“You have zero privacy anyway… Get over it.” —
Scott McNealy , CEO of Sun in 1999
Scott McNealy, the CEO who should have been a stand-up says a lot of things. Many you can ignore, but when he said the aforementioned words, you knew he was right. It was only a matter of time before what was perceived as a tempest in a teapot would become a tornado, and spill into the public consciousness. The Department of Justice’s subpoenas against Google, Microsoft and Yahoo are just that – a wake-up call, that privacy as we know it is over.
Scott, had also famously uttered that the only privacy you will have will be in your thoughts. And how prescient he was.
Search engines are like the digital sand, where we leave foot prints. Corporate email systems (as Microsoft and Bill Gates know all too well from their DoJ adventures), instant messaging systems, and even shopping carts – we are leaving a tiny bit of privacy wherever we go. Of course you could turn to paper and pen, disconnect yourself from the grid and move to a mountain cabin, but the options are all but none. In fact, we find ways to erode this privacy every little time.
Somewhere on some server, in some SAN your life is cached. We are living a cached life. And it is going to get even more cached, as we turn to always-on wireless devices. Our RSS will be cached somewhere. So will be our thoughts that appear on blogs. Our TiVo watching patterns to music listening patterns in iTunes, and other such new conveniences are part of a new cached, convenient albeit less private life.
I found it amazing that not many people thought of this when they looked at Root Markets, a start-up that garnered favorite comments from many, including Erick Schonfeld, one of my colleagues at Business 2.0. Unlike him, when I see the company, the first thought that ran across my mind: so I spy on me, so to speak, build a collection of information about myself, and then heaven forbid for some odd reason, I get subpoenaed. Oops!
Take a more everyday scenario. A messy divorce is in the works, and wife’s attorney can get hold of the laptop, and twist everything around… and build a compelling case against you. I am not trying to pick on Root Markets, but what I am wondering – shouldn’t we be spending our creative and technological energies on building something that offers a semblance of privacy. Just a little bit? Don Dodge, formerly of Napster, whose blog is a relatively new but important addition to my blog-reading list, says
We should again consider what rights and privacy we have in the new digital world. You will probably be surprised to learn you have very little privacy and very few rights. Over the years we have rationalized this away, traded privacy for convenience, accepted targeted ads for free content, and assumed our email, even at work, was private. It isn’t.
Don offers seven rules of how to safeguard your privacy in a digital world, and many of them are frankly quite easy to implement. Writing private emails during work hours? Not a good idea. More conversations, instead of sensitive emails, which after all can be cached anywhere. And so on. I am going to think long and hard about Don’s suggestions, and try and follow them.
Everything works out just fine 99.9% of the time. We live in a great society of honest and decent people who want to do the right thing. Even in government…most of the time. Principles are important. We do have a right to privacy, but we have been lulled to sleep about where the boundaries of our privacy begin and end, and what compromises we have made along the way. Something to think about over the weekend.
PS: Any good privacy tool recommendations for OS-X?
Perhaps most visionary of them all was Neal Stephenson in ‘The Diamond Age’ (1995, I think) when he lets the neo-Victorian spymaster say that in this age that can track everything and everybody everywhere, all that is left is — politeness.
As for OSX options, the easiest thing to start with is to encrypt the home folder. It’s completely invisible in daily use and the drag on performance is minimal.
Have we really ever had any privacy?
http://www.heraldsun.news.com.au/common/story_page/0,5478,17625059%255E663,00.html
Mr. Malik –
What kind of privacy software did you have in mind on Mac? Somthing beyond PGP I’m sure… But, you’re probably keen on something on some other platform you’d like to see on Mac… Just curious (and maybe able to help).
Gerald
Tom Maddox and myself have been having an interesting blog argument on the subject. (Starts here.) I hadn’t ever seen the quotation from Scott before, but frankly, I have to agree with him. Privacy is only realistically possible in short spurts. And a time is likely coming when anonymity will be made so inconvenient as to be effectively impossible.
Here’s two privacy tips for you, that, when combined, pretty much give you all the privacy that can be had without pulling a “log cabin” stunt:
Use Tor.
