FOE5: Privacy

At What Cost?: The Privacy Issues that Must Be Considered in a Digital World
The vast range of new experiments to facilitated greater audience participation and more personalized media content bring are often accomplished through much deeper uses of audience data and platforms whose business models are built on the collection and use of data. What privacy issues must be considered beneath the enthusiasm for these new innovations? What are the fault lines beneath the surface of digital entertainment and marketing, and what is the appropriate balance between new modes of communication and communication privacy?
Participants: Jonathan Zittrain (Harvard University) and Helen Nissenbaum (New York University)

HN: i was struck by the title, that presents this as a dilemma, positive and negative…what we have is a tighter relationship between the performers, the distributors and the fan base. The cost side, is privacy, although were the crowd is a useful construct, there is also a lot were the connection is individualised, in these cases there is a trade off, provacy vs the other good stuff. Maybe these trade-offs are necessary? A lot of the trade-offs are presented as such because a lack of understanding or a mis-representation of privacy or an understanding. In one, it is over-simplistic of privacy, that says any release of info is a loss, or a violation. If you are revealing your story, on these platforms, it means that you have released this info to world. Contextual integrityis about distinguishing release of info, when they are loss of privacy or when simply positive releases, new exchanges of relations. THis impoverished view of priovacy, means those who want tomake something of what is going on. The way we share in different ways, suggests that we don’t care about privacy…what i would like to suggest is that we think carefully..people when interviewed about Foursquare were puzzled about vendors using info, not aware that all could see. I would like to focus on mediators, to understand what the position is. THey are third parties that should not be doing everything they do. The release of info is selective and you should not be saying the info is public and you can do what you want

HN: there is an inevitability claim about how systems are designed..all these systems that collect info, to provide services. Personalisation requires giving up privacy. We say it not because you can’t have one without other, but that we have not been creative enough about what we are doing. you can have both, we need ot think harder. Some examples…traffic pattern in GPS systems. They are aware of traffic behaviour, to give you time expectations, Cars are sending out signals..scientists are looking at extracting information, to protect indi data but allow information from aggregation of data. Another is about biometrics, having a centralised gallery so it has your info to match against; it seems the only way to do it. there are ways to use it locally, so you have a card and your thumbprint, that’s all you need to authenticate.. A third, AGnostic system, provides possibility of targeting advertising, does not involve tracking server side, but on client side, so central server does not need to know what you are doing. LBS systems that allow processing to be done on client side, so without central servers knowing where you are. If we insist on privacy being protected, we need to be inaginative in how we are doing

JZ: this is why your work is special, you actually do something about it. YOu come up with something like Agnostic, with concrete examples,. It also calls to mind another project, TrackMeNot, that you were involved in, a demonstration of being fed up with sharing data. THis allows a browser plugin..to pipe through a search launderer. So google has no clue who is doing what. I like using AdBlockPlus…so my question to you, is there an ethical probelm with that, given the premise of free content is that it is ad
supported.

HN: TrackMeNot does not work that way…but your idea is better…We have to generate searches that obfuscate your own searches. We could not think of a way of doing collaborative searchs, it would have to go via 3rd party and we would have the same issues. So we do dummy queries. We do get questions about ethical areas. I love that, people ask about wasted bandwidth..there is so much stuff going over the web, that this is minimal. Protecting your privacy is not a waste of bandwidth…there has to be different straegies for different issues Obfuscation is a desparate method for a system that is not being reactive.

HN: The best world would be one where TrackMeNot is not needed. Obfuscation is great, I want to promote this..Kindle Fire cries out for obfuscation, as everything goes through the central servers. Looking at AdBlocker…the challenge is to say it’s not an ad blocker. If we believe that behavioural advertising produces better experiences. ..if to get a better experience you need to be tracked, then we need better solutions. SO we need involvment of ad networks. So we need a win-win, rather than a win-lose solution

JZ: you reference the dilemmas and looked at how to escape the dilemmasl I looked at ambivalence. Is provacy Autonomy rather than release of data you want to keep to your self, in the frame of constitutional privacy, about the right to make decisions etc. I use the owrd gamification…the realisation that in the entertainment industries, I’m getting them to pay me money to entertain them..so pay direct, or advertising. So is there a way to bind entertainment with a way of getting labour out of them? Like Tom Sawyer and the fence. Is this good or completely unknown. With Zynga and Farmville, which is entertainment..they use AB testing, altering features, to see what make people make you play. Instead of ad placing..you have to get your farm in a certain way…which means that you are doing labour for someone. Like the Captcha idea, or the ESP game, which does things, produces labels for images that is useful. Is this form of gamification, an invasion of privacy. SO geocaching, or real world stuff to get points, its a pastime, is this direct privacy invasion…as well as gamification

HN: I don’t think of it as a privacy problem, but it is an autonomy problem. When you think about entertainment, about what it is..is participating on facebook a form of entertainment or something else. Does it have to be recognisable as a game or film. If we start tracking involvement in entertainment, they become selfconcious about what they are doing, subject to thrid party judgement or manipulation. In realm of entertainment, I think of it as activity, close to perceptions of ourselves.

