The privacy industry: Scare and sell

At two privacy conferences—one in New York, the other right now in Victoria, B.C.—I’ve watched the growth of privacy’s regulatory/industrial complex and seen its strategy in action: scare, then sell.

Yesterday, before I spoke at the Reboot conference, the privacy commissioner for the province, Elizabeth Denham, got up to demonize the social net and its leaders. She said that Google’s Eric Schmidt believes privacy is not relevant anymore, citing his jokes about changing our names at age 21. She belittled Mark Zuckerberg, too. She bragged about helping to bring Facebook to accounts when she was in the federal privacy office. And she gloated about the fizzle of Google Buzz. Then she boasted about adding more regulators to her office and getting more resources. Scare and spend.

At a later panel, I saw a vendor go through his PowerPoint showing the growth of so many outlets of social media. He said 500 million people were using Facebook. Then he paused … dramatically. Then he said, “scary.” Why is that scary? He didn’t say. He talked about watching YouTube videos as if that could be harmful in and of itself. How? He didn’t say. That’s how the discussion of the social web has advanced in this industry: all you have to do is say people are using these mysterious tools and the fear is assumed. But then he sold his service. Scare, then sell.

I spoke with the head of an association of chief privacy officers. Boy, I said, I’ll bet your membership is growing. In increments of a thousand, he said. He also noted how the growth in the U.S. is in privacy officers while in Europe it’s in privacy regulators.

I saw the two come together at the other conference, MediaBistro’s in New York, when the head of a privacy advocacy organization issued his fearsome spectres for the crowd of companies and regulators. It becomes a self-powering machine: The privacy advocate feeds the regulators arguments to be scared and regulate more, then companies think they need more privacy services, and more companies are born to provide them—companies that set up booths here in Victoria. One handed out a slick magazine with the big cover billing: “Social Media RISKS: Four Areas You Must Examine At Your Company.”

In the draft of my book Public Parts—which I’m furiously editing now—I had not gone after privacy’s regulatory/industrial complex. I’m trying hard not to pit privacy and publicness against each other as they are not binary; one depends upon the other in a continuum of choices we all make.

But the emergence of Privacy, Inc., as a industry built on scaring people is beginning to scare me.

In my talk yesterday, I warned of unintended consequences of too much regulation enacted too quickly. I cited Germany’s Verpixelungsrecht, its blurring of images in Google Street View and the precedent that sets for others taking pictures in public of public views.

I also worry that efforts to bring in a Do Not Track list and other demonization of ad targeting could cripple the revenue of the media and news industries even as they struggle to find sustainability; it could kill news outlets and reduce journalism.

At the final panel I attended, moderated by Denham, I saw execs from trade groups and Yahoo as well as a reasonable friend from Ottawa’s privacy office talk about meaningful efforts that are being made to be more transparent about advertising, which—lord knows—is needed.

The ad and media industries have been damned fools, not being open enough about what they do and how they do it and the value that comes to them—in higher ad rates—and much more importantly to the public—in relevance (and less noise). But Yahoo showed off a good tool to see and change how you are being targeted. The Canadian Interactive Advertising Bureau put forward a good framework for self-regulation. gave good advice about seeing past tools and disclosures and making advertising actually worthwhile for consumers.

Denham, to her credit, asked the panel to define bad regulation. They said it’s taking a narrow issue and using broad strokes to regulate it, doing collateral damage. She came to the view of regulation I’ve learned from danah boyd: that we need to concentrate on controlling use of data more than the gathering of it. (It’s illogical, indeed impossible, to tell people what they may not know; it’s logical and feasible to tell them what they may not do with what they know.)

So at the end of the day, I felt a bit better. But I fear that the reasonable and necessary moves to protect privacy—and it does need protection—won’t be able to outrun the fear strategy. For fear is building a new industry, a very fast-growing industry.

: Here’s Mathew Ingram’s GigaOm report on my talk with a brief chat. I hope to be able to post the talk itself soon.

  • Jeff,

    Thanks for the shout out to what we are doing at the Future of Privacy Forum (FPF).

    I’m leading up an effort at FPF to showcase and educate developers on mobile / web application privacy best practices and tools around responsible data use.

    The reality is that “we” are in the 1st inning in figuring out what is going on with mobile application data use. Many developers are small businesses (think kids in the basement) who are not “evil” but simply looking to make a “cool” application. Data use is the furthest thing from their minds.


    Shaun Dakin
    Fellow, Application Privacy Project – FPF
    Founder – Privacy Camp
    Founder – #PrivChat on Twitter

    • Good point Shaun. There is a lot we need to figure out still. My company fits into the basement scenario. That is where we started in ’08. We are starting to gain some traction now. There needs to be regulation, but it needs to be balanced.

