December 18, 2014

The Future of Privacy

Above-and-Beyond Responses: Part 1

A variety of views in regard to this issue are reflected in these big thinkers’ imaginings of what may happen by 2025.

‘Social punishment may have to be accompanied by legislation’

Vint Cerf, Google vice president and chief Internet evangelist, responded, “The public will become more sophisticated about security and safety. Corporations and service providers will feel pressure to implement practices including two-factor authentication and end-to-end cryptography. Users will insist on having the ability to encrypt their email at need. They will demand much more transparency of the private sector and, especially, their governments. Privacy conventions will evolve in online society—violations of personal privacy will become socially unacceptable. Of course, there will be breaches of all these things, but some will be accompanied by serious social and economic downsides and, in some cases, criminal charges. By 2025, people will be much more aware of their own negligent behavior, eroding privacy for others, and not just themselves. The uploading and tagging of photos and videos without permission may become socially unacceptable. As in many other matters, the social punishment may have to be accompanied by legislation—think about seat belts and smoking by way of example. We may be peculiarly more tolerant of lack of privacy, but that is just my guess.”

The key will be defaults: Individuals will control their personas or be controlled

Marc Rotenberg, president of the Electronic Privacy Information Center (EPIC), said, “There will be many contentious battles over the control of identity and private life. The appropriation of personal facts for commercial value—an issue that emerged with Google’s ‘shared endorsements’ and Facebook’s ‘sponsored stories’—are a small glimpse of what lies ahead. The key will be the defaults: either individuals will control their online persona or it will be controlled by others.”

‘We will get used to an open society; answer surveillance with ‘sousveillance’’

Futurist David Brin, author of a highly respected book on the future of privacy, The Transparent Society, wrote, “See my book, The Transparent Society. We will get used to an open society; answer surveillance with ‘sousveillance.’ It matters less what others know about us than what they can (not) do to us. To control that, we must look back at the mighty and watch the watchers. The question implies that the only solution will be to create some paternalistic, unified structure to control and parcel out information. Even if it is designed by honest and skilled people, this approach cannot work. Can you name for me one example when that ever worked in a reliable way? How many supposedly reliable systems and databases leak (surprise!) every year? There is a better way.”

Dynamics of security and privacy ‘mired in ugly politics and corporate greed’

danah boyd, a research scientist for Microsoft, responded, “What you’re suggesting sounds like a fantasy. I expect the dynamics of security and privacy are going to be a bloody mess for the next decade, mired in ugly politics and corporate greed. I also expect that our relationship with other countries is going to be a mess over these issues. People will be far more aware of the ways that data is being used and abused, although I suspect that they will have just as little power over their data as they do now.”

‘Norms and laws are often syncopated with innovation in technology’

Jeff Jarvis, director of the Tow-Knight Center at the City University of New York, wrote, “Just as with the introductions of many technologies before—the telephone, the portable camera, even the Gutenberg press—society renegotiates its norms to catch up with progress, as well as to recognize the benefits innovation can bring, while also protecting against its risks… Norms and laws are often syncopated with innovation in technology. Now, with the Internet, we are once again renegotiating our norms around privacy and public-ness. Thanks to Edward Snowden, I hope we will also soon renegotiate our privacy laws and governmental norms. I do believe that the public, business, and government can work to maximize the benefit of the Net, while also minimizing danger. Of course, there is nothing to guarantee they will. Government, threatened by the redistribution of power brought by the Net, could succeed in claiming sovereignty over it, throttling its freedoms. Business could overstep its trust with consumers and bring regulation into place. Media could succeed in breeding moral panic—technopanic—over anything that could go wrong. But, I hope that enlightened self-interest will prevail…Vint Cerf, co-inventor of the Net, and evangelist for Google, said recently that privacy might be a historical anomaly. That is the kind of blunt, albeit factual talk that can drive a corporate public relations person to drink. Still, he is right that privacy is, by various accounts, a relatively recent invention, born of hallways (allowing people to close doors on their activities) and cities (letting individuals become lost in the crowd). Yet at base, privacy is what it always has been: that which we keep to ourselves, in our heads, unspoken, except perhaps to intimates we trust (though what we tell them is then public to that extent). That is still the case, and always will be, no matter what medium we use to share…”

A tiered-system might have Privileged, Private, Business, Public levels

David P. Collier-Brown, a system programmer and author, predicted that by 2025, “I expect at least four levels and categories. The levels are: Privileged—communications with my doctor, lawyer, Member of Parliament, etc. Private—things I share only with selected correspondents. Business—things I share with particular businesses, with protections against aggregation. Public—things I share with everyone. The categories are orthogonal to these, and are identified uniquely as me. I sign these with the private key I have registered with Elections Canada–identified for financial purposes. I sign these with a private key that has a credit card; the card issuer knows who I am, while others do not. A pen name and age is published for each of these, but it may not be strongly linked to me. Right now, I use different middle initials to distinguish self-identifications; to you, I am David P. Collier-Brown; to American Express, I’m David A. Collier-Brown—unique—lots of pen-names, avatars and nicknames, partially trackable. I expect people to be less concerned about some areas, like pictures, but more concerned about others, like vendors doing cross-matching. Pictures of nude sunbathing will be about as embarrassing and threatening as naked baby pictures. Ads will have ‘just for me’ categories, but nasty snooping by advertisers will result in picket lines and class-action suits.”

