Privacy and Control

Bruce Schneier writes today about the meaning of privacy:

To the older generation, privacy is about secrecy. And, as the Supreme Court said, once something is no longer secret, it’s no longer private. But that’s not how privacy works, and it’s not how the younger generation thinks about it. Privacy is about control. When your health records are sold to a pharmaceutical company without your permission; when a social networking site changes your privacy settings to make what used to be visible only to your friends visible to everyone; when the NSA eavesdrops on everyone’s e-mail conversations — your loss of control over that information is the issue. We may not mind sharing our personal lives and thoughts, but we want to control how, where and with whom. A privacy failure is a control failure.

….You can see these forces in play with Google’s launch of Buzz. Buzz is a Twitter-like chatting service, and when Google launched it in February, the defaults were set so people would follow the people they corresponded with frequently in Gmail, with the list publicly available. Yes, users could change these options, but — and Google knew this — changing options is hard and most people accept the defaults, especially when they’re trying out something new. People were upset that their previously private e-mail contacts list was suddenly public. A Federal Trade Commission commissioner even threatened penalties. And though Google changed its defaults, resentment remained.

I agree, even though I suppose I qualify as part of the “older generation” these days. I remain cranky about loyalty card operations, for example, because I don’t really want my grocery store selling detailed information about my buying habits to anyone willing to cough up a few pennies per name for a database rental. Likewise, it’s why I still don’t use Gmail, even though it would be pretty handy in a lot of ways. Every time I think about switching over to my Gmail account, I stop to wonder if I really want Google to have access to all that sweet, sweet information. Yes, I know: they’ll never, ever use it for anything I don’t want them to. Which might be true. Until, maybe, they get a new CEO who decides they’ve been operating in the dark ages, or they decide that what they really meant was that they’ll never let anyone else use it. Or they decide it’s OK to share it in aggregate as long as they’re pretty sure there are no personally identifying traits in the data. Or something. And then I back off. Basically, I just don’t trust them. That storehouse of email data is just too tempting a target, and I’m not 100% convinced that it will be as private tomorrow as it is today.

In other words, I’m a crank. Too late to change that now, though.