You are currently browsing articles tagged privacy.

Facial recognition by machines is out of control. Meaning our control. As individuals, and as a society.

Thanks to ubiquitous surveillance systems, including the ones in our own phones, we can no longer assume we are anonymous in public places or private in private ones.

This became especially clear a few weeks ago when Kashmir Hill (@kashhill) reported in the New York Times that a company called “invented a tool that could end your ability to walk down the street anonymously, and provided it to hundreds of law enforcement agencies, ranging from local cops in Florida to the F.B.I. and the Department of Homeland Security.”

If your face has ever appeared anywhere online, it’s a sure bet to assume that you are not faceless to any of these systems. Clearview, Kashmir says, has “a database of more than three billion images” from “Facebook, YouTube, Venmo and millions of other websites ” and “goes far beyond anything ever constructed by the United States government or Silicon Valley giants.”

Among law enforcement communities, only New Jersey’s has started to back off on using Clearview.

Worse, Clearview is just one company. Laws also take years to catch up with developments in facial recognition, or to get ahead of them, if they ever can. And let’s face it: government interests are highly conflicted here. The need for law enforcement and intelligence agencies’ need to know all they can is at extreme odds with our need, as human beings, to assume we enjoy at least some freedom from being known by God-knows-what, everywhere we go.

Personal privacy is the heart of civilized life, and beats strongest in democratic societies. It’s not up for “debate” between companies and governments, or political factions. Loss of privacy is a problem that affects each of us, and calls fo0r action by each of us as well.

A generation ago, when the Internet was still new to us, four guys (one of which was me) nailed a document called The Cluetrain Manifesto to a door on the Web. It said,

we are not seats or eyeballs or end users or consumers. we are human beings and our reach exceeds your grasp. deal with it.

Since then their grasp has exceeded our reach. And with facial recognition they have gone too far.


Now it’s time for our reach to exceed their grasp.

Now it’s time, finally, to make them deal with it.

I see three ways, so far. I’m sure ya’ll will think of other and better ones. The Internet is good for that.

First is to use an image like the one above (preferably with a better design) as your avatar, favicon, or other facial expression. (Like I just did for @dsearls on Twitter.) Here’s a favicon we can all use until a better one comes along:

Second, sign the Stop facial recognition by surveillance systems petition I just put up at that link. Two hashtags:

  • #GOOMF, for Get Out Of My Face
  • #Faceless

Third is to stop blaming and complaining. That’s too easy, tends to go nowhere and wastes energy. Instead,

Fourth, develop useful and constructive ideas toward what we can do—each of us, alone and together—to secure, protect and signal our privacy needs and intentions in the world, in ways others can recognize and respect. We have those in the natural world. We don’t yet in the digital one. So let’s invent them.

Fifth is to develop the policies we need to stop the spread of privacy-violating technologies and practices, and to foster development of technologies that enlarge our agency in the digital world—and not just to address the wrongs being committed against us. (Which is all most privacy laws actually do.)



Tags: , , , ,

(Somebody280px-Do_not_disturb.svg on Quora asked, What is the social justification of privacy? adding, I am trying to ask about why individual privacy is important to society. Obviously it is preferable to individuals for a variety of reasons. But society seems to gain more from transparency. So, rather than leave my answer buried there, I decided to share it here as well.)

Society is comprised of individuals, and thick with practices and customs that respect individual needs. Privacy is one of those. Only those of us who live naked outdoors without clothing and shelter can do without privacy. The rest of us all have ways of expressing and guarding spaces we call “private” — and that others respect as well.

Private spaces are virtual as well as physical. Society would not exist without well-established norms for expressing and respecting each others’ boundaries. “Good fences make good neighbors,” says Robert Frost.

One would hardly ask to justify the need for privacy before the Internet came along; but it is a question now because the virtual world, like nature in the physical one, doesn’t come with privacy. By nature we are naked in both. The difference is that we’ve had many millennia to work out privacy in the physical world, and approximately two decades to do the same in the virtual one. That’s not enough time.