‘From the state to the private sector, surveillance won’

Howard Rheingold, a pioneering Internet sociologist and self-employed writer, consultant, and educator, responded, “When I and others wrote about the ways technologies could enable a surveillance-dataveillance state, as early as the 1990s, few Americans really seemed to care. We could foresee that bridge and freeway transponders, credit cards, closed-circuit video cameras, linked via the Internet, with millions of bits of individually insignificant personal information compiled into dossiers by powerful computers, could provide the infrastructure for unprecedented surveillance… it did not take a prophet to foresee those events. After 9/11, massive US government overreach was rubber-stamped by Congress and accepted by citizens. A huge security bureaucracy was set up. When Admiral Poindexter proposed ‘Total Information Awareness’ (the TIA program), public outcry shut down the proposed campaign; yet, decades later, when Edward Snowden’s leaks revealed that the NSA had gone ahead with an even more far-reaching program, there was neither widespread citizen protest, nor significant Congressional resistance. At the same time, the most powerful growing sector in an otherwise war-weakened US economy, online media—from Google, Amazon, and Facebook on down to every ad-supported Web enterprise—developed a powerful business model based on the same kind of dossiers. From the state to the private sector, surveillance won. At the time of this writing, Google Glass and other surveillance-capable, Web-connected wearables have not been unleashed. It is impossible to tell how people will react to the presence of multiple strangers in almost every public situation, equipped to capture still images and stream video—and also equipped with facial-recognition capabilities. Citizens will join the state and digital businesses in the surveillance game. Privacy is a social construct—for example, until central heating, most people in most houses slept in the same room; in Japan, for centuries, walls were made of paper. Ask any teenager about his or her ‘Facebook-stalking’ habits. Privacy has already changed.”

‘Everyone will expect to be tracked and monitored’ for services, safety’

Hal Varian on the future of privacy

Hal Varian, chief economist for Google, wrote, “We will have some sort of usable infrastructure by 2025, but it will be painful getting there. People will be comfortable sharing personal information with organizations because those organizations will be regulated and audited about their practices. There is no putting the genie back in the bottle. Widespread sensors, databases, and computational power will result in less privacy in today’s sense but will also result in less harm due to the establishment of social norms and regulations about how to deal with privacy issues. By 2025, the current debate about privacy will seem quaint and old-fashioned. The benefits of cloud-based, personal, digital assistants will be so overwhelming that putting restrictions on these services will be out of the question. Of course, there will be people who choose not to use such services, but they will be a small minority. Everyone will expect to be tracked and monitored, since the advantages, in terms of convenience, safety, and services, will be so great. There will, of course, be restrictions on how such information can be used, but continuous monitoring will be the norm.”

Facial-recognition expanding; lack of publicness will seem anti-social and creepy

Judith Donath, a fellow at Harvard University’s Berkman Center for Internet & Society, responded, “A big inflection point will be face-recognition. Today, when we meet a new person, we are likely to do a search on their name, often finding out some surprising hobby or other details, perhaps a lengthy blog history, plus the expected professional information. But, the people we see on the street, in the subway, across the restaurant—they remain strangers, enigmatic. Face recognition will change this. We will be able to put a name to a face—and all the data attached to that name. For the citizen of that future world, it will seem strange and unsettling to think that in the past people walked, sat, and ate amidst crowds of unknowable strangers. It will seem dangerous—one of the first apps that will make use of this technology will alert us to registered sex offenders and paroled felons in our midst—and dull. (Today if someone catches your attention, you muse a bit about him or her, and then move on. There is no connection. Tomorrow, you can delve into whatever personal traces they have online.) This will cause a big shift in how we think of privacy and the norms around making information about ourselves public. Today, if someone chooses to have a very low online profile, this has little effect on how we think of him or her face-to-face. But, in this future, that will start to seem anti-social and a little creepy. There will be much more pressure to have such a data presence—and to carefully cultivate it.”

