A presentation at Hackference 2017 by Stuart Langridge
Privacy could be the next big thing Stuart Langridge @sil kryogenix.org I'm going to talk about how privacy could be the next big thing. Emphasis on the could.
data collection a bit much? …
data collection a bit creepy? …
data collection a bit creepy? … In 2012, Target, the American discount store, put together a list of 25 products that when purchased together indicate that the purchasing woman is likely pregnant.
Then they mailed out coupons for baby products to prospective mothers... and one of them's father stormed into his local Target and demanded to see the manager.
“ My daughter got this in the mail!” he said. “She’s still in high school, and you’re sending her coupons for baby clothes and cribs? Are you trying to encourage her to get pregnant?” (also, Sunnydale High School.)
And then a couple of days later he apologised profusely when it turned out she WAS pregnant.
Allo / Google Assistant / "helpfully" add things to conversations / locations from your personal maps or things from your personal searches
Some of this stuff is apparently a bug and it's been fixed.
Women are less likely to be shown ads for high- paying jobs.
If your social media friends have bad credit ratings, it could be harder for you to get a loan.
Uber / tracked drivers attending taxi protests & fired them / internal app “God View”, tracks you after leaving car / “Rides of Glory” home after one night stands / blog post
They retracted that one. Because even they were aware that this sort of thing is creepy. Really, really creepy.
Isn't it great to live in the 21st century? Where deleting history has become more important than making it.
“ If you're not paying for the product, you are the product.” There used to be a saying. If you're not paying for the product, you are the product.
“ If you're not paying for the product, you are the product.” W R O N G B A D N O Various levels of untrue / sometimes pay AND are the product / getting for free does not mean agreeing to be exploited all ways
"There is no correlation between how much money users pay and how well they're treated." http://powazek.com/posts/3229 "There is no correlation between how much money users pay and how well they're treated."
http://www.af.mil/News/Photos.aspx?igphoto=2000588958 I’m OK with being the product; I’m not gonna pay; show me ads I like at least
TV ads were rubbish back when people watched TV
What’s different / words used already / hear from real people, media, friends in pub, colleagues at work, people on train. Creepy, what does it mean?
Fraa jad / true but don’t know what it means / 400 years old / we can do better
aggregation The issue is aggregation.
Emergent phenomena. Data science: big pile of facts / deduce new facts you weren’t told.
data collection a bit creepy? … It’s what Target did.
It’s what Sherlock Holmes did. Take data → new surprising conclusions. Fun to watch... if it’s happening to someone else.
“ Amazing” This is not the face of someone who is pleased and delighted by their user experience. People do not like it when you do this.
Your data collection is creepy when you use it to deduce things you weren't told and shouldn't know Companies. Learn this. This is what data science is for, so there’s a mismatch. And it’s not new.
Supermarkets are laid out in an incredibly precise way.
Vegetables at the beginning because it communicates freshness
Bakery near the entrance because it smells nice
Stuff everyone buys is at the back so you have to walk through everything else to get it
only exit from the airport is through the duty free shop
“ Every aspect of a store’s layout is designed to stimulate shopping serendipity” https://www.realsimple.com/food-recipes/shopping-storing/more-shopping-storing/grocery-store-layout Every aspect of a store’s layout is designed to stimulate shopping serendipity
trapped So people find this weird and unpleasant! And the worst thing is that they’re helpless. They’re trapped. Because there’s nowhere else to go. There are a bunch of stock answers for what you should do about this.
you can’t opt out You can’t opt out by just not using any of this stuff at all. that’s not realistic. It’s not impossible, in the same way that you’re allowed to go and live in a cave in the desert if you want, but anyone advocating that as a solution to your problems can shove off.
unrealistic We're all part person and part machine now. And that's OK
Never be lost again. Horror films need excuses or no suspense.
Can listen to any music you want
Can video call people on the other side of the world
Louis XIV couldn’t do this
These are superpowers. We should not have to give them up or trade them away.
“ If you leave your phone behind, it’s like missing limb syndrome” http://waitbutwhy.com/2017/04/neuralink.html "If you leave your phone behind, it’s like missing limb syndrome" - Elon Musk
you can’t regulate it away You can’t regulate the problem away. EU have done some work on this → INDIA
India: privacy a fundamental human right. Gov regulation is needed. But too slow / easy to stay ahead / won’t happen cos big business.
John Stuart Mill wrote lots about free speech. Big thing he said is forgotten
“ laws passed by governments are about the ninetieth most important restriction on our freedom of speech” http://blog.danieldavies.com/2002/10/free-as-bird-im-profound-believer-in.html Americans correctly big deal about 1 st Amendment. Non-Americans too, discover they don’t have one. Gov reg at best a part of the answer & not the lead part
you can’t shout don’t have a go at people about it; just annoys your friends. Need to move Overton window.
Use this messenger: feel right but have no friends. Doesn’t work. Tweet is right: right now people don’t know how to care.
you can’t reboot the public Can’t get a new public who do care either
The children of the revolution were faced with the age-old problem: it wasn't that you had the wrong kind of government, which was obvious, but that you had the wrong kind of people This is wrong thinking. Which is pratchett’s point of course.
More than 70% of people would reveal their
password in exchange for a bar of chocolate
http://news.bbc.co.uk/1/hi/technology/3639679.stm
Who’ll tell me their password?
