Friday, September 02, 2011

The Anti-Privacy Generation

A physicist I knew refused to fly on small commuter planes. He knew what could go wrong and he was sure they weren't safe. In fact flying even on small planes is statistically safer than driving a car.

I thought about this story while I was reading Blown to Bits by Hal Abelson, Ken Ledeen and Bill's advisor Harry Lewis. The book is all about how the information revolution has put all our personal stuff out there. Knowing how computers and the Internet work can make one paranoid about information and this is why privacy is always a big issue among computer scientists and tech workers. But then I finally gave up on the book when I realized they gave very few examples of people who actually came to any harm from losing their privacy.

I've seen many a crypto talk talk about a situation where someone's personal information comes back to haunt them when they run for public office. But we live in a society that values openness. Obama didn't hide his illegal drug use, he talked about it in his autobiography and it didn't hurt his campaign. Anthony Weiner resigned from Congress not because he tweeted an inappropriate picture, but because he lied about it. Bill Clinton was impeached and Nixon resigned not for their actions but for their coverups.

Being open has its positive effects, it allows search engines, recommender systems and even people to tailor their behavior to your needs. We can imagine easily, as computer scientists, scenarios where loss of privacy has disastrous effects.  But your chances of running into such problems are about as high as being in a plane crash.


  1. I'm not sure that the chance that personal information unwisely released on the internet comes back to harm you is as unlikely as being in a plane crash.

    See new companies like "Social Intelligence" (nice article here: that perform social-media background checks for companies wanting to screen new employees. Those facebook pictures could cost you a job.

    Now Social Intelligence wasn't around when a lot of those pictures were posted. The problem is that the data stays around forever, and you have to be worried about what people might do with it tomorrow.

  2. Apart from the personal worries about individuals' careers, public information may be very useful to overseas intelligence agencies seeking a potential recruit inside some critical facility. Online footprinting of a certain individual working in a sensitive position may give a lot more information on how he could be persuaded (either with or against his will) to uncover otherwise classified information related to his work. Let alone the amount of demographic information that could also be used in a directed psychological war, which may no longer be en mass but rather individualized.


    is worth a look in this context.

  4. Doesn't this post somewhat presuppose that the loss of privacy is not, in itself, a disaster in the eyes of some/many/whomever? (For example: "But then I finally gave up on the book when I realized they gave very few examples of people who actually came to any harm from losing their privacy.")

    It's one issue to worry about whether you lose a job/don't get a job/get harassed because condemning, private information about you becomes public; it's another entirely to worry about whether private information about you becomes public.

  5. Lance, you didn't care about privacy before reading the book.

    The biggest privacy violators are governments and large companies, not hackers. Of course you can think that you can trust them, but don't expect others to have the same feelings.

    You are asking what can go wrong? You are asking about real problems? Don't you follow the news? Just check the people who are in prison in Bahrain or China because of their online discussions that they falsely believed to be secure. Haven't you heard the recent CA fiasco? I personally know people who have been jailed and the evidence was their chat history on yahoo.

    Now, you may think that as an American citizen you are safe and you can at least trust US government and big American business about your private information. I don't agree with that, but let's put that aside, and assume that I agree, even then people have demonstrated that putting information online is risky, and they did demonstrate it on people who didn't agree with them, like Google founder and some US senators. If you are sincere about your belief that privacy is not important and putting information online is not risky, then challenge them and they will teach you how important privacy is. But if you want a safer way to learn about it, check

  6. In fact flying even on small planes is statistically safer than driving a car.

    Let's emphasize that

    small planes != small commuter plane

    Flying on a single engine plane is orders of magnitude riskier than driving a car.

    Assuming you meant small turboprop planes above then the statement is true on a per mile basis, though not by much.

    However, on a per hour basis, you are likelier to die on a small turboprop than on a car.

    In other words, if the alternative was to drive there then you are better off flying. If the alternative was to stay home and run some errands by car, you are better not taking the plane.

  7. This comment has been removed by the author.

  8. Who was the physicist?

  9. It was one of the physicists from my days at NEC Research. I don't remember exactly which one.

  10. I do agree that there is a certain reactionary tendency among many to (claim to) value privacy at all costs.

    But I have never seen a good way to quantify what harm some specific loss of privacy entails.

    Put differently, the next time someone tells you how much they value keeping something private. Ask them to assign a dollar amount: how much would they be pay in order to protect the privacy of that piece of information? Or, conversely, how much could you pay them in order to get them to agree to make the information public. No one has any clue how to price this, which is why it is undervalued in the marketplace.

  11. A son of Russian antivirus guru Kaspersky was kidnapped based on the information from his social network account.

    Also any leak of phone numbers is a source of fraud. I know many people (including my mother) who received fake calls from their "children" urging for financial help. Sometimes a compilation of real "leaked" recordings is used to simulate speech.

  12. @Jonathan Katz,

    The problem is that to value it one needs to know about possible consequences. We can say the same thing about other things like car insurance, or medical insurance, ... . Ordinary people lack the knowledge and expertise to judge the risks and the value of these things. Legally a contract between two parties can be annulled on the base of lack of information by one side at the time they signed the contract. Expecting ordinary users to be able to judge the value of privacy is not reasonable.

  13. Well, taking this in a completely different direction - organizations, especially publicly/federally-funded ones, are often legally bound to keep certain information private. A breach of privacy will certainly result in some financial payout, which at least lower bounds the financial value of privacy in that context (not to speak of the repercussions from loss of reputation or even loss of federal funding).

    By way of a (even personally un-convicing) stab at the value of a single individual's record's privacy, just blindly assume each individual's privacy holds an equal share of the value lost by such an organization due to a breach.

    Obviously the issue is more complex -- what would you need to pay a doctor to release patient information, conditioned on the event that the breach would have the *worst-case* (purely financial) outcome for the doctor? At least enough to offset the value of every patient's information becoming public. But then, in the real world, a doctor with no moral qualms about making an unethical profit might have a high chance of getting by unscathed.

    In light of that, the only truly privacy preserving mechanism *purely in practice* appears to be the result of "aggregate privacy" -- if only one individual's privacy is on the line, the cost is only epsilon - next to nothing. But when a large group combines their private data, the cost of revealing a single individual's is effectively the cost of revealing it all.

    Hence, the current almost-contradictory situation where social network personal information - personal relationship status, religious beliefs, sexual preference - is surprisingly open, but knowing whether someone went to the doctor with a sniffle is locked up tight.

  14. edwardahirsch -- privacy is good when you have powerful enemies

  15. It may be worth noting in this context that Donald Knuth stopped writing his celebrated personal checks for $2.56 because of privacy issues with the account/routing numbers. See Knuth's explanation for exactly why.

  16. I think that what others post about you can do you far more harm than information you have offered at some point. I have a good friend who missed out on at least one job opportunity because of a false posting about him.

    Unfortunately, there is little one can do about falsehoods about them written on the Internet.