Skip to main content

Data in Confidence


Earlier today, I shared a CNN story detailing the reaction of major tech companies to the PRISM leak. I find it interesting that Google, Facebook, Apple, and Microsoft have all gone a pretty long way toward asserting that they protect user privacy. There is an obvious attempt here to win (or win back) the trust of their various communities of users.

All of these companies provide a set of valuable services, and they do so at the cost of our information. Just thinking about Google, the general service they provide can be understood as information management to promote convenience. Google's various products make our information more accessible to us and more easy to share with others. Google also turns our information into action through appointment notifications, editing documents, and maintaining our contact lists. In exchange for these services, we have to provide Google with our data.

On the surface, the users are supposed to get enough convenience to offset any recoil about giving a third party a window into communications, interests, and behavior. Here, I have to admit that as much as I like to maintain a strong wall of privacy, I've found Google's services too convenient to pass up, especially when it comes to keeping a handful of devices in sync. Still, convenience loses value when the security of our information is compromised.

Continuing the focus on Google, we can see that maintaining user privacy has always been a concern. All tech companies work to maintain the security of the data they hold, and we have indication that there is not a policy of blanket compliance with government requests. With the PRISM leak, we have another vivid reminder of the vulnerability of our data, and what our information-management-service providers do to keep it safe.

What I find so interesting is that there is a clear market motive, entirely independent of ideological commitments, to establish trust. In the long run, convenience isn't enough to maintain a community of users. If that convenience incurs the cost of losing privacy, users will tend to migrate away to more secure service-providers or learn to do without. The only way for a service-provider like Google to maintain its userbase is to establish itself as a steward of user data. Acting in the interest of the user in this case means acting in the overall interests of Google.

Given that established privacy law is still catching up to email let alone Google, there is a clear policy gap with regard to this kind of data-stewardship. I think this gap could be filled with by a confidentiality relationship similar to doctor-patient or legal counsel. At present, a firm like Google can build privacy guarantees into their user policies, but those policies are not consistent and not recognized beyond their nature as contracts. Instead, there should be an understanding that data handed over to a service-provider like Google maintains a reasonable expectation of privacy, just like anything you tell your doctor.

With a recognized Data Stewardship relation, users could have an increased trust in the privacy of their information and maintain the convenience of using services like Google. The standards for this relationship can be drawn from both established confidentiality relationships, industry standards in privacy polices, and privacy practices in Europe (where privacy issues are a big deal). Users would then know what to expect in terms of privacy and how their information will be used.

As we continue to move our lives online, these issues will only become more important.

Comments

Popular posts from this blog

RPG Systems: An Analogy with UI Design

The current game in our weekly role-playing group is Deadlands. The previous game was Shadowrun. Both rule systems lie closer to the “chunky” side of the spectrum. Shadowrun has a particular reputation for its complex and somewhat cumbersome rules, and while Deadlands has less overall complexity, the system has a degree of granularity that interrupts play more often than it enhances narration. I enjoy role-playing games because I like participating in a good story. The rules system provides a set of constraints for the characters, the setting, and the conflicts. They help give the narrative structure, a background against which the story will take place. Too few rules, and telling an interesting and well-developed story becomes difficult. Too many rules tend to get in the way of individual scenes or events. With the right balance, it’s possible for the game master, usually me, to be sufficiently fluent in the rules system to resolve any conflict without extended consultation of on

The Incredible Lightness of Collaborative Consumption

Last week, we had to exchange our defective futon frame for a new one. The store didn't want to cover transport cost in either direction, so we had to figure out how to get our re-boxed frame from Mountain View to Los Altos. If we had a car, it would not have been very simple since we were aiming to buy a small sedan, nothing that can easily carry the frame and its box. Fortunately, we have a car sharing service that gives us access to a range of vehicles, including a van stored down the street from my building. After work, I grabbed the van, picked up the frame at our place, and then Tara and I drove to the futon to make the swap. I dropped off Tara and the new frame at our place, and then headed back to campus. On returning the van to its parking space, I hopped on a shuttle back to downtown Mountain View. We were able to do all of this because we're not tied to a specific vehicle for all of our transportation needs. The last car we owned was a van, and it came in handy o

Carless in California

For various reasons, we do not own a car despite living deep in American car country. The reasons are largely financial; the cost of living in downtown Mountain View crowds car ownership out of our budget. We pay more to live in a pedestrian friendly neighborhood, so we are less able to afford a car. At the same time, I don't need a car to get to work, and Tara doesn't drive, so any car we had would sit in the carport most of the week. Combine that waste of resources with a reluctance to contribute to the Bay Area's traffic congestion, and forgoing car ownership doesn't sound all that bad. Car sharing services allow us to grab a vehicle as long as we plan ahead a bit. The Caltrain provides access to San Francisco. There are convenience stores and cafes in walking distance, so we don't feel the absence of a car too often. Last night was one of the few times where I did. After getting home from work, we wanted a dinner cheaper than nearby delivery options. The n