Chris Butler's Work in Progress

<< Back to Main Blog page

Cloud Computing and Privacy

April 8, 2009 at 9:30 am by Chris

Brad Templeton, the chairman of the Electronic Frontier Foundation, presented on the Evils of Cloud Computing at the 2009 BIL Conference. He made a few interesting points (full transcript here). The first was about the Bill of Rights protection we often assume we have, but which is actually being eroded by our choice to put so much of our data in the "cloud":

One of the things that I am concerned about is erasing the Fourth Amendment. For those who do not know, the Fourth Amendment is the line in the Bill of Rights that mostly relates to privacy. It says that you have the right be secure in your person, papers and effects, and people need a warrant to search your house or search your papers. Unfortunately, the Supreme Court and other courts of the United States have ruled that this wonderful Fourth Amendment does not apply when data is in the hands of third parties.

When you have something on the computer in your house, it is protected by the Fourth Amendment. If you put something on a computer owned by Facebook, it is not protected by the Fourth Amendment. It is only protected in some cases—email has a law that protects email and medical data has a law that protects medical data, and there are laws governing banking records. Specific laws protect certain types of data, but by changing the way we do computing so that all of our data is stored in the cloud we are effectively moving all of our personal data out of our houses and into big data warehouses, and we are erasing a line from the Bill of Rights.We may decide that we want to do that, but I want to make sure that we do not do it casually.

I think that is a very compelling point. Like Brad, I don't think that the choice is an inherently evil one. As he says, we may end up making that choice. However, if we do, it needs to be something that everyone is aware of. This idea that we are unconsciously making critical decisions popped up in a comment I received recently on a blog post I wrote about privacy and copyright issues around Google services. Reader Richard said:

"I think these privacy issues really snuck up on people. We all got used to email, probably with a false sense of privacy. But services like Gmail just make the lack of privacy with email more plain. When you sent an email using AOL or some other service, it was easy to overlook the fact that your words were being passed through many servers and could easily be seen by other people (assuming people cared enough to hack it). Now, seeing ads along side your email makes it much more obvious that your email is not as much 'yours' as you thought."

He makes a good point there. We chose to start sharing our data by using email services, but it wasn't until advertisements started showing up on the right of our Gmail page that were related to the content of our emails that it really became plain that our messages were being read. Even if it's just a robot reading them, they are being read- the robot is just a proxy for some person. Imagine if you came home one day and found a robot reading a letter that had been delivered to your home. First of all, you'd be freaked out- partly because of the robot intruder, but also because it would stand to reason that the robot was reading your letter on behalf of someone else.

Templeton takes some time to discuss privacy in general, which is worth reading. He ended his presentation with some chilling predictions on the level of my robot intruder analogy:

Now here are three quick threats to keep you up at night. First of all, time traveling robots from the future. I actually don’t mean the governor of California. The time traveling robots from the future that I am talking about are all of the people in this room who are working on AI... You are going to get better at face recognition, speech recognition, identifying people from their voices and so on. Those AIs from the future are going to be able to come into the past—not literally...—but metaphorically in that they will be able to search all of these databases that we build now with better tools. They will be able to look at all the video that is being recorded today and all the ATM machines you used and say, 'Where was Brad on February 7 of 2009? Oh, our modern face recognition software can look through those old records and find out.' The sins of the past will be visited upon you in the future with tools that you did not know existed. The sins of the future will also be different from the sins of the past. You are doing really nasty things today that you don’t know are going to be very unpopular in the future, like Thomas Jefferson owning slaves, and stuff like that. I hope none of you own slaves.

All the technology we build is going to be used, starting here in the free society, but also gets deployed to China, Saudi Arabia and Future China... Imagine if Facebook had existed ten years ago and Falun Gong, the Chinese religion, had been on Facebook. It’s kind of a wacky religion, but that does not justify what has been done to them. If they had been on Facebook and everyone in the religion had connections to all their friends, when the Chinese government decided to round up everyone in Falun Gong, all they would have had to do is look at the social network. I imagine the next time the Chinese do want to round up some people, they can go into a social network."