JZ: I’m working on book of gamification. So looking at extrinsic and intrinsic motivations.. That makes entertainment intrinsic motivating stuff. But in the labour gamification, entertainment becomes extrinsic, you do that and we entertain you.

HN: that gives traction to a complex perception of what privacy is. It sets ahigh bar, the intemediary has a responsibility towards the subject. Looking at Facebook facial recognition, everytimne you tag a pciture you are contributing work to the system

Question: there is a diference between tracking and privacy for info for friends, and what companies have…

HN:I’m not sure we are focusing enough on the platform provider, who has everything and we need tofocus on this more

Question: cable law etc, about getting info about the box etc…is new media unregulated…

JZ: it’s a tricky question if they are monopolies? What is Facebook? it makes it hard ot say what is a monopoly., especially as it becomes a identity management systems. Cable comes out of braodcast, due to spectrum, easier to control, web is a moving target, what can you do, Cable is static. On one hand, we put controls over facebook about what is hsared and the other we share everything. At least there are platforms, they can be regulated..

HN: there is a lot of legislation, regulation that is targeted at specific tech..but tech changes all the time, so how can you do that. It’s not so old, it’s innovation, we have this fear of dampening innovation, it’s been self regulation

JZ: is this the difference between rules and standards. Standards can be flexible. But what you gain in flexibility is the uncertainty about you are doing.,

Question: connecting data – purchases and insurance, loyalty cards etc. This has bigger privacy issues…

HN: discimination, individual prices, services etc, depending on what your behaviour is. That is a separate set of worries. Information about stuff that can have legal implication, eg you have a car crash and you have bought beer

Question: you care sometimes and not others. How do you play the game so you win, what things should you think about…

HN:not sure I understand…what does privacy mean for you? it is not just control or hoarding of information. It is about the appropriate flow of info…is it about sharing at right time…to right people. Is it merely sharing, you may still be caring about privacy, you want to share appropriately.

JZ: I take it to be, some elements privacy advocacy, touchpoint is user choive, So users just get loads of checkboxes. Often its not clear what you are choosing, there is a paralysis that comes from choices. I think about it systemically…can I game out what the world will look liek if most people do this rather than that, will that be a better or worse worls. There are many worlds systemically that a lot of little choices can add up to worse worlds.

HN: We speak as if we know nothing about what our privacy preferences are..you would not want to give people a choice about somethings…there is a disingenous behaviour about havng to set up everything new with each service provider…making the privacy choices annoy. So with entertainment, we need a world where people are not self-conscious. we look a tthe system, not just the rules

JZ: often what we find entertaining, is stuff that itself is a privacy breach, that we would find entertaining. StarWars kid is a great example of remix, creation etc, but the kid did not like this…an invasion of privacy. In the design of the web, for materials we make use of in entertainment that implicate someone, a way to connect with something and send a message..eg asking for it not to be forwarded…

Question: even if I had time to read the T&Cs, it gets updated all the time..is there a future where we can communicate it simpler way..

JZ: could there by a creative commons for privacy…

HN: I would caution against getting into discussion about ownership of data, it does not help us understand privacy any better. YOu need to have substantitive expectations, about what different kinds of services can do with your information. There can then be choice…a smaller choice, with the rest of it taken care of in substantive rules

JZ: it’s shared stuff…not just property…Stanford has been working on Privacy icons, trying to see if it would make privacy policies more easily understood.
Question: is it the tracking or what could be done with the data

HN: it’s not the sharing, it’s who has it, what it means. We should not only be focusing on sharing, but the implications
Question: I’m for tacit consent, i get what role I play, what would be their obligations to make available the back end (ie advertising, search engines)

JZ:There are all sorts of secret sauces, there is so much coming at you, there’s AI setting what you can see. There’s a balance between what you want to see and what someone thinks you should see.

HN: Would you like Google to track everything so that the results are personalised, to what you are…one last thought