Bruce Schneier claims that there has been a death of privacy and hits out at Facebook for 'not protecting the victim'

News by Dan Raywood

The death of privacy has been caused by people taking a hands-off approach to it.

The death of privacy has been caused by people taking a hands off approach to it.

Speaking at the IDC security conference in London, chief security technology officer at BT and blogger Bruce Schneier said that as lives are moving to become evolved social systems, people have deliberately created complex social systems and this is a big deal, in terms of privacy.

He said: “What this means is a shift from formal to informal. Technology enables massive invasions of privacy, simply because things are done on computers and computers use data as a bi-product, and as data gets cheaper and easier to store, it is saved.”

He also claimed that there had been a ‘relaxed' attitude to privacy as businesses and ‘regular' people evolve. He claimed that when the public think about privacy and security they think about it in terms of control, control of data, information, email, IM conversations, files, photographs and location, and a security or privacy failure is often summed up by the victim as ‘how did they know that', or ‘how did I lose that?'.

“It is control of data and not in terms of secrecy, rarely do we have stuff that we do not tell anybody. We have many contexts in our lives – data we share with the doctor is not the data we share with our friends. There are context collisions, when you meet someone you are not used to that, this happens all the time on Facebook when you are typing something and your mum comments, you think what happened? That is a context collision,” he said.

He further commented that the need for privacy policy has disrupted attitudes, as people have ‘never needed a privacy policy before'. He said: “We didn't have to write it down, didn't have to tick check boxes and didn't make decisions that were divorced from the situation. We do now.

“We have learned a lot about privacy in the last decade, how do we make privacy decisions? If you think about privacy you are already done for, giving people written privacy assurances makes them less likely to disclose because you have reminded them. Not reminding them makes them more likely to disclose.”

He commented that due to networks such as Twitter, anyone can now live their life in public and we are public by default, but privacy is very social.

Citing an example, Schneier said: "So Alice trusts Bob, and Alice tells Bob a secret – Bob tells everyone in the school because he thinks he can get some stature, Alice has been deceived by Bob so she has two choices here – she can break up with Bob, or she can learn from this and only tell things that she doesn't like Bob to repeat.

"Facebook is not in business of protecting Alice (the victim), Facebook is in the business of being Bob. Facebook wants to tell us much information as possible, that is how they make money. They don't care if they stop talking about most recent stuff, and Alice can't break up with Facebook, everybody in school uses it and that is how she interacts socially with her friends.

"That is the business of social networking sites, they want more users, more information, more sharing, more users spending more time on their sites because this equals more revenue, more impressions more targeted marketing, more cross selling. It is a myth that you are their customer, you are a product that they sell to their customer."

Looking at the death of privacy, he commented that it is has happened 'because people are killing it'. He said: We have seen a deliberate rationing down of expectations, and perfectly reasonable to do so, if I was trying to make money off it I would do the same, but the effect is people have much lower expectations because it is not what they are used to.

"Death of privacy is not inevitable, but it feels natural as technology always changes balances, and we can either accept the balance that technology has handed us, or try and change it. The question to look at is who makes the rules, and there is a tier here as technology determines what is possible, laws determine what is legal, markets determine what options people have and people get to decide what options to do given the choices that they are given."

Looking to the future, Schneier said that ten years ago no one could have predicted Facebook, but we are facing social norms set by the businesses with profit blips, which he thought should cause people a pause.

“Unfortunately we are expecting the younger generation to figure this out, but they don't know that it is a problem yet. I think data is the pollution problem in society, all processes produce it, it stays around, its secondary uses are what is interesting and we have to deal with it somehow," he said.

"Just as we look back at the captains of industry at the turn of the previous century and marvel at how they rushed to build the industrial age, they ignored pollution, I think we are going to be judged by our grandchildren, by how we deal with data in the information age."


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews