Shared publicly  - 
 
iPhone App Demonstrates Why Privacy Law Is Inadequate

This posting is the best illustration of why the current approach to privacy legislation is inadequate that I have seen. The app in question almost certainly complies with all current privacy laws, as do all of the data sources it is using. It is simply triangulating between many independent data sources and exposing the correlation between them.

As +danah boyd has explained, privacy is primarily about being on equal terms with the other participants in a given social context. This app harnesses social media to eliminate any semblance of a level playing field. The app is creepy, yes, but the solution is not to attack the app; it is to realise that privacy legislation that only considers data use on a service-by-service basis is entirely wrong in a meshed society.

The bilateral model which privacy laws are using is inadequate, and a multi-lateral approach that is data-subject-centric is required. That's the real lesson here.
“Boy, you sure have a lot of apps on your phone.” “Well, it's my job.” “What's your favorite?” “Oh, I couldn't choose. But hey, want to see one to set your skin crawling?” It was the flush...
6
15
Germán Poo-Caamaño's profile photoFernando Santagata's profile photoNathan Summers's profile photoMorten Johannes Ervik's profile photo
13 comments
 
This is a very tough problem to solve. Both forbidding people from making certain data about themselves public and forbidding the use of public data are problematic in any sort of broad stroke way. Yet, this example is most certainly creepy.

We've been skirting around how lots of things that are ostensibly public (e.g. public records, photos in public places) become public in a different way once they're digitized and tagged since Web 1.0. But I suspect things are coming to something of a head.
 
I wonder if we need to distinguish between "public to humans" and "public to machines"? Once the friction of needing to be in earshot of the source is eliminated, the result is a kind of "in public" that no law created so far has considered.
 
I think the issue is even bigger than that +Gordon Haff. I think the issue here is that social networks dont really give a **** about the privacy of their users(esp faceook although it has gotten better) as long as they still get their paycheck from advertising and from their shareholders. As to a solution to that, im not sure - possibly a law that forbids social networks from making user's data public by default? Who knows...
 
+Robert Main Settings that default to private on social networks, photo sharing sites, apps, etc. are all fine and good and should generally be the norm, whether or not by legislation or not. (I am wary of government making sensible decisions in technology generally.) But the bigger issue is how all this ambient "stuff" that individually is harmless or even useful, suddenly becomes rather creepy at scale or when correlated with other data.
 
+Simon Phipps Agreed. For the most part, we've adapted as a society to information that used to be buried in dusty town clerks' offices are now available to the world at the tap of a few keys. (Though those with criminal records or have otherwise been in trouble in a public way might disagree.) But, as a couple recent court cases have begun to touch on, there's a big difference between being in public and being under continuous surveillance for example.
 
The bigger issues are informed consent and device control. While you can demand that sites like Facebook make users aware of what's shared and demand that those sites give users control, people are still under worse surveillance through their non free phones and computers. In response, companies may only limit what services are offered to the victims of spying without eliminating the actual spying. With non free software, informed consent is impossible because the user never knows what it is really doing. The solution is projects like Freedom Box and software freedom for all devices.
 
While they've shut down the access for that one app, relying on media reports that catch widespread attention to alert them to misuse doesn't seem very reliable or scalable. Perhaps if they spent a fraction of their data mining resources analyzing their API usage logs for potential misuse they could catch these issues sooner.
 
I don't think they are relying on media reports to identify misuse. I don't think they regard it as misuse; rather, they are reacting to some bad publicity. If there were no media frenzy I doubt they would shut down this use of their API, which is probably along the lines they expect and intend.
 
+Simon Phipps +Alan Coopersmith 4Square did some hand waving around aggregation that isn't permitted in their TOS but, yes, I think the shutdown was mostly for the catch-all "because I'm the Mommy and you embarrassed me" reason (which is almost as concerning from a developer perspective as the broader mashup privacy issues are to others).
 
This is a reflection of the true problems with thinking around privacy. One problem is all current thinking is application-centric. What is controlled is the bilateral relationship of the user (data-subject) with the application (data-user), rather than the relation of the data-subject to the data itself. That contributes to the second problem, which is to consider "public" without regard for the scale of public. By that I mean that it may be OK for isolated data to be made available without authentication but the same data consumed for purposes of triangulation may need permission. We are still thinking of isolated bilateral secrets under on-off controls, when we should be considering a multilateral world of scales of publicness.
 
Yesterday, someone alerted me to http://www.tlo.com/ which they considered a bigger invasion. They said combines it "everything public" but they also talked about things that would come from Choice Point. LOL, it's called "The Last One" and was founded by a drug smuggler http://en.wikipedia.org/wiki/Hank_Asher

A bigger problem than the aggregation of things we want and intend to be public is the fact that companies are publishing things that we consider private. Both problems should be addressed but the second one is a blatant betrayal that has gone on for a long time.
Add a comment...