|
|
- Information Privacy in the Post 9/11 World - How many people know what you did today? It's an interesting question, and one that gets more interesting if you ever decide to answer it. The other day, I tried to keep a mental list of the various people and institutions that knew (or could know) something about my daily activities. Let’s keep a running tally, shall we? My alarm clock went off at 5:30 that day, and I finally got out of bed at 6:30. My wife, who didn't need to get up at 5:30 or 6:30, was well aware of that (1 person). I showered and dressed and left the house by 7:15. My wife and my son, who had woken up by then, knew that, as did any of my dozen or so neighbors who might have been looking out the window when my car pulled out of the driveway (~14 people). I bought a monthly train ticket to New York that morning, which the New Jersey Transit ticket lady knew about, as did several of the people on line behind me, who were nervously checking their watch and wishing I’d pay faster so they didn’t miss their train (~20 people). By now, several other people at NJTransit also know about my purchase (or could, if they endeavored to find out), as well as several people at my bank, on which the check was drawn (~35 people). Dozens of people saw me get on (and off) the train and, if they cared, could tell anyone about my morning commuting habits, including what I did on the train, who I sat with, etc. (~75 people). When I got to New York, I took the subway to my office. Another train and another few dozen people who (as far as I know) ignored me as I went by (~100 people).
I got to work and logged in to the corporate network – another dozen people or so who become aware of me, this time in various cities around the country (~115 people). I use an instant messaging application, so any of the almost one hundred people around the world that I’ve exchanged ID’s with could find out, at any time during the day, when I logged on, how long my machine has been idle, etc. (~215 people) Most times, I even voluntarily give out more information by setting “away” messages (“I’m in a meeting right now...”) During the day, I spoke on the phone, left voicemails and wrote e-mail, providing biographical data to another 150 people or so (~365 people). And then there’s the folks at the phone company who know what number(s) I dialed, and my employer’s compliance group who (again, if they cared) could know who I wrote to, what I said, which web pages I looked at, etc. (~400 people). It goes on and on – people who saw what and where I had lunch or dinner (~500 people), my commute home (~550 people), the various security cameras I walked past as I went in and out of corporate buildings (~600 people). All told, we’ve conservatively tallied about six hundred folks who, with very little effort, could tell the cops something about me, if they ever showed up at their door with my picture and a “Have you seen this man?” An interesting side note: my “typical” day didn’t even include any of those things we typically worry about when we talk about privacy. I didn’t buy something over the phone or the Internet, didn’t use a credit card, didn’t tell anyone my social security number, my mother’s maiden name, or my bank account balance. I just went to work and came home. The Delicate Balance: Privacy vs. Convenience Does the above vignette surprise you? Amuse you? Terrify you? Since 1995, when the Internet replaced television as the world’s most interesting communication vehicle, debates about privacy and convenience have abounded. After a few years of confusion and quite a bit of misinformation, the balance generally stabilized as follows:
Then came the horrific events of September 11, 2001. For a few weeks, all of the debate and cynicism around issues like “privacy vs. convenience” disappeared. The privacy side of the issue vanished completely, and the universal motto was “Convenience (for law enforcement) at all costs.” Bags were searched at public gatherings, people were scrutinized at airports, law abiding citizens were questioned (and occasionally detained) based solely on suspicion or circumstantial evidence. No one wanted to get in the way of catching the bad guys (or preventing another attack) to discuss individual privacy concerns. Now it’s just over six months later, and the confusion seems to have once again settled, and a balance has begun to emerge:
So what has really changed since September 11th? It’s probably the most frequently asked question of the last six months. It has thousands of answers, none of which seem the least bit satisfying or complete. Allow me to submit yet another entry: Before that day, I believe the privacy vs. convenience debate seemed rather theoretical to everyone. Your opinion didn’t really matter, because the consequences seemed confined to a hypothetical, Sandra-Bullock-in-The-Net kind of world, where bad people actively conspired to hurt you by stealing secret information and turning it against you. This made it safe to vehemently defend one side or the other, or to speak one way and act another. Since that day, I believe most people have come to the stark realization that some amount of “privacy invasion” is warranted, in exchange for the convenience it provides us (or, more accurately, the convenience it provides those who strive to protect us). The privacy advocates realize this and have, for the most part, toned it way down. The media has begun presenting a more balanced view of the issue, pointing out the benefits associated with some of the costs. People, many of whom have taken advantage of these benefits for a long time, feel empowered by their new public acceptance, and are speaking out more freely about their true preferences. Corporate America is the wild card. They are still dealing with the chilling effects of a global recession combined with a national tragedy. Their focus remains on cutting costs and riding out a tough economic environment. One day, though, things like innovation, customer service, and product quality will once again be the focus of attention. What remains to be seen is whether or not this newly acquired enlightenment about the power of information to serve, rather than incriminate, will translate back to the relatively mundane world of electronic commerce. That, of course, and what the guy next door had for breakfast on the train yesterday… |