  • Pingback: Tweets that mention The privacy industry: Scare and sell « BuzzMachine --

  • Leaving aside the “Privacy Industry”, which is repugnant but a small part of the 1000’s of people defending privacy against corporate intrusion, your argument is this.
    “Please hand over all your browsing habits, credit card details, movements, who you meet, when you meet them, who your children are and who they meet etc, so we can sell to you. If we can’t sell to you, some media outlets will close.”
    Jeff. Try to think about privacy as a personal thing. That is, I am not always a consumer to be milked by corporations. Sometimes, I just want to do things without them knowing. Is that ok?

    Secondly, forget regulation to control what they do with the information. Over a short period of time, accidental leakage will occur, if not misunderstandings (like Facebook data leaked last week), and international barriers to control (such as a Russian company taking a share of Facebook).

    I have never had a problem sharing information with friends, people in street, customers etc. But I don’t want that information stolen from me.

  • Here’s something that’s scary,

    Over 1 thousand women allegedly looked up by Murphy Painter

    BATON ROUGE – The Louisiana State Inspector General says
    it appears former ATC Commissioner Murphy Painter was using
    a state database for other purposes.


  • Dear Jeff

    You are raising some very poignant points. I share you view that a lot of fear associated with the presumed loss of privacy on the web is irrational, if not downright hypocritical.

    I think it would be fun to create a picture of society without so-called “privacy infringements”, you know, a though experiment, an attempt to imagine the world without Facebook, Twitter, Skype, YouTube and so on.

    I wonder how would privacy activists see themselves in that environment :)

    • Christopher Sweet

      Dear Artas,
      You probably weren’t born until yesterday, but there was a time when the world didn’t have Facebook, Twitter, Skype, YouTube, and so on.

      It wasn’t a bad world. It wasn’t a good world. It was a world in which people did not worry about internet security. It was a world in which no one committed a crime on the internet because the internet did not exist. There was less crime. Period.

      It was a world where teenagers were better protected than this world. It was a world where we had something called “childhood,” and where children had time to read.

      Every hour spent online is 30 pages unread, or an hour of homework not done. Open access into YOUR world is now the reality. Short of living like a monk, we cannot go backward.

      The electronic media have many positive aspects and many negatives, but you and furiously editing Mr. Jarvis don’t see them. Are you two blind? or protecting your revenue stream? or do you spend too much time online to allow you to think clearly?

      Your ideas and Mr. Jarvis’ ideas sound great in the empty rooms in which you both work. They echo from wall to wall. But your room is a cave, and the images on your walls are shadows.

  • Jeff, I think you are being somewhat disingenuous here.

    If the modern search/social media companies hadn’t played quite so fast and loose with people’s private data recent years, and if their CEOs hadn’t made such incendiary public statements, then I think there would not be nearly the backlash that is occurring.

    We have been monitoring the levels of the privacy intrusion, and later the growing backlash, since 2006. it has been there for anyone to see if they bothered to look.

    FYI here an entry on our blog from 2006 which I think pretty much says it all:…….No-Way!.html

    To quite a large extent these companies are the architects of their own misfortune.

    • Note that I criticize media and advertising companies for not doing nearly enough.
      Incendiary? What are you referring to? Schmidt’s jokes? I think the privacy industry is going to get a reputation as the industry with no sense of humor or irony if it is not careful.

    • btw, bad link.

      • Re incendiary statements, here are 3 fairly well publicised issues to go:

        Schmidt to CNBC:

        “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place, but if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it’s important, for example that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities.”

        Not a joke at the time, and then theer was WiFi sniffing:

        “Google acknowledged the privacy issue May 14, but said it had not known it was collecting data from unprotected wireless networks until it conducted an audit after complaints by German data privacy authorities.”

        Thet were backward about coming forward until legal demands for data were made, and then there was was this, extracted only after legal action (a pattern emerges….):

        “….That patent application is entirely unrelated to the software code used to collect Wi-Fi information with Street View cars,” said a Google spokesman in an email. Her response was a reaction to questions about a lawsuit filed in an Oregon federal court that cited a November 2008 patent application for technology to gather, analyse and use data sent by users over their wireless networks.”

        Mark Zuckerberg, jusifying one of Facebook’s many privacy erosions:

        “People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people,” he said. “That social norm is just something that has evolved over time”

        At the time all the above evoked a lot of worried press and blog copy, so they was clearly seen as somewhat incendiary.

        These are the sorts of statements that made fairly even handed observers and European governments worry, never mind any Privacy Industry!