Exhibit A for the transparent future: My own life

John Lazzaro, a research specialist and visiting lecturer in computer science at the University of California-Berkeley, wrote, “The reality in 2025 will look like my own reality today. As an employee of a California public university, my salary is public information, and websites exist to let you search for my salary. When I officially teach a class, statistical summaries of student reviews are publicly available online, and I do not have the ability to take them down. Google Scholar lists the number of references for every paper I have published over the past 25 years, which is a common proxy for research impact. The IETF has a meticulous record of every document draft and mailing list email about the RFCs I have authored, which gives a microscopic window on how I work on a technology problem. This level of disclosure is a feature for me, not a bug. Anyone who is curious about who I am professionally can invest a few minutes in Google searches and decide for himself or herself. It is a more honest portrait than what you will find on a website like LinkedIn. And so, I think it will become the norm by 2025.”

Maybe a ‘Privacy Chernobyl’ will change things, but don’t count on it

John Markoff, senior writer for the Science section of the New York Times, responded, “I have been writing about privacy, security, and computer networks since the late 1970s. The trend is decidedly away from individual privacy, as well as away from online security. We are on our way to the ‘Panopticon.’ Conceivably, a ‘Privacy Chernobyl’ might alter this, but I do not believe the Snowden materials will. I believe that a decade is an infinite period in terms of Internet time. Too many things are possible, and anything we say today would be largely speculative. I am struck by the fact that there is such a gulf between the European and US privacy norms. I believe this is because of World War II. When the Nazis entered Paris, the first thing they did was head for the phone directory.”

‘The drift toward less privacy will only be reversed if there is a perception that privacy concerns are interfering with commerce’

David Clark, a senior research scientist at MIT’s Computer Science and Artificial Intelligence Laboratory, noted, “We will have this in a fragmentary way, but it will not have the character of ‘infrastructure.’ … The European Union has more of a tendency to address issues like this top-down; the United States seems to work bottom-up. Privacy rights will differ in different contexts—some will be more robust than others. That is why I do not believe that the outcome will seem like ‘infrastructure.’ The drift toward less privacy will only be reversed if there is a perception that privacy concerns are interfering with commerce. Privacy is a residue left over after concerns about security and commerce are satisfied (this thought is not original to me, but I do not remember who said it). There will be a swing back from the total voluntary disclosure we see today on sites like Facebook. What we will see is a more nuanced way for people to deal with their different friends and colleagues, with more expressive ways to control what is shared. But, the pressures for Big Data tracking will continue to erode our expectations of what is known about us without our explicit disclosure.”

‘Americans have happily sacrificed their privacy and will continue to do so’

Paul Saffo, managing director at Discern Analytics and consulting associate professor at Stanford University, wrote, “The opposition to privacy erosion is broad and diffuse, while the proponents of privacy-eroding systems are narrow and focused. Further, while Americans claim to care about privacy, they care even more about convenience. Americans have happily sacrificed their privacy over the last several decades, and will continue to do so, even as they complain. Privacy has already shifted from being a right to a good that is purchased. Privacy-as-good will continue to advance and become the 2025 norm.”

‘In 2025, we will have a post-Facebook and post-Google world’

Marcel Bullinga, a technology futures speaker, trend watcher, and futurist, wrote, “A trusted infrastructure needs to be created in order to prevent massive fraud and massive public distrust in online transactions, and in online life, in general. We have to reinvent the entire Internet as we know it, shifting power from a few American tech companies to the individual who creates, and therefore owns, the data. We need to create a personal dashboard, a safe haven, for every individual’s dossiers, transactions, money, and profiles. In this dashboard, you could set your privacy and communications settings (from 0 to 100%). All of this will create a big struggle about the question: Who owns (my) data? My 2025 statement: In 2025, we will have a post-Facebook and post-Google world. We will have new business models in which facilitating data is more lucrative than owning data. Providers who refrain from owning their customers’ data and stick to facilitating the owner in handling their data in a trusted way will win. This means Google and Facebook will lose. If we do not make this transition, we face a privacy and fraud nightmare in which our lives are dominated by a few global tech companies… There are two opposite trends: first, we will adapt to 100% transparency and the utter loss of privacy, accepting that secrets no longer exist. The societal impact of scandals (exposed secrets) will diminish because it is impossible to react with constant indignation when secrets are revealed all the time. Second, we will adapt to 100% privacy. Counter technologies will give us huge amounts of privacy protection, allowing us to pick our own desired level of privacy. Privacy will cost money and will be a paid service.”

In 2025, ‘everything will be transparent; people will not have the illusion of privacy’

Tiffany Shlain, filmmaker, host of the AOL series The Future Starts Here, and founder of The Webby Awards, responded, “In 2025, everything will be transparent; people will not have the illusion of privacy. This will, of course, have consequences.”