You can watch the presentation below:

Tags: social-media privacy video technology the-future

Comments

Rebecca	April 8, 2009 11:35 AM Don't you think this is a bit more worrying than is necessary? If everyone's information is available, then it's no longer valuable in the same way as it might have been before. This would be like if everyone's social security numbers were published, identity theft would probably go away. So if privacy is no longer a concern, then it's not a problem to have your information out there.
Chris Butler	April 8, 2009 1:33 PM Rebecca, I'm not sure if I follow your argument. Are you saying that if everyone's personal information were available that we would no longer be squeamish about privacy? I might concede that if everyone's social security number was to be made available online identity theft through that avenue would be cut down, but that is most likely because financial institutions would no longer use your social security number as a security key- since those numbers would now be public. Make sense? But, I don't think that changes or would change how people view privacy in general. Sure, people don't want their identities stolen and credit destroyed by scam artists, but they also don't want their personal emails being read by strangers, or their group affiliations being made public. Even if all kinds of "private" information were no longer considered "private," I think privacy would still be an issue. Chris
sarah dooley	April 8, 2009 5:16 PM it might be true that changing availability of data will radically change what we categorize as things that need to be kept private. but awareness does seem important--if there's going to be such a shift, it would have to be because things are broadly thought of as being public, not because they just de facto are and occasionally get revealed as such. also, this is probably more a comment for templeton, but--i'm pretty sure thomas jefferson knew it was not ok to own slaves.
Andrew	April 8, 2009 11:03 PM Chris, this is one of the few blogs out there that deals with the practical implications of technology on business and society from the point of view of someone actually in business. Keep caring about this stuff.
Rebecca	April 9, 2009 12:50 AM I guess what I meant to say is that we're still figuring this all out. Is the cloud the final destination? Probably not. So we're not necessarily heading toward an unchangeable future of no privacy. People will react to things and adjust.
Chris Butler	April 9, 2009 9:41 AM @Sarah Dooley, I think you're right about this. What's considered public or private has more to do with overarching cultural trends rather than some kind of objective definition, so we'd need to get to some kind of majority shift. I think what Templeton is trying to point out is that we may reach that majority shift almost by accident rather than by clear consideration of that choice and its ramifications. @Andrew, Thanks for your kind words. I do read a lot of material from futurist blogs and publications, but most of the contributors tend to be academics and/or involved in the sciences. However, there is a strong contingent of futurists in business, too. @Rebecca, I agree- we're definitely in the midst of that process of figuring things out. That's why I appreciate Templeton's warning: Let's be careful and deliberate rather than careless and surprised later.
sarah dooley	April 9, 2009 11:06 AM @ Chris Butler: sure, point taken. i think it is good to give consideration to this kind of choice, as templeton suggests, but i also think it's more of a best-case scenario than a realistic possibility that consideration will be what ultimately determines the choice that's made. which is probably true of any scenario involving a big general shift in attitudes. i would be curious to know more about how previous shifts in definitions of privacy have worked, but i'm guessing they haven't been unlike what's happening now: some deliberate consideration, including a good amount of concern, but mostly just an aggregation of organic responses to changing conditions. by accident seems like the standard way for things to happen, and i'm not sure that's inherently problematic.
Andrew	April 9, 2009 10:14 PM @Sarah Dooley Right, by accident seems to be the mechanism, and so, we're already there. So now we're struggling through what to do about it. Templeton is warning that as we continue to settle in to our current way of being, our decisions will be critical to establishing the degree or extremity of the situation. How much privacy do we want and what do we want that to mean. If we just assume that all of these issues will work themselves out, we could end up in a world of hurt.
Chris Butler	April 10, 2009 9:50 AM @Sarah Dooley, @Andrew, I think what I meant by "almost by accident" was that we could end up having made critical decisions in regard to privacy based upon benefits we see and experience now (i.e. free productivity tools, ease of use, compatibility, etc.) that may only have severely negative ramifications later. Perhaps another way of saying this is that we need to take a longer view of decisions like these, bearing in mind a potential cause and effect chain of events that may be two to three steps removed from the immediate result.