Kate Klonick reports in the New York Times:
Today you can be in the stands of a major league ballpark and anyone with a smartphone and Google can connect the words you say “privately” in public to other aspects of your identity — your employer, your last vacation, your hobbies, your hometown, your friends. “If someone wants true privacy in this day and age your actions for achieving it must be intentional. You have to work for privacy.” Norms, not laws, govern a lot of day-to-day personal privacy. "Network technology has altered the meaning of public information” and made privacy in public a value to be protected.Concerns about digital privacy — What is Facebook doing with our data? How are advertisers tracking our interests? How can we stop the breaches that put our personal information at risk? — have received much-needed attention in recent months, but there’s another aspect of privacy that should be on our minds, too: Many of us underestimate the ways in which ubiquitous technology like search engines on a smartphone in the hands of a stranger can compromise our privacy in our everyday lives.I teach information privacy to law students. I gave my class an optional exercise to complete over spring break that illustrated the difference between the privacy we think we have when we’re in public and the privacy we actually have.The instructions were straightforward: At some point in the next two weeks, try to determine a stranger’s identity, in a public place, using only Google search on your phone, based on things the stranger said loudly enough for lots of others to hear and things that are displayed on the person’s clothing or bags, like logos or a monogram.The activity was designed to illustrate a theory explored by Irwin Altman in the 1975 book “The Environment and Social Behavior: Privacy, Personal Space, Territory, Crowding”: People will assume anonymity in public and then reveal various levels of private information given what they believe their environment to be and what tools might be available to manage disclosure.For instance, if you are in a quiet doctor’s waiting room or even a full but quiet subway car, you might (though we’ve all been around those who don’t) wait to make a call to a friend, knowing you’ll be easily overheard. That discretion might fade away, however, in a noisy subway car or in an airport. In such places, you know people can still hear you, but you’re relying on another mechanism to protect your privacy: obscurity. Privacy by obscurity, as Woodrow Hartzog and Evan Selinger have written, “is the idea that when information is hard to obtain or understand, it is, to some degree, safe.” I wanted to demonstrate to my students how the most common of technologies can be used to shatter the perceived protections of obscurity and, in turn, reveal the admittedly thin mechanisms by which privacy is actually protected.After describing the exercise and its goals, I was met with some skepticism. A few students found it to be “creepy” — a reaction I was quick to point out revealed their own notions about how public space was private. I assured them that the goal was not to eavesdrop on a purposefully private conversation, or to do any “digging” on the person, or to share or do anything with the information they found out. This was to be purely an exercise in whether people can actually be private in public places and whether they expect to be.The project has had fascinating results. A number of students have written to me over the course of the break describing their experiences. A student who had been against the need for privacy regulation, arguing in class that those who have nothing to hide shouldn’t care who’s watching or listening, was particularly shocked. Sitting on an airplane, she listened to the man in front of her on the phone arranging his pickup from the airport. He revealed enough in that conversation that she was able to find his name. “It’s actually crazy when you think about all of the things that are really NOT private!” she wrote to me in an email.Another wrote to say he’d de-anonymized a man in a loud conversation on the train. He overheard the man’s first name and typed it in combined with the name of the college on his shirt. The student explained in his email to me that even without a last name, he was able to find the stranger’s college major, minor and year of graduation. It helped that in one photo he was wearing the same outfit he wore that day on the train.People outside my classroom have had experiences similar to those of my students. This week, I tweeted a short thread describing the assignment. “This reminds me of a time at a Starbucks,” a user replied. “This dude was having like a fight with his accountant or something. Kept, loudly, repeating his SSN and full name on the phone. After the third time I wrote it down, and handed it to him.”Another Twitter user said the exercise reminded her of her mother’s rule to “never use a full name in public,” noting “most people who grew up in a small town had a similar rule, no?” Many probably did. We’ve always known that in a tight-knit community, a bar where everybody knows your name, or a tiny cafe with only three tables, every stray comment made is likely to be overheard and can become a permanent part of the speaker’s reputation. But today you can be in the stands of a major league ballpark and anyone with a smartphone and Google can connect the words you say “privately” in public to other aspects of your identity — your employer, your last vacation, your hobbies, your hometown, your friends.Does this exercise demonstrate that there’s no more privacy? No, but it does mean that you might have to make it happen for yourself. “If someone wants true privacy in this day and age your actions for achieving it must be intentional,” a user replied to my thread. “You have to work for privacy.”Networked technology has, as Helen Nissenbaum has written, “altered the meaning of public information” and made privacy in public a value to be protected. The exercise was a reminder that norms, not laws, govern a lot of this day-to-day personal privacy. There’s nothing illegal about Googling the guy loudly talking on his cellphone in line behind you at the grocery store, plugging whatever identifying details he provides into the search engine to learn more about him. But most of us don’t do it — why not? In part because it takes time and energy, but mostly we don’t do it because it’s a little “creepy,” as my students pointed out. The feeling of creepiness is the reaction to a norm being broken, a norm that values our individual ability to be private in public.Norms are notoriously mercurial and thin protections, but we can do more to educate people and help preserve them, like decreasing the use of internet-connected devices and facial-recognition technology. But perhaps the most significant thing we can do is also the most personal: Treat every place as if it were a small town, and give everyone the privacy that you would give to your neighbor — and that you would want your neighbor to give to you. Also, if you decide to take a call when your plane is on the runway, keep your voice down.
0 comments:
Post a Comment