does anyone care if their library records are being tracked? should they?
ALA OIF has received a grant from the Open Society Institute/Soros Foundation to explore the issue of privacy in the digital age
Panelists: Dan Roth (Wired), Cory Doctorow (CrapHound), and Beth Givens (Privacy Rights Clearinghouse)
no one ever talks about privacy in his world unless he asks the questions
the only time it has ever come up that he can remember was in 2005 when a company lost 600,000 employees’ info (Time Warner) — happened to his parent org
he talked to corporate communications, who hadn’t told anyone; they had lost the info a month before
they said “we’ve only lost tapes 4 times this year“
everyone at work was upset for days
no one ever talked about it again & people stopped talking about it
and these were journalists
how can your reach the public if journalists don’t care?
little incentive for consumers to care about privacy — not sure why they should care (except for the people in this room)
beyond just the question of will a company get spanked for losing information, will consumers use it as a criterion for which companies they will deal with?
some companies have said we have better privacy policies than google — you should trust us
ask.com decided last year that privacy rights would set them apart
– offered askeraser, where users could configure what was stored by the company
but this wasn’t meaningful, and ask is still 4th or 5th in the market
if you use the google toolbar, it’s collecting information about you — steve ballmer tried to make a big deal about it, but consumers didn’t care
cited a survey in which 75% of privacy execs said they don’t share data
however, marketers share the info (some even share SSNs), so the CEOs don’t know their companies are doing this
the idea of the free economy — free as a business model
you get something great in return for info about you
they all count on ads being served up to you
thinks there will be an arms race to offer more info about users, which means more collecting and more sharing
this will build up to a point where we’re all completely findable online
phorm — ad survey company that teams up with ISPs; tracks their users as soon as they log in until they turn off their computers and serve up ads the whole time
there is no real way to opt out of it
it will be very popular and is being tested in the US by Charter
it’s time to decide where we stand on this
if we don’t want to get stuff for free in exchange for data, we need to figure out some way to tell business that we do care about it and how we want to handle it
it all looks hopeless, because it looks like americans don’t care
but think about 7 years ago, when only a dedicated group cared about the environment
now more people care, and the same could happen with privacy
hopefully we won’t have to wait a decade to find out
Privacy Rights Clearinghouse was established in 1992
two types of privacy — informational privacy and constitutional privacy
they concentrate on the former (ACLU and EFF concentrate on the latter)
lines are blurred in reality, but there are too few of us all the way around
provide practical information about how people can protect their identity in credit offers, medical privacy, government records, debt collection, etc. and from identity theft
librarians can turn to the PRC for help with questions such as “how do I get rid of all of those credit card offers I get in the mail?”
a few years ago, Sun CEO Scott McNealy said “you have no privacy, get over it already“
he said visa knows what I bought, someone has my medical records, someone has my dental records, etc.
1967 definition of privacy — when someone can decide what information about them is transmitted to others
Canada & EU do a much better job than US; they have privacy commissioners and we don’t have that (no comprehensive data privacy law)
instead, we have the sectoral approach — a law for this industry, another one for that industry, etc.
HIPAA isn’t a privacy law, it’s a disclosure law
it’s a swiss cheese approach and there are lots of holes
Fair Credit Reporting Act was enacted in 1970 — wouldn’t make it out of congress today with the shape congress is in these days
gives you a right of access to your credit report
only creditors, employers, and landlords can access your credit report — if others access it, you can sue
Fair Information Practices — FIPs
when she analyzes an information bill, she has a mental checklist of these things (usage, collection, access, etc.) for evaluating it
most privacy policies are not really privacy policies at all — they’re disclosure policies because there’s no omnibus privacy bill on the books
usually in legalese it’s difficult to understand
throwing up your hands and declaring you have no privacy is not a valid option
instead, we need to take every opportunity to opt out — they have a guide on their website
take control of uses of your personal information
that way, lobbyists can’t say to legislators that we don’t need privacy legislation because only a few people opt out
in fact, let legislators know this is important to enact
librarians are the pioneers — use the PRC resources
we can all do a better job of making sure our privacy is more protected, rather than less protected
put books like Cory Doctorow’s Little Brother — as well as nonfiction — prominently on your shelves and help guide people to resources
encourage users to visit the nonprofit advocacy group websites
when we say do we need to care about the privacy of our patrons in light of the fact they’re already giving away their information on social networking sites, at least sn users are deciding when to give out their personal information
how can you say info is private if other people know it?
