Posts about privacy

The price of privacy

I love it when economists and their ilk reduce a complicated issue in life to a simple line and chart (that’s what makes Freakonomics so popular). At the latest New York Tech Meetup, founder Sam Lessin did just that with my favorite topic: privacy and publicness. In a rebuttal to Clay Shirky’s Cognitive Surplus he said:

Privacy was once free. Publicity was once ridiculously expensive.

“Now the opposite is true: You have to pay in a mix of cash, time, social capital, etc. if you want privacy.”

Right. It takes effort to create privacy — or to build a private image, as Laurent Haug argues. If you decide not to bother, if you opt out of using Facebook, LinkedIn, Twitter, et al, then there’s now an opportunity cost: you miss making connections that have personal or economic value. That’s why people quite willingly give up what we used to think of as privacy: because it’s worth it to them. These are the new economics of privacy.

So maybe I can start to understand what Fred Wilson was talking about when he said there was money to be made in privacy, in premium privacy (because there’s now a premium on it). I’m still looking for concrete examples of how, but I’ll just bet Fred will invest in one soon.

Now let me make a caveat: privacy and publicness are neither mutually exclusive nor binary; they aren’t competitors at all times. So this is an oversimplification, which I’ll oversimplify even more:

Once-abundant privacy is now scarce. Once-scarce publicness is now abundant.

It’s the second half of that that interests me most since I’m writing a book about that.

So if we’ve seen Lessin’s Law on Privacy, then Jarvis’ Corollary on Publicness (which is my synonym for publicity because publicity as a word is so freighted with marketing meaning now) is this:

Now publicness is free.

So the old controllers of publicness — media and entertainment companies — can’t make money on it anymore.

The economics of abundant publicness mean that the old gatekeepers — editors, agents, producers, publishers, broadcasters, the entire media industry — overnight lost their power. That’s why they’re so upset. That’s why they keep complaining about all these amateurs taking over their sacred turf — because they are. What they thought was valuable — their control — now had no value. They can’t sell their casting couches and presses on craigslist for nothin’. They are being beat by those who break up their control and hand it out for free (Google, craigslist, Facebook, YouTube, etc.).

Abundant publicness also creates new value. Google search is made up of that value. Twitter movie chatter predicting box-office success is that value. Annotations on maps, restaurant reviews, health trends, customer desires — and on and on — all find value in our publicness and so new companies are being built on that value. That is why it is in the interests of both companies and customers to be public and why privacy — when it does compete, when it discourages publicness — becomes a nuisance for them.

Abundant publicness leads to the confusing economics of free: If everyone can create stuff, then stuff is no longer valuable. But your stuff can gain value for you if it’s spread around and remixed and is more public than the next guy’s. The way to make it more public is to make it free. That’s OK because it doesn’t have value anyway. So you have to find value now not from owning and controlling the stuff but from making it more public and extracting value through a side door: advertising, performances, reputation…. (If I were good, I’d turn this into George Carlin 2.0: you no longer want a place for your stuff, you want your stuff to be in every place).

Abundant publicness raises all sorts of issues around ownership. Who owns the wisdom of the crowed? The crowd? Or the company that adds value to it? See also the questions above about making free stuff public to gain value. You can’t make it public with DRM and ownership controls, or at least not the old ones built for a scarcity economy. Being public is about giving up control, which is the exact opposite of how media used to make their businesses.

Abundant publicness makes filters more valuable. See again Prof. Shirky.

Abundant publicness increases the value of reputation. See aplusk.

At the same time, abundant publicness makes fame a devalued commodity. See Lindsay Lohan.

I’m exploring these ideas for my book so please help me tease them out. What are the implications of abundant publicness and scarce privacy?

: Here’s Lessin’s talk:

Speaking of Fred Wilson, I came across Lessin’s talk because Fred recommended watching Twilio’s superb presentation at the Tech Meetup. It is, indeed, a model for such talks and here it is.

: MORE: Seth Godin just emailed alerting me to a typo I’ll leave above: “the wisdom of the crowed.” A spooner insight, he calls it: “But who are the ‘crowed’? They are the newly attended to, the newly famous. We crow about them, thus they are crowed. Does the insight of someone with a lot of twitter followers deserve more attention? Are they more wise? The wisdom of the crowed.”

He’s right. I was starting to dance with that question but let it go: When everybody’s heard, no one’s heard. So who *should* be heard? Or is that an old-media worldview speaking? There’s no longer the media structure to decide should’s. Do people rise on merit of what they say? On tricking Google and Twitter? On outrageousness? On authority?

Privacy paranoia dramatized

The German Consumers’ Union—funded by the German government—has put out a video warning internet users about their privacy under a campaign called Surfers Have Rights. You don’t need to speak a word of German to get the gist:

(At the end, the text says: “You do this every day … on the internet.” And the shopper is asking simply, “Excuse me, where do I find…? The store clerk needs no translation.)

