The story in the news this week is about Sears getting caught installing ComScore tracking spyware surreptitiously on customer's computers. Who knows what it will be next week? Who knows what lurks in the shadows, set to make the news in the coming year or not at all?
]]> I want it all, personally - I want my data to be free, I want to be in control of it and I want to have control over my privacy as well. Is that too much to ask? The watchdog group Privacy International released their annual report today about privacy around the world and put the US in the lowest category - "endemic surveillance societies." Can we figure out how we can minimize surveillance while balancing privacy and the incredible opportunities that come from making at least some of our data open?Beyond that big question, there are a lot of "little questions" that we need to engage with as soon as possible so that we don't lose out on privacy or Open Data, one at the expense of the other.
Here's my list of important questions, what's on yours?
Contemporary legal standards are feeling the strain of an emerging era of data; should family be able to access a deceased person's social networking accounts, for example? (And who constitutes family, by the way?) There are many different frameworks for privacy that could be drawn on - are direct messages on Twitter between you and Clergy or your Doctor legally protected as Privileged Communication? Presumably so. What about credit card data - is that a privacy framework that we might or might not want to use as a model for privacy policies regarding our browser history, saved items and contact lists? Probably not.
Some contemporary privacy frameworks may be woefully inadequate for the fast approaching future, some may continue to serve us well and some widely accepted ideas about privacy may receive long-overdue reconsideration in the face of changing communication.
Leveraged Attention Data, data mining, "anonymized" aggregate behavioral analysis - new useful forms of access to data take shape quickly in a technology landscape undergoing rapid evolution. Some people look at any of it and freak out.
Surely there's some standards and best practices that can be determined in order to maximize the good from both open data and privacy. The costs are too high in both directions to lose out on either for the other.
Or do decisions need to be made, benevolently, for us by either standards and/or market forces? When should data collection be opt-in and when can it be opt-out? Are vendor interests served better or worse by pushing users into giving up more control over data than we might want to?
These questions invoke psychology, sociology, philosophy and economics. It's not just Computer Scientists, marketers and PR pros who will have jobs in the future!
Hopefully not. If we must choose, which should we choose? I asked my friends on Twitter (of all places) who would go on record saying that "privacy is an illusion" and 15 people said they agreed with that statement within 15 minutes. Chris Messina posted links to three posts he's written on the topic. Personally, I contend that the most important level of privacy will be safe until the implant comes.
"What do you mean you haven't turned on the GPS tracking in your child's mobile? How will she write the report on her daily travels that's assigned to her at school?"
A common ethical dilemma discussed concerning things like human genetic engineering or performance enhancing measures is the risk that such actions may set a new standard that becomes required for meaningful participation in society - whether it's a good idea or not.
When Social Security numbers were assigned in the US they were explicitly not intended for identification purposes. That's now a joke, you practically have to give out your social security number and identity theft runs rampant.
Our collective decisions have the potential to create effective coercion in the lives of individuals, making the opt-out a decision that leads to social isolation and greater survival challenges than are fair.
Hello, Google. Hello Google Search, Maps, Sky, Streetview, GMail, Docs, 23andMe genetics, Talk, Goog411, Google Scholar... surely I'm still missing a lot of the data that Google has collected about us.
Is data centralization in the hands of a single vendor an inherent threat to privacy? Yes. To draw an analogy, trusting the "Do No Evil" line is like saying you'd support a President that you like changing the constitution to allow warrantless wiretapping. Centralization of power, even if it's exercised benevolently at any given time, is not in our best interest in the long term. In fact, I'd argue that it's highly irrational.
How does this relate to open standards of data, though? Does information need to be centralized if anyone with enough resources can access it all from anywhere?
What are we going to do about it?
Speaking of Administrations you do or do not agree with, what question could be more timely to ask than this one? Around the world it's Google and Yahoo! who are forced to wrestle with this question now, here in the US it's ATT and the public library - in the future it will be everyone.
The coming privacy wars are going to be high stakes and heated. I'm sure there are other big questions that I haven't thought of, but I think that at least these 7 issues are ones that we would be well served engaging with sooner rather than later. Here's one response to the questions above - what do you think? Let's crank up our talking about these issues online, I'm guessing that many of us talked about them a lot over the holidays with friends and family.