well, we have private but secret acts (going to the bathroom, having sex) — this is no different
the further up the ladder you go and the higher up you are, the more power you have to selectively reveal information
the lower you go, the less power you have to hide your info
is this because of bureaucrats or our technology?
why do we enter the skinner box? go online and give away our information?
the system architects create the system, but others create the norms for us just giving away the info without thinking about it
london is ground zero in the privacy wars
wanted to use rfid passes instead of paper tickets — convert everyone over
gave discounts to new rfid users by tripling the cost of paper tickets
same thing with grocery loyalty cards
aimed at people with the least choice
thinks there are businesses who have manipulated the field
this has raised a generation where this is now par for the course and this happens all day long, and not just in commercial settings
it’s become the norm because you have to know what you’re doing to turn off the logging
rfids are set up so that users have no ability to configure, read, or block them
vendors say this would raise the cost of rfid, which is true — the same way seatbelts, brakes, etc. raise the cost (a company couldn’t offer a car today without those things)
it wouldn’t be a market correction when that company went out of business — regulators would take care of it
creates a climate where we have less respect for our own privacy
also where malicious people can read your data and decide what to do with it
libraries are the last bastion of DRM — they’re not treated as first-class citizens
DRM — consumption of material — a word-by-word capacity to track what people are reading
we should be deeply skeptical of these technologies
libraries have a moral imperative to block technologies that expose user data (embodies a snitch)
an information economy based on accessing information isn’t viable
it’s a business model that no one wants
no one woke up this morning asking to do less with their music
at the end of the day, this surveillance undermines our personal security and our national security
surveillance societies are ones where people don’t trust each other
they undermine our security because it makes our haystacks bigger without making it easier to find the needles
our information officials had everything they needed to know about 9/11
the mad response since then has been to make the haystacks bigger
we collect the information to fill the government databases to make it harder for the government to find the critical info
can’t spot the important stuff in the unimportant stuff we’ve collected
in the remote rail stations, we’ve replaced the guards with cameras, which are only forensic
when you have that many cameras, no one watches them
they don’t prevent crimes — they only help you solve them afterwards
cctv is not a means to securing society
crack addicts who mug and kill you for your cell phone don’t have long-term plans and cctvs don’t help with those scenarios
these systems that we build that provide access to this information will determine the societies we build in the future
our decisions as information professionals will determine whether our descendents curse us or praise us
Q: what is at stake here overall?
Beth: there’s a huge amount at stake. if we don’t somehow succeed in getting our message across about speaking out and protecting our privacy, we’ll lose it. so much data is gathered about us, and profiles are being built now; the movie “Minority Report” is a great example of ads being tailored to you. worries the most about when all of these cameras are outfitted with biometric readers that identify the shape of our face, which hooks into the drivers license database — this is very possible and is high on her list to worry about. worried we’re heading in that direction without asking the questions and putting up the barriers
Dan: we’ve seen some of this already — what happens when our health records can be read by insurers and employers? what happens when you apply for a job and they can read those things? when you can’t get a drivers license because of what they know? when you can’t get married? once all of this info is out there, and if we don’t care, what happens when we develop into a nation of niches? you’re the kind of guy that shops for this one thing? as we move away from mass culture to atomization, how does having this private information out there affect us?