In the physical world we get privacy from clothing and shelter, plus respect for each others’ boundaries, which are established by mutual understandings of what’s private and what’s not. All of these are both complex and subtle. Clothing, for example, customarily covers what we (in English vernacular at least) call our “privates,” but also allow us selectively to expose parts of our bodies, in various ways and degrees, depending on social setting, weather and other conditions. Privacy in our sheltered spaces is also modulated by windows, doors, shutters, locks, blinds and curtains. How these signal intentions differs by culture and setting, but within each the signals are well understood, and boundaries are respected. Some of these are expressed in law as well as custom. In sum they comprise civilized life.

Yet life online is not yet civilized. We still lack sufficient means for expressing and guarding private spaces, for putting up boundaries, for signaling intentions to each other, and for signaling back respect for those signals. In the absence of those we also lack sufficient custom and law. Worse, laws created in the physical world do not all comprehend a virtual one in which all of us, everywhere in the world, are by design zero distance apart — and at costs that yearn toward zero as well. This is still very new to human experience.

In the absence of restricting customs and laws it is easy for those with the power to penetrate our private spaces (such as our browsers and email clients) to do so. This is why our private spaces online today are infected with tracking files that report our activities back to others we have never met and don’t know. These practices would never be sanctioned in the physical world, but in the uncivilized virtual world they are easy to rationalize: Hey, it’s easy to do, everybody does it, it’s normative now, transparency is a Good Thing, it helps fund “free” sites and services, nobody is really harmed, and so on.

But it’s not okay. Just because something can be done doesn’t mean it should be done, or that it’s the right thing to do. Nor is it right because it is, for now, normative, or because everybody seems to put up with it. The only reason people continue to put up with it is because they have little choice — so far.

Study after study show that people are highly concerned about their privacy online, and vexed by their limited ability to do anything about its absence. For example —

  • Pew reports that “93% of adults say that being in control of who can get information about them is important,” that “90% say that controlling what information is collected about them is important,” that 93% “also value having the ability to share confidential matters with another trusted person,” that “88% say it is important that they not have someone watch or listen to them without their permission,” and that 63% “feel it is important to be able to “go around in public without always being identified.”
  • Ipsos, on behalf of TRUSTe, reports that “92% of U.S. Internet users worry about their privacy online,” that “91% of U.S. Internet users say they avoid companies that do not protect their privacy,” “22% don’t trust anyone to protect their online privacy,” that “45% think online privacy is more important than national security,” that 91% “avoid doing business with companies who I do not believe protect my privacy online,” that “77% have moderated their online activity in the last year due to privacy concerns,” and that, in sum, “Consumers want transparency, notice and choice in exchange for trust.”
  • Customer Commons reports that “A large percentage of individuals employ artful dodges to avoid giving out requested personal information online when they believe at least some of that information is not required.” Specifically, “Only 8.45% of respondents reported that they always accurately disclose personal information that is requested of them. The remaining 91.55% reported that they are less than fully disclosing.”
  • The Annenberg School for Communications at the University of Pennsylvania reports that “a majority of Americans are resigned to giving up their data—and that is why many appear to be engaging in tradeoffs.” Specifically, “91% disagree (77% of them strongly) that ‘If companies give me a discount, it is a fair exchange for them to collect information about me without my knowing.'” And “71% disagree (53% of them strongly) that ‘It’s fair for an online or physical store to monitor what I’m doing online when I’m there, in exchange for letting me use the store’s wireless internet, or Wi-Fi, without charge.'”

There are both policy and market responses to these findings. On the policy side, Europe has laws protecting personal data that go back to the Data Protection Directive of 1995. Australia has similar laws going back to 1988. On the market side, Apple now has a strong pro-privacy stance, posted Privacy – Apple, taking the form an open letter to the world from CEO Tim Cook. One excerpt:

“Our business model is very straightforward: We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t ‘monetize’ the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you. Our software and services are designed to make our devices better. Plain and simple.”

