possible whenever using Internet, and the best way is to use VPN, proxy or secure tunnelling, also encrypted connections (PirateRay, for example)

Chashew
Chashew

Coming from the dark ages was thought to be a good thing.It meant a brighter future and healthier community for all. Now it seems that brighter future has gone into the crapper so to speak. Long ago when computers and the Internet where babys, it was known never to use real any info in creating a profile or account.Now there are bots and tricks used to actually locate you or shut you down if you use a fake ID. So now the really serious problem is WHO! the @7&% are these goofs who we don't know from Adam or Eve that think they have the right to know who we are and what we should like ?????

Joanne Lowery
Joanne Lowery

I haven't joined Facebook, primarily because of its "flexi-privacy" policies. On top of that I can do without the distractions. That said, I am in Facebook, unwillingly, simply because friends and family have uploaded their images and tagged these with names and locations. So, despite not wanting FB to intrude into my privacy, and even without giving them permissions to do so, my details are available to other FB users and FB clients. WTF?

jthompson
jthompson

I have heard from a psychology/sociology expert who says this is primarily an American thing. That Americans are quicker to give up privacy and often see it as a status indicator. I am American, and I cancelled my FB account. I wonder what members from overseas think of this idea... And just to add on to the section referencing B.F Skinner's "intermittent reinforcement", This kind of conditioning is is actually much harder to break. If the rat receiving the food every time suddenly stops getting pellets, it doesn't take long for the rat to stop pressing the lever. If the food from the random lever stops, the rat will go on and on for much longer with out reward. God, I hope we aren't just rats pressing levers!

Michael Kassner
Michael Kassner

Interesting, Bayen. I wonder if that is even possible any more -- simply having a driver's license removes the possibility.

dayen
dayen

We Stand with you, be Paranoia and stealth skills go up that a + that why I am IT so I can know how to hide, I can go dark in a blink

joetron2030
joetron2030

To any web site you visit. Since I began using NoScript with FF (and more recently DNT+), I've been made quite aware of the number of ad networks and data tracking sites that many commercial sites (TR included) use on a single page. What's frustrating is how some sites won't even serve up some (or all) content unless the ad network/tracking site/s is/are allowed access to your browsing data.

pgit
pgit

And the original launch of the 'web,' which was a link between compuserve and the FAA and NOAA computers via arpanet. I remember if you found any "resource" out there you felt like you just made alien contact. It took off slowly at first, but by around 2000, the 'web' was indeed a wild-wild west. As recently as 3-4 years ago I could find arcane things easily, often times it would be some individual with their own server, very low hit rates, but the engines found the content nevertheless. Now, it seems paid results or "mainstream" commercial sites are all you get. I won't go on a rant, I'll just say that the web is definitely not as useful (to me at least) now than it was back in the golden age, ca 2004. It's harder to find things that are outside of the "mainstream," and overall diversity is on the decline.

Michael Kassner
Michael Kassner

I had forgotten the Tolkien quote. And now I have a new analogy to think about.

CharlieSpencer
CharlieSpencer

Who's going to pay the operating costs of these utopian sites of yours? Freedom isn't free; someone has to put up the money to start and run the sites you propose. The current sites you disdain use the sale of participants' data and the resulting targeted advertising to fund their operations. if you aren't going to use that model, how do you plan to 'monetize this niche'? Subscriptions? Pay as you go?

Michael Kassner
Michael Kassner

Sorry, if it is confusing. I had to attribute the earlier images to their owners. WordPress has some issues with captions, so we try to avoid them.

Michael Kassner
Michael Kassner

That means they have accessed and or deposited what they need. You are then owned. Once is enough.

Michael Kassner
Michael Kassner

Is to setup accounts on the social networks, lock them down, and do not use them. Just so that no one else will use your name and cause grief that way.

Michael Kassner
Michael Kassner

You still will leave fingerprints at websites and unless completely locked down, cookies and other tracking software will be deposited on your computer.