Cory: one of the important things to recognzie about this data acquisition is that it’s like uranium. you can buy it on amazon for your science project, and it’s perfectly legal. but you can refine it into plutonium and this is a problem. a little of your private information is one thing, but you can quickly amass a lot of private information in the public domain without even knowing it. the internet will never unlearn what paris hilton’s genitals look like. these things never go back in the bottle. you will never be able to not look up what CEOs of companies were posting on usenet in the 90s. as we confront the potential of our society in 20 years, all of this info will be like smog and we won’t be able to destroy it
dan: we’re in a golden age right now where most companies don’t know what to do with all of this info they have. they just keep collecting it, but at some point they’ll figure it out. if something is going to happen, it has to happen now
cory: or it’s like the breakup of the soviet union, where you could buy the plutonium easily. cited a situation where selling blade servers came with the info on it. you’re loading the gun and handing it to successors forever
beth: recommends the “Dig Dirt” report/survey about how employers are using social network sites and other information as a hiring tool (more than 50%) and making value judgments about individuals and keeping this to themselves. doesn’t apply to privacy or employment laws. old laws are inadequate for covering this kind of thing. let young people know, even though it might not do any good because they may not listen
Q (Jessamyn): these databases exist — we know that. at what point do we either have to say the horse is out of the barn or that there are assurances about things happening? if we’re just waiting for the processors to hit the point where they can use the data, do we need a new strategy about serious top-down legislation? is there any purpose to doing something other than top-level stuff
cory: calls it “turning forward the clock,” not “turning back the clock.” we’re going to regulate how this is used and teach people how to use it. respecting the awesome power of information and regulating this activity. could trivially build a skinner box that rewarded people for protecting their privacy and in fact justin hall is working on this with pmog — the passively multiplayer online gaming (http://pmog.com/)
dan: looking for the transparency side. if we care about this as a society, we have to keep at this and find ways to make it happen. use game theory to your advantage to encourage people to do this. consumers don’t have any idea why they should care about this and you have to teach them why they do
beth: very few people take advantage of the opportunity to view their credit reports. try to get the right of access into law now, because it doesn’t exist. PRC tried to do this last year but failed in california because of the information and credit industries. couldn’t get past the committee hearings. have to keep trying. counting on a “data valdez” doesn’t work because we’ve had one after another (their website keeps track of these security breaches — a running tally). when more people realize that the decision made about them (job, insurance, etc.) was caused by personal information that is out of their control, it will help energize them, but it’s difficult. california is a trendsetter in terms of legislation, but the information broker industry is fighting & blocking this legislation
cory: other tips and tricks that make it easier to game the system — skipxxip (sp?) generates fake logins for registration sites. every time he gets a postal solicitation, he writes “deceased” on it and sends it back
Q kate sheehan (blogger): about 8–9 years ago, Wired ran an article about how to be invisible online. is it even feasible anymore? is it even a good idea to try to make yourself invisible or to manage it? how do you buy a house then?
beth: “how to be invisible” book. can’t be invisible because then someone else has to manage your mail. that’s why she’s a public activist. remember the unabomber? he owned the cabin so records showed that and even he couldn’t be invisible
cory: thinks it’s just bad tactics; shift over the last few years is that “green can be glorious” — doesn’t involve suffering or eating food that tastes bad; being green can actually help us personally — there’s an imaginative opportunity to come up with cool ways to make privacy luxurious
dan: would like to see a point where you can figure out what is being trapped and what you’re giving away. try to read the privacy policies of a lot of websites and they’re incomprehensible
beth: that’s why the right of access would be very valuable — to see what is held about us
dan: the one story he did about privacy, he talked to HP’s chief privacy officer. she described the amount of work HP does to keep user data private in the EU, but not in the US because we don’t require it. wasn’t a no-brainer to just do it here since they were already doing it there
cory: defaults matter. if a router came with logging off by default (or apache) and you had to explicitly turn it on, we’d have a very different world. push legislation and best practices. firefox could do more to surface what information about you is being given away. linux could expose info. the open source world in particular could help with this by setting the defaults to off. there’s a really good inflection/leverage point there by just talking to some geeks in the right way
Q: as librarians, people come into our institutions, how do we convince our users that privacy is important in the age of facebook? what do we do?
cory: friend of his is a hacker who built the “hackerbot” — a robot sat on the floor on the ground with a router on it and it would sniff the area networks and grab unencrypted passwords. it would roll up to your feet and show you all of the passwords you just transmitted; a library that had over the door a printer that showed all of the info you disclosed would be very powerful. having slider bars that show red/green for amount of disclosure
beth: described a game that could be used in libraries. it’s a town square where you’re challenged about privacy data and questions you can answer. can come up with creative ways to educate and inform people; use the library as a launching pad
cory: in a few years, teachers will be able to datamine info about their students as a very instructive lesson
dan: require that everyone check out cory’s books
Q kate sheehan: we’re very concerned about privacy, so we don’t let users see everything they’ve ever checked out. we’re protecting their privacy, but they want to access that info. her library has the ability for the user to turn this on so they see it and staff don’t, but most libraries don’t have that. how do we balance this?