But we also need tools that serve us as personally as do our own clothes. And we’ll get them. The collection of developers listed here by ProjectVRM are all working on tools that give individuals ways of operating privately in the networked world. The most successful of those today are the ad and tracking blockers listed under Privacy Protection. According to the latest PageFair/Adobe study, the population of persons blocking ads online passed 200 million in May of 2015, with a 42% annual increase in the U.S. and an 82% rate in the U.K. alone.

These tools create and guard private spaces in our online lives by giving us ways to set boundaries and exclude unwanted intrusions. These are primitive systems, so far, but they do work and are sure to evolve. As they do, expect the online world to become as civilized as the offline one — eventually.

For more about all of this, visit my Adblock War Series.


In , opens with this sentence: “On any person who desires such queer prizes, New York will bestow the gift of loneliness and the gift of privacy.” Sixty-four years have passed since White wrote that, and it still makes perfect sense to me, hunched behind a desk in a back room of a Manhattan apartment.

That’s because privacy is mostly a settled issue in the physical world, and a grace of civilized life. Clothing, for example, is a privacy technology. So are walls, doors, windows and shades.

Private spaces in public settings are well understood in every healthy and mature culture. This is why no store on Main Street would plant a tracking beacon in the pants of a visiting customer, to report back on that customer’s activities — just so the store or some third party can “deliver” a better “experience” through advertising. Yet this kind of thing is beyond normative on the Web: it is a huge business.

Worse, the institution we look toward for protection from this kind of unwelcome surveillance — our government — spies on us too, and relies on private companies for help with activities that would be a crime if the  still meant what it says. ( more than two years ago.)

I see two reasons why privacy is now under extreme threat in the digital world — and the physical one too, as surveillance cameras bloom like flowers in public spaces, and as marketers and spooks together look toward the “Internet of Things” for ways to harvest an infinitude of personal data.

Reason #1

The was back-burnered when  (aka ) got baked into e-commerce in the late ’90s. In a single slide  summarizes what happened after that. It looks like this:

The History of E-commerce
1995: Invention of the cookie.
The end.

For a measure of how far we have drifted away from the early promise of networked life, re-read ‘s “Death From Above,” published in January 1995, and his “Declaration of the Independence of Cyberspace,” published one year later. The first argued against asymmetrical provisioning of the Net and the second expressed faith in the triumph of nerds over wannabe overlords.

Three years later  was no less utopian. While it is best known for its 95 Theses (which include “” and ““) its most encompassing clue came before of all those. Chris Locke wrote it, and here’s what it says, boldface, color and all:

if you only have time for one clue this year, this is the one to get…
we are not seats or eyeballs or end users or consumers. we are human beings and our reach exceeds your grasp. deal with it.

Note the first and second person voices, and the possessive case. Our reach was everybody’s. Your grasp was companies’.

Fourteen years later, companies have won. Our reach has not exceeded their grasp. In fact, their grasp is stronger than ever.

Another irony: the overlords are nerds too. And  they lord over what Bruce Schneier calls a feudal system:

Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether … for Facebook.

These vendors are becoming our feudal lords, and we are becoming their vassals. We might refuse to pledge allegiance to all of them – or to a particular one we don’t like. Or we can spread our allegiance around. But either way, it’s becoming increasingly difficult to not pledge allegiance to at least one of them.

Reason #2

We have loosed three things into the digital world that we (by which I mean everybody) do not yet fully comprehend, much less deal with (through policy, tech or whatever). Those are:

  1. Ubiquitous computing power. In the old days only the big guys had it. Now we all do.
  2. Ubiquitous Internet access. This puts us all at zero virtual distance from each other, at costs that also veer toward zero as well.
  3. Unlimited ability to observe, copy and store data, which is the blood and flesh of the entire networked world.