        Here is the link with shortened URL:

  • Pingback: links for 2011-02-19 « Idl3's Blog()

  • Christopher Sweet

    “…a continuum of choices we all make…”

    We can’t expect children to make the right choices. We can’t expect twenty-somethings to know the right choices to make. I’m 63 and I don’t know how to recognize every wise and unwise public vs. private choice that presents itself online. We can’t expect untrained people to know when a choice is called for in every case, or what the results of that choice will be. We can’t expect people to know, once they “kick the ball,” when it will stop rolling.

    I’m not a journalist, and I shouldn’t even be responding here…it’s a choice I’ve made. My last choice, not a good one, is to note that it strikes me that you are merely protecting your revenue stream, and justifying it as “let them eat freedom to choose cake.”

    • I don’t think you are giving nearly enough credit to those 20 year olds who are inventing this world. I have much to learn from them.

      • Christopher Sweet

        I have confidence in the ones who are inventing this world, to a reasonable degree. It’s the others for whom I am afraid, and their potential victimizers whom I fear.

        You’re in the 4th estate, and I’m in the 3rd estate. We don’t have the same self-interests at stake here. Actually, you’re more in the 5th estate, by my reckoning – Academia. There, if anywhere, is a world with little bread but lots of cake to go around.

        We all come from somewhere, and the places that Academics and 4th estate types come from are places of solid education, self-knowledge, communications skills, good credit, usually good upbringing and a minimum of exploitation.

        But the internet is completely open access – all ages, all types, all motives. It scares the heck out of me, and I’m probably better able to deal with it than, say, those teens who’ve committed suicide because of what was posted on it, or the posters that drove them to end their lives. Or the teenagers whose view of the world is jaded. Maybe they’re right, and there is no need for childhood in the digital age. Personally, I see a great need for childhood, but not to prepare people for the electronic and digital media.

        Cake to the masses or caviar to the general, average Joe and Jane don’t make fine distinctions when seeking what they need on the net, at least not the kind of distinctions and wise choices you say they can make. You probably disagree, but I say every teenager is, by definition, a member of an at-risk class, and regulation, while it may discomfit you, is essential for preserving their chances in life.

        I’m not certain I know what you mean by “this world,” but I do know there is more than one world here in the United Estates of America.

        Pardon the egregious punning. The interests of the 20-something inventors of “this world” are not mine – their interests are probably profitability, growth, open access, everything in pictures…and none of this is in my interest.

        But I’ve always looked out for the interests of other people. I’ve not until recently considered the benefits of creating this world in my own image.

        And I’m pretty sure it would not be a good idea.

        No, I have no confidence in their ability to create a better world for all. If human beings had that power, we would already have a better world.

  • J. Goldfarb

    Alarmism as a marketing tool is hardly anything new. I am just surprised that you, Mr. Jarvis, are using that tool as well. I would have expected a more considerate reaction from you.

  • Pingback: The CMO Site - Keith Dawson - Fear of Privacy Regulation Building()

  • Scare, then sell.That’s supposed to be evil. The Jarvis’ strategy: praise, then sell. What’s the difference?

  • Christopher Sweet

    I’m leaving this cave. I happened upon it by accident, and I had no intention of stopping here to smoke whatever Mr. Jarvis is smoking, or to join in a discussion with madmen.

    Life is too short.

    I wish the furiously writing and editing Mr. Jarvis the returns of the day.

  • sherry

    this is a very telling post. Jervis wants all of us to give up our silly rights to privacy and use the gadgets and gizmos so the people who did 9/11 can spy on us? this is all about the money. Cnn doesn’t research silly things like obama’s past or what really happened on 9/11. They actually assist in creating the fantasies now. And it’s all done to keep people consuming these useless high tech products. CNN; like Verizon and Jervis himself is an entertainer, not a newsman. He is a disgrace to the distinguished profession of journalism and should be exposed as such.

  • No one can deny the importance of internet privacy, but I think the real problem is that no one knows how the define it. There is a line between say embarrassing (though not career ending) picture and someone stealing your social security number. jeff, I wish either you or the panelists really expanded on these fears and what they concretely were.

    Still, I think you have a point that people in the digital security industry can scare people and scare easily themselves. There are benefits, online and that I think is the key to this, of a corporation sharing what they are doing in getting their data. And, I while relent and say that sharing more among individuals is a good thing. However, the same way people are having an issue monetizing the internet, is the same we are are having a problem with privacy on the net.

  • Pingback: A critical essay about Jeff Jarvis’ BuzzMachine blog | At Home in the Mid-Atlantic()

  • I’m leaving this cave. I happened upon it by accident, and I had no intention of stopping here to smoke whatever Mr. Jarvis is smoking, or to join in a discussion with madmen.

    Life is too short.

    I wish the furiously writing and editing Mr. Jarvis the returns of the day.

  • Pingback: Snowden it… or Not: How to sell privacy services? | identity player()