We are not quite there with the technology, but think of a site that changed its layout depending upon metrics divulged from your individual profile. So if you where 10 times more likely to make an online purchase at Amazon than Ebay, then the site could be dynamically modified to fit your past purchasing history or certain triggers could be shown to raise the likelyhood that you would make a purchase. Conversions would go through the roof. This would be some very powerful tool for advertisers to have
With the avent of more and more powerful programming languages for the web such as Asp.net and as processors continue to advance, then this type of senerio may not be too far down the road.
]]>I just wanted to comment on your redesign but I couldn't find that thread. I observed that since your redesign I spend much less time here. The main reason I believe is your new way of cutting off articles after the first paragraph. It is easier to scroll than click read more. Previously, I would read most of the articles. Now I just read the first paragraphs and get out. I think you are really shortchanging yourself. I understand that if an article is really long you can use read more after a few paragraphs. But otherwise revealing whole articles the way Techcrunch does makes more sense.
Sorry for the off topic comment.
]]>Privacy is just a subset of a larger issue - 'Control'.
To quote Chris Messina:
"Simply demanding the protection of one’s privacy is now a hollow and unrealistic demand. Rather we should be talking about access, permissions, provenance, review, federation and delegation."
Also to your question about centralization of data being a threat to privacy. In terms of DataPortability.org - the goal is not about centralizing data, but rather about making it interoperable.
The reference design we are working on would allow a user to store their identity in 50 different places yet still make it accessible from 1 'node'.
I am starting to think about it like the banking system.
Our 'currency' is our personal Data. Storing your data under your mattress has very little value - but storing it with a trusted 3rd party - a bank - you can do all sorts of stuff with it - all with control.
]]>I just posted an anti-comscore post about the Sears issue, bringing up points I had made on a private mailing list (the Pho list) a few months ago about how horrible the underlying methodology of comscore's reliance on what is (and is now being labeled as such by CA a major security firm) spyware.
My post isn't about privacy specifically, it is more about a whole raft of related issues around data collection - and about the then interpretation of that data to impact entire businesses.
Stuff as the founder of a new ad network I'm thinking a lot about these days. And also thinking a lot about privacy and how to both target ads well AND do so without acquiring or storing private data we both don't need and don't want (or even if we might in the short term want - really don't need to be highly effective).
For example, knowing you specifically is usually less important than knowing if you reached a given web app via a search engine (i.e. a "search-by"), if you are a returning visitor, or if you are not only a returning but an active, registered user. All could help me target different types of messages - without needing to know anything personally identifying about you (or even that I've been asked to serve an ad for you specifically in the past - though I might want to know stuff like how recently you were last on the site so I adjust the mix of advertisers appropriately)
Good stuff and a debate which will indeed be raging all year (and for years to come).
Shannon
]]>Chris Saad, thanks for commenting - I was hoping you would. I see user data as a form of currency too and that's a good quote from Chris Messina. I am concerned about standards based data having some pitfalls too, though - specifically enabling the same type of activity that centralized data does. Perhaps just demanding "user control, user control, user control" is the best strategy. I don't know. Seems important to discuss though.
Shannon, thank you too for commenting. Wouldn't truly personalized data be superior for ad targeting though? Even if there isn't an individual's name attached to it - presumably that user does have an identifying number, or an identity within that system. I think there's some thorny issues there. I bet we'll get a chance to discuss those issues a bunch. I look forward to it.
]]>Actually I think it is an open question as to whether down to the individual level data helps actually in delivering well targeted and effective ads.
A few of the many issues to consider:
- more and more people have MANY, different devices from which they interact with the Internet - mobile phones & computer being two common examples, I have three different computers plus an iPhone plus soon web connected gaming consoles, internet radios etc.
- attempting to too personally target can easily (and frequently does) backfire. Every year post gift buying for example the highly personalized recommendations on Amazon.com for example can become rather amusing. Just because I was shopping for a friend's baby shower two weeks ago might not mean I have any further need for baby items etc.