In tech, what can be done will be done, sooner or later, especially if it’s possible to do it in secret — and if it helps make money, fight a war or both. This is why we have bad acting on a massive scale: from click farms gaming the digital advertising business, to the NSA doing what we now know it does.

Last month I gave a keynote at an  event in New York. One of my topics was personal privacy, and how it might actually be good for the advertising business to respect it. Another speaker was , a “gentleman hacker” and CEO of WhiteOps, “an internet security company focused on the eradication of ad fraud.” He told of countless computers and browsers infected with bots committing click-fraud on a massive scale, mostly for Russian hackers shunting $billions from the flow of money down the online advertising river. The audience responded with polite applause. Privacy? Fraud? Why care? The money’s rolling in. Make hay while the power asymmetry shines.

Just today an executive with a giant company whose name we all know told me about visiting “click farms” in India, which he calls “just one example of fraud on a massive scale that nobody in the industry wants to talk about.” (Credit where due: the IAB wouldn’t have had us speaking there if its leaders didn’t care about the issues. But a .org by itself does not an industry make.)

Yet I’m not discouraged. In fact, I’m optimistic.

These last few months I’ve been visiting dozens of developers and policy folk from Europe to Australia, all grappling productively with privacy issues, working on the side of individuals, and doing their best to develop enlightened policy, products and services.

I can report that respect for privacy — the right to be left alone and to conceal what one wishes about one’s self and one’s data — is far more evolved elsewhere than it is in the U.S. So is recognition that individuals can do far more with their own data than can any big company (or organization) that has snarfed that data up. In some cases this respect takes the form of policy (e.g. the EU Data Protection Directive). In other cases it takes the form of advocacy, or of new businesses. In others it’s a combination of all of those and more.

Some examples:

 is a policy and code development movement led by Ann Cavoukian, the Information & Privacy Commissioner of Ontario. Many developers, enterprises and governments are now following her guidelines. (Which in turn leverage the work of Helen Nissenbaum.)

, the Fondation Internet Nouvelle Génération, is a think tank of leading French developers, scientists, academics and business folk, convened to guide digital transformation across many disciplines, anchored in respect for the individual and his or her full empowerment (including protection of privacy), and for collective action based on that respect.

 is a Fing project in which six large French companies — Orange, La Poste, Cap-Digital, Monoprix, Alcatel-Lucent and Societe Generale — are releasing to 300 customers personal data gathered about those customers, and inviting developers to help those customers do cool things on their own with that data.

The  in the UK is doing a similar thing, with twenty UK companies and thousands of customers.

Both Midata and Etalab in France are also working the government side, sharing with citizens data collected about them by government agencies. For more on the latter read Interview with Henri Verdier: Director of Etalab, Services of the French Prime Minister. Also see Open Data Institute and

In Australia,    and  are working on re-building markets from the customer side, starting with personal control and required respect for one’s privacy as a base principle.

In the U.S. and Europe, companies and open source development groups have been working on personal data “stores,” “lockers,” “vaults” and “clouds,” where individuals can harbor and use their own data in their own private ways. There is already an  and a language for “” and “pclouds” for everything you can name in the Internet of Things. I posted something recently at HBR about one implication for this. (Alas, it’s behind an annoying registration wall.)

On the legal front, Customer Commons is working with the  at the Berkman Center on terms and privacy requirements that individuals can assert in dealing with other entities in the world. This work dovetails with , the  and others.

I am also encouraged to see that the most popular browser add-ons and extensions are ones that block tracking, ads or both. AdblockPlus, Firefox’s Privowny and  are all in this game, and they are having real effects. In May 2012,  a 9.26% ad blocking rate in North America and Europe. Above that were Austria (22.5%), Hungary, Germany, Finland, Poland, Gibraltar, Estonia and France. The U.S. was just below that at 8.72%. The top blocking browser was Firefox (17.81%) and the bottom one was Explorer (3.86%). So it was no surprise to see Microsoft jump on the Do Not Track bandwagon with its latest browser version. In sum what we see here is the marketplace talking back to marketing, through developers whose first loyalties are to people.

