Privacy in 3 Dimensions
Privacy seems like such a simple concept, until you actually try to define it. Then it becomes impossibly complex. When you make a private Facebook post, does that mean only you should be able to see it? What about your friends, or certain groups of friends? Do you expect that your post will be stored in readable form by Facebook, and analyzed for potential spam content? If the police wanted to read your post, what level of legal authority would they need? I don’t think any two people would have the same answer.
Thinking About Data
Over the last several decades, our collective mental model as a society for processing information has changed from an “information scarcity” model to an “information relevancy” model. In other words, we no longer have the same problems that previous generations did when it comes to accessing data. If anything, we get far too much data, and our energies are now focused on filtering out anything that isn’t relevant. Why is this important? In a nutshell, it’s because our systems for acquiring information have completely overturned the hypotheses that created our privacy expectations associated with that data.
1-Dimensional Privacy
1-dimensional privacy, or binary privacy, served society well for many years. Depending on the type of data, information was either public, or it wasn’t. This worked out just fine, because of several factors:
The rate at which data was consumed was low enough to allow informed decision-making.
Data creation generally occurred at points which were both well-defined and few in number.
The potential audience for information was inherently smaller due to the comparatively high cost of distribution.
For example, a businessman’s set of financial books were literally that: one physical set of financial books. Barring theft or a dishonest bookkeeper, that individual knew exactly how his information was used, and who had access to it. In other words, in an information-scarce model, binary privacy will do just fine.
2-Dimensional Privacy
This is way we generally think about privacy today, where information is handled on a sliding scale from entirely public to entirely private. In other words, we now have two dimensions for privacy: type of content, and audience. If I may, I’ll return to using Facebook as an example, because just about everybody has one. There’s a lot of data associated with your Facebook profile: all your pictures, posts, likes, interests, etc. Some of that info is completely public, such as your name. Some is completely private, such as the credit card number you use to purchase Facebook Gifts. And some is partially available, depending on the audience. Posts, pictures, and other pieces of content you create fall into this latter category.
Until the internet era, this model arguably worked pretty well. It was still fairly possible (although certainly more of a challenge) to get a good sense of who had access to your personal information, and what they could do with it. Since the emergence of the internet and so-called Big Data, however, problems have arisen:
We’re all creating too much data, in too many places, that can be categorized in too many ways, and it prevents us from categorically being able to declare whether certain pieces of data should be public or private.
Algorithms have advanced to the point where just a couple pieces of data can be used to reconstruct a person’s entire profile.
All information is treated as equally valid and important, because it is almost always provided without context.
3-Dimensional Privacy
Given the problems I’ve outlined, I believe we need to add a third dimension to privacy: context. Information that is utterly benign in one context, might be highly sensitive in another. For example, you probably don’t mind people knowing what your email address is, in the context of communicating with them. On the other hand, you definitely wouldn’t want anyone to know what your email address is in the context of associating it with the password you use to access the account.
Another example: let’s say a business is hiring a new employee. Does it matter that the employee was arrested once, about 10 years ago, but never convicted of any crime? In most situations, it probably wouldn’t. However, if your business is a daycare, and the arrest was for suspected child abuse, you’d care very much about that arrest, regardless of how long ago it occurred.
I could give more examples, but hopefully you get the point. It’s no longer enough to say that certain types of information should be either public or private. We now need to start creating privacy models that more fully account for the context in which the information is being received, as well as any other data that is being associated with the information provided. Privacy isn’t dead. We just need to start thinking about it differently.
Photo: Flickr