- sharing deeply personally identifiable data with a third party (such as an ad network) can raise a raft of issues from being against the terms of a site's privacy policy to being literally against the law (in the EU where even data sharing WITHIN the same company can raise issues if the data is flowing across borders)
- too much targeting can dilute the impact and value of advertising, especially brand advertising. If every reader sees different ads from different brands for example then there is little ongoing association between the positive brand of the site and those advertising brands. On the other hand if a smaller set of brands support a given app, even if they are not hypertargeted for a given user, they may build brand awareness and value association with those users (and could then lead to those users suggesting that brand to others who might in turn be well targeted).
- targeting based on past data may not be predictive of future behavior... I'm single now, but someday in the future I hope not to be - I'm not a father now but probably someday in the future I will be - etc. In short there will be changes in my needs & interests, only advertising based on my past behaviors will not seed the ground (and my mental awareness) for when suddenly I do need to start looking for baby clothes... etc.
I agree, this will be topic we return to frequently throughout 2008 I expect.
Shannon
]]>Thanks to all who are participating in this conversation - there are so many different ways to look at it.
]]>- MANY, different devices
I am not sure why this is a concern if the identity/personal data is in the cloud?
- attempting to too personally target can easily (and frequently does) backfire. Every year post gift buying for example the highly personalized recommendations on Amazon.com for example can become rather amusing.
This is exactly why a common and shared language for building and pruning an interest profile or 'Attention Profile' (in APML of course) is critical. Each of these silos should be contributing to more complete picture of the user and also allowing the user to modify the picture manually. This will result in less mistakes made by casually browsing for baby stuff for your friend.
- sharing deeply personally identifiable data with a third party (such as an ad network) can raise a raft of issues
Information can be brokered without personally identifiable information - that's why control is so critical.
- too much targeting can dilute the impact and value of advertising, especially brand advertising. If every reader sees different ads from different brands for example then there is little ongoing association between the positive brand of the site and those advertising brands.
Why do I want to see ads from brands that don't produce products I care about?
- targeting based on past data may not be predictive of future behavior...
Future behavior (or 'Intention) can indeed be predicted based on past interests. Also interests should evolve over time - not be written in stone.
Chris
Good points, though I do think the APML may be useful it also is not the only or perhaps best solutions (and while we will certainly look at it, we'll be using a lot of other data in addition to it)
To address one of your points however which is something I think that is critical there are MANY reasons I might want to be aware of brands I personally am not going to be using (or don't think I'll be using now)
1. I am not a solitary individual - there are many other people I care about/for, might offer suggestions to, might need to help, etc. My interests are NOT just my own - I have many friends who had kids this past year - even if I don't have a child, I might (and do) care to have some passive awareness of baby things. I'm a man, currently single, but likewise it isn't the worst thing in the world for me to have some passive awareness of products targeted for women (if nothing else to have awareness of what the current messages towards women in media are - i.e. Dove's campaign a few years back etc)
2. A role of good advertising & marketing is to make people aware of things they DO NOT previously know they might be interested in. This is not a bad thing - there are 1000's (perhaps millions) of brands out there, I know a few which I pay attention to, but there are countless others I have zero context around - gaining context around them can be useful and not infrequently I am made aware of something which it turns out I like (ads on Amie St and on iTunes have led me to listen to things I might otherwise never have encountered - and often far removed for other things I had tried previously)
3. I invest in the stock market. I'm therefore interested in a broad way to know how major brands are positioning themselves, what messages they are sending, what new products they are promoting (or not promoting) etc. Even if I am not their target and even if they are not a company I currently own - it is still useful for me to have some awareness of their external messages. For years I subscribed to the WSJ almost entirely to see the full page ads in the first section. Entirely to know which companies were sending major messages to the market.
A crucial point to all of this is there are MAJOR differences to Brand advertising and Direct Response (i.e. search ads are usually direct response). With direct response extremely precise targeting is very important as someone is either going to act immediately then or not and you do not get much of a second chance (occasionally someone hits the back button and clicks on another link).
