Other people’s privacy

In the wake of Google’s revelation last week of a concerted, sophisticated cyber attack on many corporate networks, including its own Gmail service, Eric Schmidt’s recent comments about privacy become even more troubling. As you’ll recall, in a December 3 CNBC interview, Schmidt said, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. But if you really need that kind of privacy, the reality is that search engines – including Google – do retain this information for some time and it’s important, for example, that we are all subject in the United States to the Patriot Act and it is possible that all that information could be made available to the authorities.”

For a public figure to say “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place” is, at the most practical of levels, incredibly rash. You’re essentially extending an open invitation to reporters to publish anything about your life that they can uncover. (Ask Gary Hart.) The statement also paints Schmidt as a hypocrite. In 2005, he threw a legendary hissy fit when CNET’s Elinor Mills, in an article about privacy, published some details about his residence, his finances, and his politics that she had uncovered through Google searches. Google infamously cut off all contact with CNET for a couple of months. Schmidt didn’t seem so casual about the value of privacy when his own was at stake.

The China-based cyber attack, which apparently came to Google’s attention just a few days after the CNBC interview, makes Schmidt’s remarks about privacy and deferring to “the authorities” seem not just foolhardy but reprehensible. When the news reached Schmidt that some Gmail accounts had been compromised, perhaps endangering Chinese dissidents, did he shrug his shoulders and say, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”? Did he say that Gmail customers need to understand that sometimes “the authorities” will have access to their messages? Judging by Google’s reaction to the attack, it takes the privacy of its own networks extremely seriously – as well it should. The next time Schmidt is asked about privacy, he should remember that.

Of course, Schmidt isn’t the first Silicon Valley CEO to make cavalier comments about privacy. It began back in 1999 when Schmidt’s onetime boss, Sun Microsystems CEO Scott McNealy, proclaimed, “You have zero privacy anyway. Get over it.” Just this month, the idea was repeated by the web’s most amusing philosopher-king, Facebook CEO Mark Zuckerberg. In an on-stage interview, Zuckerberg defended his company’s recent decision to roll back privacy protections on its site by arguing that the desire for privacy was evaporating as a “social norm.” Facebook, said Zuckerberg, was merely responding to that putative shift.

Reading through these wealthy, powerful people’s glib statements on privacy, one begins to suspect that what they’re really talking about is other people’s privacy, not their own. If you exist within a personal Green Zone of private jets, fenced off hideaways, and firewalls maintained by the country’s best law firms and PR agencies, it’s hardly a surprise that you’d eventually come to see privacy more as a privilege than a right. And if your company happens to make its money by mining personal data, well, that’s all the more reason to convince yourself that other people’s privacy may not be so important.

There’s a deeper danger here. The continuing denigration of privacy may begin to warp our understanding of what “privacy” really means. As Bruce Schneier has written, privacy is not just a screen we hide behind when we do something naughty or embarrassing; privacy is “intrinsic to the concept of liberty”:

For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that – either now or in the uncertain future – patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.

Privacy is not only essential to life and liberty; it’s essential to the pursuit of happiness, in the broadest and deepest sense of that phrase. It’s essential, as Schneier implies, to the development of individuality, of unique personality. We human beings are not just social creatures; we’re also private creatures. What we don’t share is as important as what we do share. The way that we choose to define the boundary between our public self and our private self will vary greatly from person to person, which is exactly why it’s so important to be ever vigilant in defending everyone’s ability and power to set that boundary as he or she sees fit. Today, online services and databases play increasingly important roles in our public and our private lives – and in the way we choose to distinguish between them. Many of those services and databases are under corporate control, operated for profit by companies like Google and Facebook. If those companies can’t be trusted to respect and defend the privacy rights of their users, they should be spurned.

Privacy is the skin of the self. Strip it away, and in no time desiccation sets in.

10 Comments

Filed under Uncategorized

10 Responses to Other people’s privacy

  1. Mr. Carr, some quick notes on this fine piece of yours:

    First, note that Schneier is strongly echoing one of the earlier and most extensive thinkers on this topic, M. Foucault. See his “Discipline and Punish”, for example (original French title “Surveiller et punir” which might have been better translated as “surveille and punish” or “surveille and discipline”).

    Second, your own discourse-centric analysis of the evolution of power here also echoes Foucault. I am not saying you are not making an original contribution. I am saying that, deliberately or not, you are compatible with a mode of analysis that he invented, explored, and promoted.

    Third, perhaps slightly beyond your analysis here, I think you need to look at how discourse like that of Schmidt and Zuckerberg *produces* choices in what systems are engineered and which are not. That is to say: you see Schmidt and Zuckerberg playing fast and loose with morality and being hyprocrites. Sure. Perhaps (well, certainly). Whatever. What *I* see is the discourse that is driving the constraints that define engineering problems within the two relevant firms. There is a feed-back loop where it is only possible within those firms to seriously talk assuming certain engineering constraints, and building systems that satisfy those constraints just tighten the bindings on what proposals can be expressed or not expressed.

    For example, suppose that I were suddenly transported and found myself sitting in a Facebook office with a senior engineering title. My inclination would be to point out how all of the useful and banal functionality that users provide could be more robustly and securely provided if, instead of it all taking place on FB’s central servers, it were using a distributed and decentralized architecture like (in the days of yore) email and net-news. And yet, in fact, that would be impossible for me to say. People might very well agree that “in theory” I was technically correct but such statements would simply not make any logical sense within the internal logic of the discourse that governs the course of the firm. Put crudely, the response would be something like “Ok, sure — 10 programmers, 2 years, and you could implement and start distributing that code. But there’s no money in it for us so your idea makes no sense. It is better for us to raise money to hire 100s and eventually thousands of programmers to keep that alternative at bay. Get with the program.”

