The Digital Life Episode #74: Digital and UX News: The Privacy Question
The battle for online privacy continues to heat up as big tech companies and the government struggle to define the degree to which we can keep our personal and transactional information to ourselves. In this episode of The Digital Life, we discuss the latest news from Twitter and Facebook effecting privacy and the user experience, and talk about the latest data breaches from some of the biggest names in finance and telecom.
Welcome to Episode 74 of The Digital Life, a show about our adventures in the world of design and technology. I’m your host, Jon Follett, and with me is founder and co-host, Dirk Knemeyer.
Hey, Jon. What topics do you have for us this week?
This week, I think a lot of the headlines that I’d been seeing fall into a topic that I know you and I have a lot of ideas and passion around. That’s the idea of privacy and the user experience in the digital realm. I’m going to seed this conversation with what’s going on, the latest, some of the most recent headlines that fall into this sphere. I know, for instance, that we can debate this for hours, so looking forward to our discussion today. The first news item that I think is rather interesting is that Twitter, our friends at Twitter, are suing the U.S. government to allow greater transparency into the types of government request that they receive on a regular basis. Twitter receives national security letters and Foreign Intelligence Surveillance Act court orders and they receive those and the contents of those are obviously classified and they can’t reveal them, but they want to let their users know how many of these requests they receive from the government and presumably that they’re also handing out information, whether that’s personal information or account information or what have you. They’re actually taking the feds to court to increase this level of transparency.
Now, earlier this year, Microsoft, Facebook, and Google had an agreement with the U.S. government which let them reveal in broad strokes the kinds of requests that they were receiving. It lumped this F-I-S-A or FISA request and the national security letters together and then they could say, “Hey, we received between 0 and 250 or 250 to 1,000 …” I’m not sure of all the ranges, but they were allowed to reveal a little bit within these broad buckets. Twitter is saying, “Hey, that’s not good enough. We want to be a little more granular so for our transparency report, we’re going to take you to court there.”
That sounds really good from the perspective that I’m a Twitter user and, hey, I’d like to know if Twitter is giving up info to the government, but on a certain level, it seems almost like a PR stunts and maybe that’s just the cynic in me saying, “I don’t know as a user that that gets me that much more than, okay, I know you got up to 250 FISA court requests. That doesn’t help me all that much.” Dirk, what do you think about that?
I’m not sure if it’s a PR stunt or not. I’m not knowledgeable enough or tied into some of the specifics of the situation, but what I do want to talk about is this. Jon, I mean you know I’m someone with very strong opinions. You also know that I’m someone who generally is quite socially liberal. When it comes to national security, I don’t know what to think and feel. What I mean by that is the basic liberal perspective would be that individual rights come first, individual rights should not and cannot be impinged upon, and issues of national security don’t trump that. That national security comes second and individual rights come first.
Philosophically, that makes sense to me. However, we live in a world where people from all away across it can badly hurt people way over here where there are active terrorist organizations beheading citizens of our country for effect. This is a nasty, big, scary, intertwined world in a lot of different ways and I am sympathetic to the importance of “national security” to help overcome some of those threats.
I was talking with a friend over lunch about Ebola and how if it gets to the point where in the U.S. that Ebola is spreading and there is a hundred cases in municipality A or B or C, I guarantee you that the government has some very well-thought plans in place for what can be communicated via the broad media and what can’t about those breakouts and about those threats strictly from the perspective of, “Hey, if the masses hear these things, there’s going to be riots. There’s going to be just fleeing and we will degrade into some sort of a state of anarchy.” There’s some point in the Ebola potential, the effects, or whatever that would turn out to be, there are some potential of reaching that point when those things happen.
The government is able to think ahead and make some paternalistic decisions for us around “It would be way worse for people in the aggregate if this got out than not.” There’s going to be some control there that is against the principles of free press and free rights and all of that stuff, and I understand that. I’m not coming down on that side, but my point is I’m not coming down on either side. I think it’s really complicated. In the type of world we live in, the notion of some degree of paternalistic in the interest of national security, I just logically think it has a place even though it flies in the face of equal rights, and these total freedoms that are so ingrained in our culture and in our thinking.
This is a very long winded way of saying I don’t know what to think about stuff like these. Like once it gets into the realm of national security, A, I don’t know which camp to go into. I’m really torn between them, and B, I’m not alerted enough about this specific situation or really pretty much any specific situation that come out and say, “Oh well, in this context, yes, it should absolutely be this way or not.” I take for granted … There’s a lot of stuff out there I don’t know that other people do.