Pay with cash.
And don’t be surprised if those two limit your options dramatically. And obviously, don’t tell anyone who you are while using those two options, as that’s kind of counter-productive.
Good article, Om.
Have you enabled FileVault on your laptop?
It’s built into OS X, and encrypts your entire home directory. It would absolutely prevent a wife or her lawyer from getting sensitive info off your laptop.
Dear Tom,
thanks for the tip. I had almost had forgotten about that. good part – no wife and thus no lawyer – but still.
gerald,
thanks for your offer to help. i am looking for some piece of software that ensures that my surfing habits are not cached on the work servers at the very least. i think that is key. and email.
Om,
Perhaps you could document/chart the response of these companies to requests from China, and then from the DoJ.
that is a good idea. i am pretty sure that they all buckled under the chinese demands. that clearly is a double standard.
Om, one of the easiest way to prevent your employer from seeing your search habits is quite simply to use your home computer to do the searching. Use VNC or remote desktop and do your searching/browsing/surfing that way.
All this yak yak, and yet:
http://www.larkfarm.com/search_voyeurs.htm
The latest Wired (14.01, “Don’t Even Think About Lying”) had an interesting article on fMRI lie detectors (although they’re in a very early stage) . . . we may not even have our thoughts soon enough.
oh now that is good. no privacy of thoughts. wonder what scott would say?
Om, Thank you for the kind words. You are a legend, so coming from you it is special indeed.
Excellent post. The “cached life” is more descriptive of life in the digital world than the “observed life”. As usual you make excellent points backed up by real world experiences.
I don’t think this is cause for alarm, just a reminder that privacy boundaries have changed over time. There are a select few activities in our daily lives that we might want to do in a different way or defer until we are at home on our own computers.
Most people are never sued, and most employers don’t review web traffic, even if they collect the data. It is that .01 percent of the time that it becomes a problem.
Don Dodge
… shouldn’t we be spending our creative and technological energies on building something that offers a semblance of privacy.
I had just such an idea … a throwback to the original Internet, really. Software for personal computers that turn them into servers as well as clients. That way, my information stays on my hardware: photos, blog, web mail, etc. You see traces of this already in Skype, hello.com, FolderShare, etc.
I could see Microsoft embracing this, as it brings it all back to the PC (they recently bought FolderShare, BTW). I could also see the carriers profiting on this, as they sometimes throttle P2P (which is what all this is, really).
The carriers could especially profit on this, since it encourages high speed service. And they could charge more for P2P service … effectively charging info consumers and publishers, just as they want to do with the two-tier internet.
Om- Just a couple quick thoughts on keeping your browsing and email “hidden” while on office networks.
1) Use a personally controlled proxy for web browsing and use an ssh tunnel to connect to it, then make sure your browser has a privacy setting and that it’s turned on.
2) Use a non-caching IMAP client and only connect to your personal mail server through an SSL/TLS connnection.
Both of these pretty much require you to have access to a trusted server, generally your own.
Shoot me an email if you want more info on this method.
Google created their own problem by collecting this information in the first place….
In an attempt to rollout a Citywide Wireless Internet plan (TechConnect) two major approaches being considered by San Francisco which may significantly encroach on the public’s privacy. The two options are a for-profit solution which will finance the solution by monetizing the public’s privacy or grants from Homeland Security. This occurs in the context of elected officials and city administrators patting themselves on the back for what the voters approved (2004) in a watch law ordinance that makes Patriot Act requests difficult for the Federal government to pursue in San Francisco.
The targeted advertising solution (google and others) would track all the email and surfing habits of any user. This information could be used as in Gmail and Amazon to send specific advertising. It is of course , also available for National Security Letters and other legal methods which would not be presented within the legal context of San Francisco – avoiding the Watch Law. While networks can be created that do not track a user’s private information (no server logs, etc) that is not a method being promoted publically by vendors like Google and in fact is partly the reason the Justice Department and Google are now fighting over production of user’s search records – Google can’t say they just don’t have the information. While there are questions about Privacy in the RFP, they were specifically written as Open Ended rather than as Minimal Standards. Public Advocates and Organizations like ACLU, EFF.org and EPIC.org have all written and some have spoken about their concerns with this approach Before the RFP was created and released – yet no changes were made. Also DTIS has the ability to waive any RFP requirements in the contract negotiation process anyhow.
