Speaking about Privacy and Publicity

Yesterday I gave the opening keynote at SXSW to over 5000 people (OMG, that room was huuuuuuuge). My talk was about privacy and publicity and I spent a lot of time pushing back against the notion that “privacy is dead.” In some ways, the talk is a call to arms, an invitation for people to rethink their models of privacy so that we can collectively build a society we want to live in. As with many of my other talks, I wrote this one out so that I could share it with any of you who weren’t able to join me in Austin:

Making Sense of Privacy and Publicity

My hope is that this talk will also get you to think about these issues. I realize that this is a provocative argument and I would LOVE any and all feedback that you might be willing to share. I’m especially fond of folks who disagree with me. And I think that this topic requires some debating.

For those of you who are still in Austin, have a fantastic rest of SXSW! w00t!

25 thoughts on “Speaking about Privacy and Publicity

  1. Boz

    Danah, thank you for the brilliant, important speech. Life has been interesting for me after posting tweets praising the bulk of your speech, but critiquing the recommendations. Apparently, one can’t say a famous person’s speech is mostly brilliant, then post a detailed critique of a specific section. Who knew???

    My issue is I believe the closing section of the speech simply does not go far enough. Each technologist can do as you suggest, using their Web 2.0 tango mindset, developing a grounded understand of privacy, engaging with end users, and thinking carefully about the implications and ethics of our decisions. Each of us can do all you say, and fail on privacy. The web is an interrelated set of piece parts; change in each part doesn’t solve the problem across the whole. I believe you make a compelling case for industry-wide reform, and then essentially reprise the talking points of every major web property that commits a major policy fail. Every company that accidentally does something terribly wrong these days follows a similar pattern – “We know we were wrong. We are sorry. Trust us. Work with us. We will do better.” A stronger call to action would be more consistent with who you are, and with your body of work. You make a case for new industry standards, new technologies and services, changes to web infrastructure, new policies and agreements that provide agency to people over their information across all of the interrelated piece parts of the web. I’m bbbozzz on twitter – please dm me if you have a few minutes to chat about the details of a stronger position might be.

    Your thought leadership is important here. For most of the speech, you were leading. In the closing section, I have to admit, I feel you were following. I’m hoping this will change as you adapt this important address.

  2. Jeremy Buehler

    Danah,

    I was not at SXSW but I really enjoyed reading your keynote.

    I liked how it covered various angles of privacy and publicity in ways my marketing and development peers do not typically acknowledge.

    Thank you and please continue your fine work.

  3. ayala rahav

    Hi Dana,
    You brought back the humane note of the peopel behind the users- a ver significant reminder to the trenders’ discussion of publicy and privacy, the generational dichotomies and the matter of factedness that re typical to dealing with this important issue.
    However you leave out the very issue that is at the heart of providers’ actions – they have a vested economic interest in exposing, manipulating and sharing our dat because their revenue streams rely on that.
    That is why I believe the next phase should be a user side privacy management that would still enable evrybody to gain – but fairly, transparently and respecting privacy and sharing decision of users, without us depending on their one sided policy statements and wondering whether they pay us lip service or indeed walk the walk. I write about it in http://www.icentered.com/iprivacy and ask to start a conversation on such a paradigm shift that puts us in a place where we have control on our privacy and choices.
    It is up to us, infrastructures and technologies are already out there to empower such a state of mind and the new user based initiaitves that can go with it.

  4. ayala rahav

    Hi Dana,
    You brought back the humane note of the people behind the users- a very significant reminder to the trenders’ discussion of publicy and privacy, the generational dichotomies and the matter of factedness that are typical to dealing with this important issue.
    However you leave out the very issue that is at the heart of providers’ actions – they have a vested economic interest in exposing, manipulating and sharing our data because their revenue streams rely on that.
    That is why I believe the next phase should be a user side privacy management that would still enable evrybody to gain – but fairly, transparently and respecting privacy and sharing decision of users, without us depending on their one sided policy statements and wondering whether they pay us lip service or indeed walk the walk. I write about it in http://www.icentered.com/iprivacy and ask to start a conversation on such a paradigm shift that puts us in a place where we have control on our privacy and choices.
    It is up to us, infrastructures and technologies are already out there to empower such a state of mind and the new user based initiaitves that can go with it.

  5. Alan Sloane

    Thanks for posting the talk.

    On a nerdish point, it seems you attribute the “Privacy is dead” meme to Eric Schmidt. But, to my recollection, if Dr Schmidt did say that, he was actually quoting (possibly ironically) his former boss, Scott McNealy. Searching back through the web’s persistent memory, the best source I could find was this (http://www.computerworld.com/s/article/64729/McNealy_calls_for_smart_cards_to_help_security) from October 2001, where McNealy is quoted thus: “several years ago he had said, “Privacy is dead, get over it.””