Even though trusting faceless, nameless people with the decisions around that information that could hurt me or impact me and many others in negative ways, even though instinctually you hate to do that. I mean at some point you just have to trust and hope and … I don’t know. Given the complexity and global nature of this world, I don’t know, man. Story like this, I don’t really know what to think.
Yeah. I think that’s a valid viewpoint in so far as we like to take positions that sound as if they’re black or white, but you actually did take a position there, Dirk, which is a pretty gray one which is how to balance national security needs with the needs of the private individual and freedom of the press. I mean from my perspective, and I’m somewhat pragmatic about these things, I think there are ways to balance things out aiming, of course, for these ideal states that we love, but then also acknowledging that perfect freedom also has some pretty severe prices to pay for that. The question remains — Do we need that particular freedom or is it better that our information is given up to the government to prevent things like terrorist attacks and things like that? The Twitter story and the idea of the surveillance state pressing its thumb down on some of the larger tech companies, that is an ongoing story and this just happens to be another step in that, of interest to us, of course. Our second story today that I think is related to this privacy issue, online privacy and the user experience, is from another angle which is that Facebook has released its audience network to the developer communities. Now, ads that were once restricted to the Facebook platform can now be delivered to you via other mobile applications. In the case of your mobile device, if you’ve got an application that you have opened and you’ve also got your Facebook profile, Facebook can serve ads to that other application, provided, of course, that they’ve signed up for this audience network.
This enables Facebook to very highly target the demographics for these ads. They know so many things about you, so they know, “Hey, Dirk, you’re going to be more interested in an ad for board games than you are going to be for an ad for something else,” let’s say. Next time you open your favorite application, if they’re signed up for this ad network, all of a sudden Facebook is going to be pushing these highly targeted ads into your mobile universe, which is something they’ve never had the ability or perhaps they’ve had the ability but they have not set up the network to do in quite the same way, and makes them expand beyond the boundaries of the Facebook universe which is wall- … not a walled garden, it’s pretty close to that.
As these tendrils creep out, all these information that you may have given Facebook because you feel like “Hey, it’s contained within the Facebook ecosystem” is now sprouting out into these other areas of your digital life. That may or may not matter, but what’s interesting about Facebook is that they’ve got this depth of personal data on you that’s probably not replicated elsewhere. They have probably got the most personal data on many Americans … I mean maybe you’ve got your educational transcripts and your high school yearbook and your photos at your home and stuff like that, but in one place, I don’t know that definitely not in a digital sense and maybe even in a physical sense. I think that’s a huge repository of personal information and compared to the rest of your life.
What that means now that they can leverage that into other areas of the digital realm, I don’t know, I’m assuming Facebook’s intentions are not necessarily benign or even in our best interest, but it’s very interesting to see where they’re going with this. It’s something that I had not particularly anticipated when I signed up for Facebook.
Yeah. I’m going to come at this from two perspectives. One is the unthinking user which is frankly typically how I’m on the Internet as a brain dead user. My perspective there is I don’t want ads and, in fact, services that like apps that let me pay N dollars to not be served ads, I’m going to do that. I’m going to opt to help them get their revenue via direct cash as opposed to ad service. That’s my default position. If I can’t do that or otherwise ads are foisted upon me in a way in which I’ll keep using a service or product, then I’d rather have them be more targeted. I mean I much rather have something that there’s some iota of chance that it makes my life better in some incremental way than some rubbish that isn’t targeted. That’s the brain dead user perspective.
From the thinking man’s perspective, I really hope that they are anonymizing the information similar to how a bank would protect our login credentials. I don’t know the latest technology at this point, but when I was certainly more knowledgeable about banking websites and security, you’d have multiple different pieces that would be cobbled together to allow you to login, each of those would be stored separately with different identifiers and it would be highly, highly non-trivial for someone to reverse engineer that and put all of the pieces together, that, “Hey, in bucket A, B, C, and D, this is the stuff that belongs to Dirk Knemeyer. Boom! I’m going to pull it all together.”