The German blog Netzpolitik thinks it’s a nice video. But Martin Weigert at Netzwertig has real concerns. The video “does but than spread distrust,” he says, arguing that even the most trivial data that “has the value of a dropped sack of rice in China” (must be an idiom) is made to seem drastically overvalued. The clip presents consumers as helpless, persecuted by their cohort. “What message does this convey? Mistrust everyone and everything.”

Hmmm. One would think that the German government would be somewhat sensitive to some irony there since, in earlier form, it was quite effective at making everyone mistrust everyone.

But the metaphor is hardly just German. Last week in Congress, Sen. Jay Rockefeller pulled out the overused trope that navigating the internet is like shopping in a mall, being watched in every move by “a machine” (very Orwell, that). The Byron Dorgen revealed a bit too much, I think, when he extended the metaphor to wonder whether, when going to the ladies’ lingerie department, onlookers would wonder whether you were really buying some for your wife or…. “That’s a really good analogy, I think, to what is going on on the Internet today,” said Federal Trade Commission Chairman Jon Leibowitz.

No, it’s not. You are already being watched in the store. Stores have cameras watching you. They track what you buy via your credit card and frequent-shopper cards. They have floorwalkers and clerks who see what you buy. Fellow shoppers can see what you buy. So the hell what? So you like bananas. It’s a sickness in the mind of the beholder to imagine you doing something bad with the fruit.

The German clip and the Congressional “debate” reveal that the essential argument about privacy is too often purely emotional. You may — and do — go about your shopping every day feeling quite fine about it but here are government officials who want to creep you out. Government officials who have the power to creep us out in plenty of other ways. And now The Wall Street Journal is continuing the creep-out (odd, since they’d usually be the ones for business freedom against government regulation… hmmm).

In neither exposition is there any discussion of actual damage and actual danger, just nonspecific creepiness. Thus Netzwertig worries about the public’s attitude toward the internet and technology itself. I do, too. I will argue in my book that we need strong protection for privacy especially against bad actors — but I’ll go the extra step and try to define privacy and define the danger for unless we do that, all we’re doing is summoning boogeymen with warnings of nonspecific creepiness. And then I’ll argue that what we should be spending time understanding how this new world works and finding the opportunities in it because its progress is inexorable.

: LATER: Here’s an equivalent EFF video (in English):

I ask, what’s the great harm of giving me couch ads when I’m looking for a couch? Would I rather have bra ads when I can’t use them? Where’s the harm?

Cookie Madness!

I just don’t understand Julia Angwin’s scare story about cookies and ad targeting in the Wall Street Journal. That is, I don’t understand how the Journal could be so breathlessly naive, unsophisticated, and anachronistic about the basics of the modern media business. It is the Reefer Madness of the digital age: Oh my God, Mabel, they’re watching us!

If I were a conspiracy theorist — and I’m not, because I’ve found the world is rarely organized enough to conspire (and I found this to be especially true of News Corp. when I worked there, at TV Guide) — I’d imagine that the Journal ginned up this alleged exposé as a way to attack everyone else’s advertising business just as its parent company skulks behind its pay wall and surrenders its own ad business. But I’m not a conspiracy theorist. That’s why I’m confused.

The story uses the ominous passive voice of newspaper scare stories: “…a Wall Street Journal investigation has found…” As if this knowledge were hiding. Cookies have been around as long as the commercial browser, since October 1994. Or was that 1984?

The piece uses lots of scare words: “surveillance technology” … “tracking technology” … “intrusive” … “no warning” … “surreptitiously re-spawn” … “rich databases” … “so powerful and ubiquitous” … and my favorite: “targeted ads can get personal” (well, yeah, that’s the damned point).

The Journal acts as if it has discovered a conspiracy of its own: “Marketers are spying on Internet users — observing and remembering people’s clicks, and building and selling detailed dossiers of their activities and interests.” Gasp! Mabel, hide the kids, the Romans Huns Krauts Commies Marketers are coming!

There is absolutely nothing new — thus nothing newsworthy — in what the Journal promises threatens to be a series.

The Journal does measure its own cookies, finding its site moderate (I count 34 Journal cookies on my new Mac and I don’t use the site often) in what it ominously calls an “exposure index.” Mabel: Bring the Geiger counter!

Well, except the Journal is unique because unlike the other sites the story writes about, the Journal has my personally identifiable information! It has my friggin’ credit card number and name and address and phone number as well as my web behavior and it allows me to be tracked by third parties. The Journal has more information about me than ANY of the sites it warns about. And the Journal is owned by a company some people don’t trust. Hmmm.