cory: demand of vendors ways they collect information for only the user to access. maybe the data resides only on their library card and not on your server. stuff can live on the edges — doesn’t have to live in the middle, and it can be encrypted. it’s utterly conceivable that if there was demand for it, vendors would produce the solutions
cory made an explicit statement that all of his remarks are in the public domain!
q: how do we argue for this when privacy protections cost money?
beth: could try scare tactics. the more you collect, the more the risk it can get breached. larry ponemon (sp?) has calculated the cost of data breaches ($100–200 cost per name per data breach). the lesson many of these entities have learned is that if we hadn’t collected all of this stuff, we wouldn’t be in trouble now. don’t keep data for very long
cory: has a friend who described a conversation with a self-defense instructor. what do I do if I’m in a dark alley when two guys are following me and I’m alone? answer — don’t go to dark alleys alone
q: as a consumer, i was better able to manage my privacy before 9/11 and before I bought a house. now my info is everywhere. how do I manage this?
beth: in terms of property, create a living trust and don’t put it in your name — this will protect you from real estate ledgers. start young on this one. this is good in general — just have a PO box — so that it becomes habitual. this is why working with young people is so important.
q: but traditional things like banking require a physical address and a Social Security number
cory: need to take control of your technology; jailbreaking drm; take control of debate & learn to speak intelligently about this; danah boyd shows a slide on online predation and how rare these occurrences are — knowing how to speak about the issue is key. third thing is régime change — if you don’t participate in the electoral process, it will participate in you
q: one of the big worries we’re facing today is that after 9/11, there is increased access by government to library information. there is a certain logic to the idea that we’ll be safe if we just give up our privacy. how much safer would we really be if the government knew everything everyone was reading?
dan: thinks people are starting to say that all of data collection this hasn’t helped us at all
cory: safety and security are not platonic universals. you can only be safe by definition from something. if you’re going to be made more safe from terrorists, you have to be less safe from government. this is at odds with the founding principle of this country. if you believe the former, you should go back to the soviet union. saying we are taking away your freedom to keep you safe from terrorism is a fundamentally unamerican premise
q: we have this huge cult of celebrity that everyone feeds into where it’s a cool thing to divulge this information. there has to be a shift for librarians to educate people if there’s a drive to not give out that info. would need a celebrity campaign to counter the norm
beth: that’s a great idea, especially for the long-term consequences
dan: saw this happen in a story about a secretive billionaire. guy purchased a company and never talked to the press. his daughter had a blogging site, though, where she talked about her parents and the fights they’d get into, what she overheard them saying. it revealed a lot about this guy and it enabled dan to approach him to say here’s what I know about you. that blog *stopped* as soon as the guy found out about it
q: transparency has ebbed and flowed across history and we’ll never have absolute privacy. we need to assert positive rights for privacy. how do we watch the watchers and take care of the positive ways?
cory: his daughter is 5-months old, but their first game will probably be 10p for every cctv you spot. wants to make a campaign of post-it notes with closed eyes on them that people can put on cctv cameras — “don’t watch me”
jessamyn: demystifying the media and telling people that it’s okay to not always believe the newspapers and magazines
q: it would be useful for us as a community to look at the successes of the green revolution and how it evolved, maybe piggyback on it. is our “inconvenient truth” “information footprints” instead of “carbon footprints?” get our own al gore and make our own movies. let’s build on that
dan: will have a problem convincing people not to opt-in to things they use everyday, though
cory: there’s a third option between refusenik and throwing up your hands — take control of your habits; use “google commander” firefox extension; in the library, we could redirect doubeclick URLs to 0000 so that library users are not tracked
dan: digital vandalism would make this info useless — a friend clicks around aimlessly to deliberately create false data
q: how can we work better with our IT people? and our vendors? what would be persuasive to the geeks who design our systems?
cory: is a former sysadmin and geeks believe really strongly in privacy for themselves. if you can get those people to expand the universe of people whose privacy they want to protect beyond themselves, they can understand it’s part of their mission
q: the EFF has the Tor program that can be downloaded for free to anonymize web surfing and can be used on library computers, too, if your IT people install it
cory: it was originally intended for naval communications
- additional liveblogging of this session at the Loose Cannon Librarian