As long as the Facebook data, the Internet data, whatever the hell data they’ve got on us is being treated similarly, I don’t have a big problem with it. I mean with what the Internet is, with how it behaves, with the benefits we get from it, like leveraging data makes sense. I want it to be done in a way that is going to protect my identity, that is going to protect me in future ways that are … getting back to the unintended consequences we talked about before … where I could be vulnerable. I take for granted that Facebook and any other companies dealing with this data are not treating it in such a precious and careful way, and assuming that they’re not, that’s a big freaking problem as far as I’m concerned. If it were being treated properly, I really wouldn’t have an issue with it.
It’s like everybody wants everything. We want all the conveniences, all the speed, all the personalization, but no, damn it, you can’t have any of my data. We all want our cake and eat it too. My perspective is that this whole … I was going to say generation, but I don’t think that’s the right word. This whole paradigm that we’re in now is based on getting massive data and using it and leveraging it in the best ways possible to create conveniences and services and opportunity. Look, that’s the world that we’re in and we collectively chosen it by inertia if nothing else, so okay, fine, but protect it. Really treat it as preciously as financial institutions treat our key data.
Maybe that’s being done, and if it is, hurrah! I guess I’m pretty happy with the state of things. I take for granted that it’s not and it really, really needs to be.
Yeah, that’s once again an ongoing thread in the privacy aspects of user experience. I don’t think that … it’s quite interesting to see all of these develop and these stories take on an ongoing life whether it’s around national security or our own personal data. Every once in a while, they come to the fore as they are this week and make us pay attention. I think the couple of headlines that I saw that are sadly typical and probably getting more frequent now are those about security breaches. AT&T just had an internal one where an employee accessed customer personal data which may have included Social Security numbers and then JPMorgan Chase had a security breach as well.
I believe those were more prosaic pieces of data. I don’t believe those were Social Security numbers but rather emails and things like that, but not account information from what I understand. Both of those headlines remind us how tenuous this protection is around our digital data and our digital lives online. How we move forward, especially in our development of our online selves is going to hinge partially, at least, on our ability to prove who we are and to protect our information when it needs protecting. These are obviously continuing issues that we’re going to struggle with.
Yeah. I don’t know. I tend to almost universally opt for convenience over safety in a certain way. Passwords for me for a long time have been just the easiest I can. I mean I don’t do something stupid like use the word “password” but for many years, I would have one password that … I mean it wasn’t something like a family member’s name or anything like that, but it wasn’t too many characters. It’s pretty simple. I mean my focus was I want to be able to type this in really quick, always remember it, same thing every place, and then every N years, I would change it and change it universally to everywhere.
Recently now, I’m using a password generation service that is generating this really long, probably near impossible to reverse engineer passwords and then having the service manage that. Now, the service itself, of course, could be corrupted, but I’m caring enough about security and I’m aware enough about the threats and the exposure that I’m, in my mind, up leveling and making it harder for someone to hack me or someone to steal my identity or corrupt one of the services that are meaningful to me although I use this on everything at this point, not just meaningful services.
I think it probably varies for all of us. I mean probably many of our listeners had a safer approach to security, password-wise than I did in the past. Definitely the changes in what’s out there and how services behave and the degree to which things are being compromised and corrupted has pushed me down a more rigorous path for myself. It probably still isn’t even enough, but I guess it’s just a personal thing of where what’s the relationship between your comfort and your security.
That’s right. Yeah, I think that’s probably something that we all have to consider. I know that there are all kinds of products that you can use to protect everything from your computer to your passwords to your USB drives. The question then becomes, as you said, convenience versus preventing access from unwanted eyes. That, I think, is going to be a continual balancing act.
Listeners, remember that while you’re listening to the show, you can follow along with the things we’re mentioning here in real-time. Just head over to thedigitalife.com. That’s just one “L” in the “digitalife” and go to the page for this episode. We’ve included links to pretty much everything mentioned by everybody, so it’s a rich-information resource to take advantage of while you’re listening or afterward if you’re trying to remember something that you liked.
If you want to follow us outside of the show, you can follow me on Twitter, @jonfollett. That’s J-O-N-F-O-L-L-E-T-T. Of course, the whole show is brought to you by Involution Studios, which you can check out at goinvo.com. That’s G-O-I-N-V-O-.com. Dirk?
You can follow me on Twitter, @dknemeyer. That’s @-D-K-N-E-M-E-Y-E-R. Email me: firstname.lastname@example.org, or read me: dirk.knemeyer.com.
That’s it for Episode 74 of The Digital Life. For Dirk Knemeyer, I’m Jon Follett, and we’ll see you next time.