Michael Kassner
Michael Kassner

I'm not sure how the business plan works, but there is an unbelievable amount of money being made and why it's getting worse.

Michael Kassner
Michael Kassner

"Flexi-privacy" describes it quite well. As for being an unwilling participant, we all are. And with image-recognition coming into it's own, I'm betting advertisers are already looking to use it.

Deadly Ernest
Deadly Ernest

in contact with a few people I needed to at that time when I had a bad dial up service. I closed it some years back and don't have an account with any of the social media sites, but do have some like here at TR (and TR has the most info on me) and have a few other forums where they have very little in the profile. All the information on me in any of the profiles is already freely available from other public sources anyway. I do have my browser (Fire Fox) set to stop ALL tracking except first party tracking within their site. Heck I got AdBlock plus so well trained (and no I do NOT use a subscription but create my own filters as I go with it's built in capability) that I don't even see the ads here at TR.

Michael Kassner
Michael Kassner

Thank you for sharing that information. As for more of an American thing, I am not sure. Maybe our overseas members will help us out.

Deadly Ernest
Deadly Ernest

good results, then we started to get web sites designed by semi-intelligent posteriors that add meta codes for everything under the sun to increase the search hits their pages get; Google started putting paid for hits at the top of the page, regardless of the very low relevancy, and a few other issues. Now, to get a reasonable result you have to be a Google search criteria expert and use the advanced mode to exclude all sorts of crap. For example, watch to search for info on a person, the first thing is to exclude Facebook, linkedin, twitter, and the other social media crap or you'll get about ten thousand hits for people who are NOT the one you want. You also have to use the double apostrophes to put around the key data to ensure they see a perfect match on that part - eg "Dell gx520" will restrict to anything with that in it, while Dell gx520 will get everything in the world with the word dell (including nursery rhymes) and anything with gx520 (including weird tools etc) as a prime example. With every idiot self-abuser and his canine female friend also using third party tracking and ad serving, well, it stinks worse than a fifty day old garbage strike.

JCitizen
JCitizen

Compuserve! When all you needed was a 1200 baud modem and yearly 800 service! Them was exciting times!! C=

AZ_IT
AZ_IT

The way I see it the following is the list of challenges for the internet. 1. It was never designed to be what it has become, and thus has a lot of vulnerabilities, issues, oversights, etc. 2. The anonymous nature of the internet which breeds behaviors which better judgement or fear of consequences would normally curtail in the real world. I don't believe me or my neighbors should be able to look up instructions on how to make bombs, meth, etc online. What possible good could come of that? 3. This is highly related to #2 but the identity problem with the internet. I should have an identity that is just as real and culpable as my real world one. I should own my internet presence and if I was stupid enough to post plans for how to build bombs on the internet and someone read those, built a bomb, and used it to kill people I should be held accountable for my part in it. If that means that I need a full background check or clearance of some sort in order to have a website, access to the internet, etc then so be it. I am an adult and if I am not willing to take responsibility for what I do online I should be denied access. 4. The security/vulnerability issues. I would argue that network design could also function for the internet. Why can't we have a more secure closed borders internet that encompasses the US and includes a DMZ for those businesses that need/want an international footprint/presence. We could even have a more secure closed borders internet and one less secure open internet that would be opt in. I realize the US has its share of malware authors, hackers, hacktivists, identity thieves, etc but how could cutting out the foreign threat hurt? 5. Information farming, privacy exploiting, whatever you want to call it. If my information is so valuable then I should have a right to compensation. I would much rather pay for a service and have the option of allowing an entity to use my information in return for financial compensation or reduced bills or whatever then not be given the choice. It's information about me so I own it. There's a term for following people around in the real world, it's called stalking and is a crime. Why should cyberspace be any different? 6. A set of laws, guidelines, standards for the internet, I don't really see why these should be any different then real world laws but I'm open to the idea that in some cases they would be. I would argue that with a better design the internet would be a much more suitable place for people to roam. The internet does allow for fantastic capabilities/possibilities for consumers, education, and business alike. But there has got to be a better way to do it then the current system. Especially since the current system is essentially flying by the seat of our pants. PS. This list was in no way meant to be comprehensive. It's just the things that have been weighing on my mind the last few months.