It’s a fine thing that the Journal also tells readers how to “avoid prying eyes.” And if enough people do that, then the value of the advertising-supported web falls. Without cookies, the effectiveness and price of advertising would plummet as ads everywhere turn into remnant junk (smack the money), reducing revenue for media sites and reducing their content to junk. Hmmmm….

A story like this might also affect policy as the FTC is looking at regulating online advertising and marketing; its chairman, Jon Leibowitz testified before Congress on the topic this very week. Hmmm.

I think the Journal should have told exactly how it places and uses every one of its cookies and beacons and ominous tracking surveillance spying technology. It doesn’t. The story doesn’t even link to the paper’s privacy policy, which says that cookies and beacons and all that scary surveillance/tracking/spying technologies are used at and its affiliates and also by third parties over which the Journal has no control. Opportunity lost.

If I were an advertising-supported site, I’d be aggressively transparent. I’d tell you exactly what we track and what impact that has on what we serve in advertising and content. I’d create an app to read the cookies placed just for you and explain them. I’d give you the chance to correct information. I’d give you the chance to select your own advertising (now that would be valuable). I’d treat this with radical openness.

Otherwise the scare mongers like those regulation-loving, anticapitalist commies at News Corp. will win the day.

: Oh, and I neglected to point out that it was the very same Journal that had the wingnutty story about privacy and RFID tags on our pants, quoting as an expert a woman who thinks that RFIDs are — and I exaggerate not — the work of the devil. What the hell is happening there? Are they going out for drinks too often with their new neighbors at the Post?

: Oh and here’s more scaremongering from the commie Telegraph in London, which equates Wikileaks’ Julian Assange with Facebook’s Mark Zuckerberg. Man, we are in silly season.

: MONDAY: The Journal campaign against digital advertising continues today with a shocking exposé revealing that Microsoft is a business-friendly business that chose not to release its browser with a default that would have killed ad tracking and targeting. Horrors!

Now if the Journal were really a business newspaper still, there’d be no news there. The news would be if Microsoft did not do what was good for revenue.

Here’s a too-metered Microsoft response to the weekend’s follies from the browser team.

Privacy wingnuts

I’ve been looking for a classic example of so-called, self-appointed “privacy advocates” gathered by the press going off the deep-end (if you have any, please send them to me).

And then this dropped in my lap: a reputed outcry by these putative privacy advocates against Wal-Mart putting RFID tags on pants.

What could possibly violate our privacy with tracking pants in a store to make sure there aren’t too many extra-large sizes on the shelves? (That was my experience with Wal-Mart when I tried to buy sweats before my surgery; I wish they’d restocked the mediums.)

Well, say the advocates the Journal found: “While the tags can be removed from clothing and packages, they can’t be turned off, and they are trackable. Some privacy advocates hypothesize that unscrupulous marketers or criminals will be able to drive by consumers’ homes and scan their garbage to discover what they have recently bought.”

Yeah, and then what? So they find out that I bought 33/34 jeans. And with that precious personal data they will do what? Blackmail me because I’m no longer the svelte 32 I once was? Sell me illegal diet aids? Sell me ice cream? Target advertising for medium jockeys to me? Subject me to public ridicule as a pencil-necked geek?

Don’t the reporter and editor at the Journal stand back and laugh at the absurdity of this worry? Don’t they ask the next, obvious question: “Yeah, and…?” Isn’t that their job?

Ah, but they report more and find further cause for worry:

“Some privacy advocates contend that retailers could theoretically scan people with such [encoded] licenses as they make purchases, combine the info with their credit card data, and then know the person’s identity the next time they stepped into the store.”

And that would be worth the trouble and risk for the store how? That would give them more data than they already have from credit cards and other means?

So often, articles calling on “privacy advocates” leave them unnamed — anonymous and private, you understand. The Journal digs up one Katherine Albrecht, “founder of a group called Consumers Against Supermarket Privacy Invasion and Numbering and author of a book called ‘Spychips‘ that argues against RFID technology.” Group? Just how many people go to her meetings? And does the book come with tin-foil underwear? The “group” was founded to oppose grocery-store loyalty cards. Yes, we see the damage they have done to countless lives.

Her own site says that she has “earned her accolades from Advertising Age and Business Week and caused pundits to label her a PR genius.” I dare say. She next got the Journal to swallow her silliness.

Listen, I’m all for privacy. I’m working hard to define it in my book on publicness. I will vigorously defend the need and right to control one’s information. There are plenty of serious and difficult issues to discuss. But this kind of idiocy does not serve the cause. It only finds a spy under every leisure suit. In the long run, it turns the cause of privacy into an object of ridicule. And that’s wrong.

