Skip to main content

Data in Confidence

Earlier today, I shared a CNN story detailing the reaction of major tech companies to the PRISM leak. I find it interesting that Google, Facebook, Apple, and Microsoft have all gone a pretty long way toward asserting that they protect user privacy. There is an obvious attempt here to win (or win back) the trust of their various communities of users.

All of these companies provide a set of valuable services, and they do so at the cost of our information. Just thinking about Google, the general service they provide can be understood as information management to promote convenience. Google's various products make our information more accessible to us and more easy to share with others. Google also turns our information into action through appointment notifications, editing documents, and maintaining our contact lists. In exchange for these services, we have to provide Google with our data.

On the surface, the users are supposed to get enough convenience to offset any recoil about giving a third party a window into communications, interests, and behavior. Here, I have to admit that as much as I like to maintain a strong wall of privacy, I've found Google's services too convenient to pass up, especially when it comes to keeping a handful of devices in sync. Still, convenience loses value when the security of our information is compromised.

Continuing the focus on Google, we can see that maintaining user privacy has always been a concern. All tech companies work to maintain the security of the data they hold, and we have indication that there is not a policy of blanket compliance with government requests. With the PRISM leak, we have another vivid reminder of the vulnerability of our data, and what our information-management-service providers do to keep it safe.

What I find so interesting is that there is a clear market motive, entirely independent of ideological commitments, to establish trust. In the long run, convenience isn't enough to maintain a community of users. If that convenience incurs the cost of losing privacy, users will tend to migrate away to more secure service-providers or learn to do without. The only way for a service-provider like Google to maintain its userbase is to establish itself as a steward of user data. Acting in the interest of the user in this case means acting in the overall interests of Google.

Given that established privacy law is still catching up to email let alone Google, there is a clear policy gap with regard to this kind of data-stewardship. I think this gap could be filled with by a confidentiality relationship similar to doctor-patient or legal counsel. At present, a firm like Google can build privacy guarantees into their user policies, but those policies are not consistent and not recognized beyond their nature as contracts. Instead, there should be an understanding that data handed over to a service-provider like Google maintains a reasonable expectation of privacy, just like anything you tell your doctor.

With a recognized Data Stewardship relation, users could have an increased trust in the privacy of their information and maintain the convenience of using services like Google. The standards for this relationship can be drawn from both established confidentiality relationships, industry standards in privacy polices, and privacy practices in Europe (where privacy issues are a big deal). Users would then know what to expect in terms of privacy and how their information will be used.

As we continue to move our lives online, these issues will only become more important.


Popular posts from this blog

RPG Systems: An Analogy with UI Design

The current game in our weekly role-playing group is Deadlands. The previous game was Shadowrun. Both rule systems lie closer to the “chunky” side of the spectrum. Shadowrun has a particular reputation for its complex and somewhat cumbersome rules, and while Deadlands has less overall complexity, the system has a degree of granularity that interrupts play more often than it enhances narration. I enjoy role-playing games because I like participating in a good story. The rules system provides a set of constraints for the characters, the setting, and the conflicts. They help give the narrative structure, a background against which the story will take place. Too few rules, and telling an interesting and well-developed story becomes difficult. Too many rules tend to get in the way of individual scenes or events. With the right balance, it’s possible for the game master, usually me, to be sufficiently fluent in the rules system to resolve any conflict without extended consultation of on

Some Thoughts on Dharma Decline

Many of these blog entries have concerned my main research in political philosophy, intellectual property and technology. Now for something a little different, I thought I would write up some thoughts on another area of interest: Buddhism. For those who don't know, I've taught courses in Buddhism since I began teaching, having learned a great deal from my undergraduate advisor, Donald Hanks, and Ashok Aklujkar, a now-retired professor of Indian languages, literature and philosophy for whom I served as teaching assistant during my time at UBC. Thanks to their instruction, I developed a solid knowledge of the Indian Buddhist tradition, and I've used what they taught me to deepen and develop that knowledge to improve my teaching and my personal meditation practice. While I don't want to write a full tutorial on Buddhist thought, I would like to discuss a notion that prevails in some traditions, and that discussion will require one to know a few basic ideas. At its cor

Justifications for Intellectual Property Part 1: Utilitarianism

There is no way this tutorial series would be complete without some discussion of justifications for intellectual property. While not necessarily a matter of law, some knowledge of the philosophical foundations will provide a better sense of the values at stake in intellectual property debates. Notice, for instance, that the tutorials on fair use were punctuated with appeals to values, social goods, and individual rights. Without an understanding of the moral and political framework against which the law stands, one can very easily find oneself in a stalemate, with one value pitted against another and no way of deciding which should prevail. To understand the jurisprudence around intellectual property rights, one has to have some idea of the justifying theories to which attorneys and judges appeal in their arguments and decisions. So, without further ado, let's get to the tutorial. There are three main ways of justifying intellectual property rights: the Utilitarian theory, th