(The above and many other companies are listed among developers here.)

More context: it’s still early. The Internet most of us know today is just eighteen years old. The PC is thirty-something. Pendulums swing. Tides come and go. Bubbles burst.

I can’t prove it, but I do believe we have passed Peak Surveillance. When Edward Snowden’s NSA revelations hit the fan in May, lots of people said the controversy would blow over. It hasn’t, and it won’t. Our frogs are not fully boiled, and we’re jumping out of the pot. New personal powers will be decentralized. And in cases where those powers are centralized, it will be in ways that are better aligned with individual and social power than the feudal systems of today. End-to-end principles are still there, and still apply.

Another reason for my optimism is metaphor, the main subject in the thread below. In , George Lakoff and Mark Johnson open with this assertion: The mind is inherently embodied. We think metaphorically, and our metaphorical frames arise from our bodily experience. Ideas, for example, may not be things in the physical sense, but we still talk of “forming,” “getting,” “catching” and “throwing out” ideas. Metaphorically, privacy is a possession. We speak of it in possessive terms, and as something valuable and important to protect — because this has been our experience with it for as long as we’ve had civilization.

Possession is “nine-tenths of the law” because it is nine-tenths of the three-year-old. She says “It’s mine!” because she has hands with thumbs that give her the power to grab. Possession begins with what we can hold.

There is also in our embodied nature a uniquely human capacity called indwelling. Through indwelling our senses extend outward through our clothes, our tools, our vehicles, enlarging the boundaries of what we do and experience in the physical world. When drivers speak of “my wheels” and pilots of “my wings,” it is because their senses dwell in those things as extensions of their bodies.

This relates to privacy through exclusion: my privacy is what only I have.

The clothes we wear are exclusively ours. We may wear them to express ourselves, but their first purpose is to protect and conceal what is only ours. This sense of exclusivity also expands outward, even though our data.

 “the Internet is a copy machine.” And it is. We send an email in a less literal sense than we copy it. Yet the most essential human experience is ambulation: movement. This is why we conceive life, and talk about it, in terms of travel, rather than in terms of biology. Birth is arrival, we say. Death is departure. Careers are paths. This is why, when we move data around, we expect its ownership to remain a private matter even if we’re not really moving any of it in the postal sense of a sending a letter.

The problem here is not that our bodily senses fail to respect the easily-copied nature of data on networks, but that we haven’t yet created social, technical and policy protocols for the digital world to match the ones we’ve long understood in the physical world. We still need to do that. As embodied beings, the physical world is not just our first home. It is the set of reference frames we will never shake off, because we can’t. And because we’ve had them for ten thousand years or more.

The evolutionary adaptation that needs to happen is within the digital world and how we govern it, not the physical one.

Our experience as healthy and mature human beings in the physical world is one of full agency over personal privacy. In building out our digital world — something we are still just beginning to do — we need to respect that agency. The biggest entities in the digital world don’t yet do that. But that doesn’t mean they can’t. Especially after we start leaving their castles in droves.

Tags: , , , ,


So if you’re looking for something about privacy that’s not a site with a privacy policy, you’re also looking at a high haystack/needle ratio.

Just saying.

Not sure what else that data says, such as it is. But it’s interesting.

Tags: , , ,

If you want to know what data you’re sharing — without (thus far) knowing about it — on Facebook, is the way. You run it as a simulator and what’s what.

It was developed by Joe Andrieu, a stalwart contributor of wisdom and code to the VRM community, and has been covered by and tweeted by the Wall Street Journal’s @WhatTheyKnow.

It’s what we call a fourth party app, meaning it performs as an instrument of your intentions, rather than a seller’s or a site operator’s. Check it out and give Joe feedback.

Tags: , , , , , ,