emenau
emenau

Who is now paying for Fakebook, Live, Google, Msn, etc.? Could it be you? It's just the same thing, I don't call it a utopia YOU do. I merely inform about a more humane option. Good to know that you call that a utopia. Though in my opinion it is only a small improvement. All you do is build a new site and the one and only tiny difference that I was speaking about is the EULA (and of course live up to it). All they have to do is pay a little respect for they users, and streamline their policy into that direction. A new site can make money in a new way, just be creative, and ok if you are not creative and don't care about YOUR freedom then just ignore it all. Keep your head in the ground and let then screw you over and over again. (didn't mean it like it sounds, English is not my native lingo and I don't know how else to put it) Thus how to monetize on this niche takes some creativity. It might not be as easy as just being evil and filling your pockets. But at least your customers will respect you back. I did a simplemindes google search and these names poped up Securemail TorProject BTGuard Anmonimiser i2p privacyprotect.org ghostery noscript adblocker and many more... All these people manage to monetize on privacy some in the good way some in the bad way, i don't know all these sites... It just shows that there is a need for privacy. And let me add to that that privacy by default would be a benefit for all of us. From that moment on we all can start working on stuff that REALY brings humanity to a next level. All this greedy shit keeps us humans PRIMITIVE. Think about it, find your niche and grow without being greedy. Zuckerman only wants more money although he has MORE then enough, that is extreme greed, Just like Bill Gates, Ballmer, Bush to name a few... Have a nice and humane day!

Deadly Ernest
Deadly Ernest

I know of several sites where they have a basic service for free, and then you pay a fee for the ability to use the advanced capabilities of the site. They've been around for a number of years and look like being around for many more. Thus, I see this format as being very viable.

pgit
pgit

I understand they get whatever the present context, but if one cleans out stored data and disallows their domain again, are they still capable of tracking beyond that one viewing?

Deadly Ernest
Deadly Ernest

the account think you're active on the social networks and get real angry when you don't reply to their emails and other posts to you via the network. It seems you can't just set it up and then NOT have it show when other users do a search on the name and you can't set it to refuse all contacts either.

JCitizen
JCitizen

I was afraid I said something to make you mad and you defriended me ;)

Michael Kassner
Michael Kassner

Is that all of the technology is based on reactionary information such as signatures. So there will always be some that are not caught.

Deadly Ernest
Deadly Ernest

without the ads, then I email the webmaster and the senior staff of the company the site is for and complain, and let them know that they just lost my business and I now have them on my not recommended list. A few have responded and made changes, but many don't reply and I don't go back to check the site.

pgit
pgit

love this one, and happen to agree: "With every idiot self-abuser and his canine female friend also using third party tracking and ad serving, well, it stinks worse than a fifty day old garbage strike."

dogknees
dogknees

1 - You come into my yard, you play by my rules. 2 - The pursuit of knowledge for it's own sake is a legitimate human drive. 3 - Agree 4 - Is the US taking lessons in statehood from the North Koreans? 5 - My take is that I don't care what you know about me as the law limits what you can actually do with that information. 6 - See 1. If the world is too complex for someone to handle, we don't limit everyone else's access, we expect them to seek assistance. Same thing online.