    The problematic discourse is not confined within those firms, either. How are such firms valued by investors if not by such metrics as the number of unique visitors, their account level, and the attendant amount of monetizable surveillance and intervention that can be imposed upon users? The controlling discourse around these firms simply will not admit as valid statements which would deprive them of the particular surveillance-based revenue streams they envision. Contrary proposals are not merely rejected by them – they are impossible to express in the language they speak.

  2. The ultimate form of confidentiality is privacy of thought – the notion that what goes on in our heads is private, personal, and inviolate. That is why the incessant worry over brain scanners ‘reading our minds’ crops up so often as a widespread concern in the field of neuroethics. It seems to me to be perfectly reasonable to defend privacy of thought valiantly.

    Once thoughts are converted into bona fide words – spoken, written, etc., the privacy situation changes a bit. It used to be that people had diaries which held their private thoughts, and although my guess is that they were never as private as their authors wished them to be, they were rarely on view for all to see. People spoke to each other ‘in confidence’, and even had friends whom they considered to be confidantes. Correspondence between individuals was deemed private; at a minimum, people felt betrayed if a friend released their private musings to a third party.

    With the advent of e-everything, mores seem to have changed. My impression is that privacy of thought remains the last bastion of this particular fortress, and will remain so for at least the near future. I certainly applaud the sentiment that your post expresses but fear that it is increasingly unrealistic to expect privacy in the electronic world. Remember, one can view McNealy’s admonition and Schmidt’s quip as either scary stuff from people who live in an electronic Green Zone (great image) or good advice. I am not sure that both don’t apply.

  3. I’m really sorry, but I’ll have to disagree with you. Eric Schmidt a month ago explained something very simple, that falls from a simple hierarchy of values: he respects democratic institutions above, or before, or more then he respects property rights, as they give him shareholders the right to empower him to do what he wants with Google *within* previously mentioned democratic institutions, and the rule of law.

    Patriot Act might be the closest thing the USA will have to the Third Reich, it’s still the law of the land, and Schmidt respects that — and he intrinsically agrees that he doesn’t have the authority to say no to a judge when the matters at stake have been considered more important than GMail privacy. He copes, probably on a daily basis (although, I’d love to know how often, because that is not supposed to be a secret, at least, not unless Eric wants it).

    Chinese population might be the most brainwashed, racist & bigoted people, they or the CCP haven’t voted in favor for hacking. What happened last week was unacceptable and a de facto act of war. Putting aside ridiculous claims that the government had no implication (his call, I have no idea) he considers that his respect for democracy has no room and he protects his assets and his stakeholders. I find it ridiculous that he claims that dissidents are at stake because, de vero, it is corporate spying.

    If you have a problem with what Eric Schmidt said a month ago, contact you local elected official to have the Patriot Act repelled because Google has no authority to hide terrorists. And, yes, that argument is lame—but it’s your USA, not mine.

  4. A guy who made his fortune by providing me an easy way to find photos of Scarlett Johansson’s boobs is now threatening me with same?

    It’s a rough ride in the 21st century.

  5. Great post, Nicholas. I completely agree that we’re beginning to lose sight of what privacy is and why it’s important. My colleague wrote a blog post about the Facebook privacy issue and ran into the same issues: http://www.wordstream.com/blog/ws/2010/01/15/facebook-privacy-switcheroo

  6. Thanks for this post. You make important points.

    Anybody that says you shouldn’t do anything that you don’t want others to find out about should be watched very closely.

    I think we should crowdsource surveillance of Eric Schmidt and see how he feels when his private space is curtailed. If nothing else, it would make a nice point.

  7. Tim

    Another option regarding privacy that’s not mentioned is just saying whatever you want to in public. This seems to be the trend in political discourse now, with some incredibly harsh things being said, then conditionally retracted, then said again in different language. There is so much vitriol in the ether that we hardly have time to get angry before more comes at us. Is it a privacy issue? Yes and no. We still hide more than we share but we now share more than we ever did. If Gen Y is as some describe, less sensitive to privacy issues, then things may actually change by the sheer weight of their numbers on society.

  8. The laws on privacy may vary from country to country, but the laws of economics in the information age do not. Information has value and therefore is traded like any other product or service on the planet, following the basic law of supply and demand and under the supervision of local and global regulators … NQ Logic recommends reading the impact of Facebook steps forward and The New Privacy Age on http://www.nqlogic.com

  9. Joe Marchese

    After Nick Bilton wrote a piece on Conan O’Brien potentially going direct over the Internet, it got me thinking about the real problem for great content. The real problem is we don’t know how to ad support it, because NYT and anybody else in media can’t sell a REAL online audience against the inflated offline audience they have been selling for years. They can’t compete against themselves.

    Post just went up on MediaPost here:

    http://www.mediapost.com/publications/index.cfm?fa=Articles.showArticle&art_aid=120836

  10. Thomas

    I don’t think that Schmidt is being too unreasonable. Google are always going to be subject to US gov. coercion, so they might as well be honest about it.

    Companies aren’t going to stop recording personal data because the gov. could get it, the general public isn’t concerned about the government (yet). They might to avoid subpoena costs though…

    Interesting thought – If there’s no privacy, what’s the USP for Facebook over WordPress or TypePad? People tended to move to FB because on MySpace they’d friended so many random people that they had no personal space.