But this is often the case with technology and privacy. Technology spawns fears — and worries these advocates — because it introduces change and it’s really change that they fear. Here’s a tidbit from my manuscript illustrating the point:

* * *

Alan F. Westin, in his influential 1967 book Privacy and Freedom … found many devices to fear: LSD “may greatly affect the individual’s daily personal balance between what he keeps private about himself and what he discloses to those around him” and could again be used for government surveillance. Westin worried about radio pills, miniature transmitters, and even about fluorescent powders and dyes—not to mention radioactive substances—that could be applied to “hands, shoes, clothing, hair, umbrella, and the like, or can be added to such items as soap, after-shave lotion, and hair tonic” to track the unsuspecting person.

Secret, miniature cameras, infrared film, microminiature microphones the size of match-heads, battery-operated tape-recorders, hidden “television-eye” monitoring, telephone tapping, “truth measurement” by polygraph tests, personality testing, brain-wave analysis, dossiers of personal data, and the means to steam open envelopes and measure TV audiences—these all concerned him. He speculated about “invisible magnetic-ink tattoos [that] might be applied (for example, to babies at birth)” and transmitters that could be implanted and “wireless, battery-operated television ‘eyes’ the size of buttons,” not to mention U-2 spy cameras from above as well as the ability to read brain signals.

Westin warned of the dangers of computers. In 1966, he wrote, there were 30,000 computers used in the U.S., 2,600 of them in the federal government. What happens, he asked, when we come to the day when “computers in the field of health will eventually establish total medical profiles on everyone in the country ‘from the hour of birth’ and updated through life. Each record will be almost instantly accessible to medical personnel.” Oh, if only.

Westin listed his fears of technology’s impact on privacy 45 years before you read this. How many of his dreads came to life? Few if any, I’d say. That is not to mock him nor even to diminish his warnings, only to put the fears technology fosters into context as we grapple with the concerns attached to our more-modern sciences.

* * *

LATER: I looked at all the coverage I could find on Google News and I found but one piece that, like me, dared to question the “Cassandras of the privacy movement.” CNBC’s Dennis Kneale wrote:

One day RFID tags will permeate the U.S. and global economies, cutting costs for manufacturers and retailers and letting them better respond to consumer tastes. A whole new stock-sector boom could loom as well, in companies that cash in on this inevitable tech trend.

That is, unless the Privacy Police gets in the way. . . .

Um, so what is it I should fear that Wal-Mart will do with this new data horde showing that I just bought a pair of boxers? (Alright let’s stipulate: We’d be less keen on Wal-Mart’s knowing we just bought Spanx.)

The privacy guys always do this—raise well-intended but fear-provoking possibilities at the advent of most any new, promising technology. It is part of what the 1990s Internet sage, Nicholas Negroponte, called the “demonization of bits.” If a salesperson follows us around a store watching our purchases, fine; but use technology to do it and suddenly it’s Orwellian.

Playing the privacy card seems a bit antiquated in this exhibitionistic era of gleefully revealing your inner-most foibles and fetishes to potentially millions of other equally indiscreet folks on Facebook.

: LATER: RFID Journal blasts “privacy nonsense” around chips.

: UPDATE: The WSJ’s RFID expert believes that the chips are a fulfillment of an end-time biblical prophesy. Did I say wingnuts?

The German privacy paradox, continued

German researchers have found that—heated rhetoric about privacy aside—people are willing to give away personal information in exchange for a bargain. They’re even willing to give it away for nothing.

The Social Science Research Center in Berlin brought together 225 students at the Technical University there and offered them the chance to buy the same DVDs from two different online stores. Each store required the customers’ name and postal and email addresses. But one store also required date of birth and personal monthly income. That store also offered a one-euro discount on every item. Of 42 purchases made by this group, 39 opted to give away the additional personal information to get the discount.

What puzzled the researchers is that even when the discount was taken away, the two stores attracted equal business. “Thus the more privacy friendly firm failed to attract more customers even though prices were equal at both stores,” the study says (PDF here).

In spite of all of this, in a post-study questionnaire, 75% of the participants said they “have a very strong interest in data protection” and 95% said they “are interested in the protection of their personal information.” So they say one thing and do another. The rhetoric about privacy should perhaps be judged accordingly.

At the same time, German media and government are quite heated about privacy. The New York Times separately noted the irony that Germans by their actions don’t show such profound concern about privacy. To which a German government official who’s going after Google and Facebook told The Times that “his agency was trying to protect consumers from themselves.”

Whoa. Any time a government says it is trying to protect its citizens from themselves, beware. That is a government that is trying to get citizens to behave the way it wants them to behave, whether they want to or not. Isn’t that exactly the opposite of what government should do? And beware media that keep telling the public what it thinks they should care about whether they care about it or not. They, too, are out of touch.

Yes, privacy matters. But we need to get past the rhetoric, past the heat, and examine what people really do, what risks they are really under, what benefits they pass up when they decide not to share. That’s what my book will examine.

(Here’s my presentation in Berlin on the German privacy paradox.)