But Brand advertising is far more long term and ongoing, it is about associations - and is not a "now or never" proposition - it is about building awareness, about getting a consistent message into the marketplace, about sparking and listening to conversations. Brands matter beyond their current customers.
I would also note that if I am already a customer of a brand an argument can at times be made that further ads to me might even have a negative impact (i.e. run the risk of annoying me).
But as we've noted this is a long and ongoing discussion.
]]>;)
]]>The most robust privacy systems are foiled by people who don't understand the impact of their decisions, and even more importantly the absence of their decisions. This is not because people are lazy, but because people simply don't know how to control their information, thus they open themselves up to a huge amount of privacy risk. Likewise, the controls for the systems that are in place are incredibly daunting technically to the average person.
There is no standardization to privacy systems, both in the features they support and in the means of configuring them. Add to that the vagaries related to the risk in releasing specific attributes of your personal data make controlling privacy next to impossible for non-wonks. A federated identity system would be awesome, but until there is an incredibly compelling story to sell this to people, even the best system will see little adoption.
Then there's the greed factor. Federated identity systems would have to be adopted nearly universally by software providers in order to be effective. This would be seen as signing away customer data by corporations; signing away customer data is like turning away cash.
Not to sound pessimistic, but at this point, I see robust easy-to-use privacy control systems as a truly altruistic feature set with little ROI. In other words: it isn't going to happen. Someone disabuse me please.
]]>Given these three facts, from a strictly business standpoint, it is irresponsible for a company *not* to collect this data. If you have a zero cost function that may provide value, it's a disservice to your shareholders not to pursue maximizing it as a possible revenue source.
We don't need big discussions on privacy principles, we need a three line fix to the U.S. legal code.
1) Information gathered by any corporation, non-profit organization, or other institutional body from any source which contains data that can be used to identify an individual (hereafter called "private data") is the property of the individual, not the institution, and any attempt to use this data for any purpose requires informed consent on the part of the individual.
2) In the event that unencrypted private data is lost, accessed by an unauthorized party, or used without informed consent of the owner, or in the event encrypted private data is lost, or accessed by an unauthorized party, where the data could be reasonably assumed to be unencrypted, the organization holding the data must pay a compensatory amount to the individual whose data has been misused in the amount of $100.
3) Any individual aware of a data breach who fails to disclose such a breach can be fined up to $100,000 and face a prison sentence of between 6 and 24 months.
All of a sudden, databases with 100,000 records have a liability tag of $10,000,000. A small company with a small customer base (in the hundreds) can reasonably manage the risk without too much of an impact on their business model, and big companies will have to implement some pretty real security processes to protect big databases. Thanks to rule #3, it will be pretty hard for companies to fail to disclose, as every employee aware of the breach knows they're risking a jail sentence.
]]>When Government (or other organizations) demand/request you give up your privacy, you should immediately demand/request the data-collectors give up their privacy/secrecy. It's only fair.
As mentioned before this is a question of balance of power.
I would be curious how balancing the true "cost" (non-monetarily) of privacy invasion would effect the argument.
Only in your early adopter world. For most of the rest of the country, they have much bigger fish to fry, for good or ill.
]]>yet...
i have never felt on any social network site that they cared about ME... it is sooo clear i am just a number, a click through, a page view.... and they are using me for their own ends... i mean, i can feel it, it's in the very pixels, this selfish, greedy intention...
google is starting to feel this way, forget about myspace, facebook, etc... the latter are hopelessly self-centered to such a degree that i won't touch them...
some of us are soooo leading edge that we are beyond early adapters.... we are early discarders...
enjoy, gregory
]]>Keep an eye on this issue and keep talking about it.
Information is power...
-Scott
]]>IMHO, the problem lays not in the system but, at least in western cultures, with our consumerist mindset. The idea and push that we must have the newest and coolest things is where this problem has its roots. If the focus was on creating the best product and not on name based marketing then the extra cash could be spent on customer education and product improvement. Companies would have less reason to need to know more useless information and the focus could be turned to protecting the useful stuff. perhaps I am simply idealistic but this seems right to me.
-Zoradon
]]>