The other funding concept that is being quietly discussed as a mechanism for the San Francisco Municipal Wireless solution is Homeland Security Grants – the calendar image below is from the city official Chris Vein who is in charge of the RFP process which requires bid submittals by 2006/2/21 – See Below
Washington Post: 2006-01-19 Fed Grants (Homeland Security) for Surveillance Cameras for Small Towns .. this seems related to Municipal Wireless funding efforts as well in San Francisco
http://www.washingtonpost.com/wp-dyn/content/article/2006/01/18/AR2006011802324.html
The Homeland Security funding option: “Motorola’s proposal suggests that the city pitch the project as a public safety issue, and capitalize on grants from government organizations such as the Department of Homeland Security. They suggest that the network would help law enforcement by enabling the SFPD to put wireless cameras across the city cheaply, and that the signal from a particular camera could be routed wirelessly to officers in their cars as they approached the scene.” (thanks to http://www.JacksonWest.com for summary)
Combined brief ACLU, EFF.org and Epic.org
http://www.eff.org/deeplinks/archives/004078.php
SF Watch Law Re Patriot Act
http://www.sfgov.org/site/uploadedfiles/bdsupvrs/about/watchlawprogram.pdf
Jackson West summary of TechConnect RFI/C submittals (the step before the current RFP process)
http://gigaom.com/2005/10/18/politics-of-san-francisco-wifi-project/
Chris Vein DTIS Acting Director’s calendar showing a meeting planned with Motorola (obtained through a Public Record’s request) Bob Siemmens/Motorola 925-218-4213 “Techconnect – Homeland Security” – 2005-12-16
more at:
http://www.webnetic.net
To those of us between the ages of 20 and 50, we can look back and say we grew up in a golden age of privacy. My grandparents came from a small village in Eastern Europe; they – and their ancestors going back thousands of years – had no expectation of privacy, ever: they knew that everyone else in the world (and I mean their world – my grandfather never traveled more than 10 miles from his home until he immigrated to the US in 1919) knew everything about them.
What’s happening now is the true global equivalent of a village – not a place where we’re not only all brought together by the media, but where, again, we’re back to the model that has existed in humanity since the dawn of civilization.
Many comments imply that privacy is an anti-social izing concept – ranging from “if you’ve got nothing to hide, don’t worry” to “you can opt out if you want” to “it’s worth the benefit.” These comments have analogs to the old village system: those with something to hide were often brutally persecuted; those who chose to opt out were forced to live in deeply primitive conditions (I’m reminded of the blind hermit in Mary Shelley’s “Frankenstein”), and those who believe the trade is worthwhile are the ones who populate the village (while those who run it are the ones who best aggregate the information others are transmitting.)
And it may be, in fact, that privacy doesn’t entirely benefit society – because a right to do what we want in our homes or to keep our personal tastes to ourselves is also the right for government officials to conduct clandestine surveillance or run secret prisons (not because such things are ethical, moral, or legal; because – I’d argue – that the issues of personal, social, and political transparancy are complex.)
I’m not advocating the destruction of our privacy rights; in fact, I mourn the loss of what appears to be a blip in the history of individual/group interactions. If the “blip” had somehow continued, it might have, in fact, flowered into true societal transparancy. But, cynical as it sounds, it hasn’t (and does anyone find it ironic that the same people who helped usher in the era of individuality – the children of the 1960s – are the ones who, as the baby boomers, are now selling it out from under themselves and their children?)
It is a rather bleak outlook, I know, but if you want to feel even worse, re-read the above and the other comments here, and substitute the word “literacy” for privacy. The idea that everyone has a right to read is just as alien in the vastness of human history, and it may be that text – which, after all, is only a symbolic way of communicating ideas and information (but a supremely flexible and versatile one) may also be on the way to becoming archaic – just think about how many different non-textual interactions you have today versus a decade ago.