Deadly Ernest
Deadly Ernest

to stalk you or control you to do the job with a lot more ease. Anonymity is a part of the non-Internet life, their are ways to do things anonymously away from the Internet, so it should stay a part of the on-line life. re the bombs, ask anyone from Europe who was ten years or older in 1939 if they could have used such knowledge. I've never looked for bomb making on the Internet, yet I know how to make a fertiliser bomb as I was shown how to make explosives that way in my teens due to it being a standard way to destroy large rabbit burrows - a few half pound packs and boom, no rabbits. If people really want to learn things, they will; the Internet just makes it a bit easier. The easiest way to secure your company against bad Internet activity is to NOT have the corporate network connected to the Internet, I know a few that work that way, and they don't have to worry about hackers etc. They have no need for all the electronic linkages the net gives people today, so they don't use them. but that's something that should be looked at on an organisational basis. I agree with point 5. Re point 6, there are a hell of a let of International standard, but there is no set of International laws to force adherence to them. This is both true in real life and the Internet, Microsoft totally ignore most of the International standards on computer software interoperability, just as the US congress and China have been ignoring the International laws on Copyright for decades. If you make changes to the Internet to make it as fully secured as Microsoft have been pushing for over the last 20 years you totally destroy what it was created for in the first place, and that would be a major shame. The intent and original design was for a communication system that worked without the need to establish an end to end link and would work its own way around lost nodes. To get the high security Microsoft and Intel promoted with Palladium and you ask for here, you have to do away with send and forget capabilities and self rerouting.

JCitizen
JCitizen

you list track you too; the big advantage is they get all the data and the sites get none. Is that what you are saying? I'm confused! Many of them make a boat load because they have exclusive access to your tracking data. I'm not sure about ghostery though.

Michael Kassner
Michael Kassner

It's about gathering sensitive information about you as well.

Deadly Ernest
Deadly Ernest

track what you do next, but they can kept stored what they know you've done and add to it next time they pick you up.

JCitizen
JCitizen

that you are here again on TR; I hope and pray good health for you and yours. FB now has controls to block unnecessary game and other posts from prolific members. It is a pretty decent development, but I must admit - I only joined for business requirements, and don't really cherish it much; but then again, I'd never be able to keep track of my myriad of family members, or know anything about what was going on with them. I don't know how they found me on FB though. I violate the agreement not to use my real name. If they kick me off - Oh Well! - My bad! :p

Deadly Ernest
Deadly Ernest

I ended up closing the FB account as I was getting several hundred emails a day from FB about people doing things on FB - all but about one a month related to playing games or wanting to have me use this FB add on etc. I got fed up and trashed everything on it. Closed everything down, changed all the info, and to0ld them to kill it. Last I heard, about two months later they still hadn't killed it. But this was before they had those court cases about not killing accounts, so it may be dead by now. If it's TR, then best send me another befriend whatever for TR as I was inactive for quite a while due to health and a few other life issues.

Michael Kassner
Michael Kassner

But, several does not account for the millions who just want to get online and do their thing.

pgit
pgit

If you wouldn't mind, perhaps you could post it to a public upload site so's we could all have a look. I've contemplated doing similar, but I never seem to have the time.

Deadly Ernest
Deadly Ernest

a large majority of my clients now are real technophobes, yet I've trained several in how to do this as it's so simple. In the next few weeks I'll be writing up a short document with screen shots on how to do this, if I remember when I'm finished, I'll send you a copy to look at. The process is very simple and easy to do. edit to answer pgit when I get the document done up I'll dump it to drop box and come back here to post the link for all to see, as well as put it on my web site. Yeah after all this talk about security I do have a lot of personal type info (but not what I call private) on my own web site, along with a lot of other neat stuff and educational documents. edit to reply to Michael, I agree that millions go on-line, but the process is not hard, nor is it complicated, just a little harder than using a bookmark, so it's simple to teach people and well within the skills scope of the average user. However, it all comes back to that old saying about leading horses to water ......

Michael Kassner
Michael Kassner

But, I see what you do as not being workable for a vast majority of users.

Deadly Ernest
Deadly Ernest

who pay the list manager NOT to block their ads. That's why I use no subscription list a d use the "Show Blockable Items' option to see what's happening and create my own list. It's specifically targeted to the sites I use and is a dang sight faster to run as it's less than one tenth of any subscription list. But anything new requires I have to amend the 'signature' or site list in the filters. However, the upside is the majority of them rely on third party cookies and my blanket blocking of third party cookies kills a lot off as well.

Michael Kassner
Michael Kassner

I just read where old-fashioned television is fighting to make it illegal to watch their shows and skip the commercials.