(fake chocolate bar)
BUT HERE’S THE BAD NEWS ->
technology is not the fix And the fix is not technology. The tech is not the hard bit. There's loads of tech.
signal
matrix
purism
Privacy badger
Vpns by the dozen
Password managers by the dozen
tor
chilling effect / frightened of what MIGHT happen cos they don’t know. Don’t like what they can imagine. / not about prison or illegal / is your rep / fear the unknown / chilling: not a law, discourage anyway
“ Freedoms are not being taken away; we are just afraid to use them” https://www.socialcooling.com/ Freedoms are not being taken away, we are just afraid to use them
Ideally people really would dance like nobody's watching. But hardly anyone does.
no choice But everyone's still involved because they've got no choice. but what if there were a choice and people knew that?
the next ten years Whoever gets this right, works out how to tell this story, will define the next 10 years;
Mobile changed everything; changed the world; power in your hands; made billionaires & industries; everything old new again; new lens
Social changed everything; changed the world; power in your hands; made billionaires & industries; everything old new again; new lens
Go back in time; tell morpheus on his Nokia phone everything will be mobile. EVERYTHING.
Go back in time; tell users on sixdegrees (remember sixdegrees?? first social network) everything will be social. It’ll elect presidents.
go forward; world where your data is YOURS and everything still WORKS; tell them a time we felt like we had to give that up. Laugh, penny farthing.
82% of people are not comfortable with the sale of their data to third-parties in exchange for speed or convenience or product range https://home.kpmg.com/sg/en/home/media/press-releases/2016/11/companies-that-fail-to-see-privacy-as-a-business-priority-risk-crossing-the-creepy-line.html People want this fixed. 82% of people are not comfortable with the sale of their data to third- parties in exchange for speed or convenience or product range.
Half of all people have avoided doing some basic stuff online because they have concerns about how their data will be used https://www.washingtonpost.com/news/the-switch/wp/2016/05/13/new-government-data-shows-a-staggering-number-of-americans-have-stopped-basic-online-activities/ Half of all people have avoided doing some basic stuff online because they have concerns about how their data will be used.
disrupt Here, finally, is an industry that actually NEEDS disrupting. That’s how you disrupt. → BETTER MOUSETRAP
If you build a better mousetrap, the world will beat a path to your door
= Terrible lie / go back in time, pour coffee in ralph waldo emerson’s lap
4,400 Wikipedia: 4400 patents... for mousetraps. Name a mousetrap inventor.
The way you overcome an incumbent business is by doing battle on a field that they can't compete on Overcome incumbent on a field they can’t compete on (not won’t, don’t). Apple invent mobile, overcome MS entrenched advantage; MS beat mainframes, computer on every desktop not a terminal; shape the world, current incumbents can’t compete; built business model on creepy, can’t exist; FB with privacy, can’t exist; how you win
a weapon which only hurts bad people Weapon only hurts bad people; being creepy but needn’t, fix it; reliant on creepy, die, but OK with that. People want this; not just geeks.
Everyone finds this unnerving. Not just a conversation for geeks like me; the Daily Mash tells jokes about this now. “FB do weird things with data” is mainstream.
Tin foil hats are a fashion item now. The world is ready to be convinced. Eager to be convinced.
how? How do we do it?
¯_( ツ )_/¯ don’t know. Wish I had an easy glib answer; I don’t.
differential privacy Dwork, McSherry, Nissim, Smith - https://link.springer.com/chapter/10.1007%2F11681878_14 Differential privacy now a bad one. Apple last year. Get aggregate info; can’t tell anyone’s specific answer; can’t tell if someone participated. (This: the Jackanory version; don’t try on cypherpunks) Prop of Hackference who like choc: yes/no. Flip coin: heads tell truth; tails flip again. Heads say yes regardless, tails no.
Icons https://www.flaticon.com/packs/avatar-set thank you!
Rigged demo. It does actually work though. The maths is more complex to do it for real. Add noise: this is “randomised response mechanism”; 60s to answer embarrassing/illegal questions; people can skip answering, values still ok. State of the art, way more advanced. Read paper.
data science You can do data science without being creepy about it. This is known technology. The methods exist.
help understand We need to come up with ways to help people understand that there ARE ways to do this stuff. You can never be lost, and listen to any music, and video chat, and not feel uncomfortable about it.
It’s not OK that you’re made to feel uncomfortable It’s not OK that you’re made to feel weirded out. It is possible for there to be alternatives. Someone rooting around in your life is not a price that you have to pay.
false dilemma Opt out and cut off superpowers, or give up personal info to pay for them, and that’s it. We need to change that story. Help people understand that it doesn’t have to be like this.
it’s us These ideas, these alternatives, they'll come from us. People in this room and rooms like it. Who's building the next big company? You are.
change the story When you build it, talk about how we change the story. People are scared and they shouldn’t have to be. When hacking/making companies/chatting, talk about how we change the story.
UX UX is the whole thing. Not about fonts and colours; about the view of the world. This world, people don’t like it, but they don’t know it can be better.
explain can’t tell people to opt out; can’t shout; can’t wait for gov to save us or everyone to learn spontaneously. We need to explain. To teach. It’s obvious to us. How do we make it obvious to them?
World changes; everyone looks for it as a matter of course. And the seesaw tips over.
Talk about how we change the story. We need to talk about how we change the story.
@sil Thank you.
About privacy, and how people are scared and uneasy about what's being done with their data. And how we need to stop building new technology and start working out how to explain to everyone that it is possible to build a world where you don't have to feel exploited and frightened and you still have all the same internet superpowers that you have today.
The following resources were mentioned during the presentation or are useful additional information.
Here’s what was said about this presentation on social media.
for free. You
can too.