    Curiously too, in several places the quote – although still attributed to McNealy – seems to have morphed into “Privacy is dead, deal with it”. That’s a little less abrupt (and a little less McNealy) but “dealing with it” is in a sense what all those FB privacy settings and Buzz opt-outs are offering us. While it may seem a more generous offer than simply instructing us to “get over it”, these systems and companies omit to remind us that all of the information we’re providing (“our” information) remains permanently accessible – and private – to them.

  6. Jason Treit

    Boz,

    Absent specifics, it’s hard to see how your approach adds value to danah’s work. To “provide agency to people over their information across all of the interrelated piece parts of the web” – where, by your calculus, agency somehow exceeds control – is a nice sweeping gesture towards the primacy of the individual, but runs flush against the social bargain of any environment that supports free thought, expression, and association.

    Forget the web; take unmediated social contact. If you wanted agency over all your information in that space, you wouldn’t undertake the risk of opening your mouth. Were others to misunderstand you, disagree with you, or betray confidence, the most you could do under less-than-extreme circumstances would be to admonish them and part ways. People learn what trust is precisely by surrendering agency. This surrender never stops being scary. Or worth it. Do you also propose end-to-end reform of social life?

  7. kellie

    danah – thanks so much for posting this. I enjoyed hearing you speak and was hopeful to be able to read this again and refer back to it. Sorry I wasn’t able to find you later in the show to connect and discuss. Perhaps another time. Thanks again.

  8. Daniel

    Great keynote. I find your work very interesting and important.
    I’d like to know if Facebook released any public information about the 35% privacy settings issue. Where did that information come from?

  9. Bertil Hatt

    I really loved that talk — even more so then the previous one, and I’m glad to see that it was both selected for SxSW and spread throughout the blogosphere: we have great institution in Internet Studies, and that’s fanstastic.

    One detail and one intuition:

    The detail: I’m not sure Eric Schmidt entirely meant what people attributed to him: I understood “maybe you shouldn’t do it” as “I can’t and won’t infringe the law — so do what I’m not allowed nor willing do for you.” while hoping good people (hacktivist, teenagers) to use Tor, while the terrorists and the bullies don’t. That would sound a lot like Wikipedia’s trust that the good ones are more numerous and skilled than the bad. I’m not sure I agree, but I doesn’t make sense to me to assume a guy like him is stupid, and doesn’t value privacy.

    I love when you try to articulate the different kinds of public—and maybe, introducing some economics, in the form of *efforts* to make something known, would make the distinction more apparent. Paparazzi annoy people that are bankable. What changed is who makes the efforts to spot the next Tila Tequila. I know I sound a lot like Clay Shirky saying that, but he seems to be onto something in that area.

  10. Johnny Doe

    You guys think Facebook is bad? Ha. That’s a service that you a) have to sign up for yourself, b) post your info yourself, and c) have some sort of notification as to the privacy of the content YOU add.

    Ever try putting your name into ussearch[dot]com? 123people[dot]com? intelius[dot]com? Anyone who wants all your information, pictures of you, your address, all your relatives info, even your ss number, can get it. Some of it’s even free – like your current address, relatives, etc. There’s a lot of stuff that you may have never entered online, EVER, because it’s “public record” or something and the stupid laws regarding things like this are old and outdated. So there goes the old “if you don’t enter anything on the internet, you’ll be safe” argument.

    I wish these were the worst sites I’ve found during my time as a technical person, but they’re not. A lot of sites will tell you that YOU have to pay THEM (ussearch is $10) in order for them not to post this information about you!

    And I won’t even mention the ones located in other countries, yikes, freaking yikes man.

    It doesn’t seem to matter whether you make your info private later either, because some sites (even the supposedly legit US ones) scrape content from all these other sites. So you see, it doesn’t matter if your info is private NOW, chances are someone already grabbed all of it the moment you entered it when it wasn’t.

    Disagree with me? So you’re cool with me getting all your personal info, then posting some of it online for everyone to see, then selling it to people who may wish to do you harm, then tell you that if you want me to stop doing it then YOU have to pay ME $10/day or $10/year or whatever not to post it. Hmmmm, okkkkkkk. Great idea! Too bad other sites (like the ones above and many others) are already doing it. And what was the definition of blackmail again? It must mean something other then what I thought.

    So here’s what I’ll recommend:
    Maybe you don’t have any kids, maybe you don’t have any savings, maybe you don’t have anyone who’s looking to hurt you; but there are people out there that do. So hey, let’s get some new laws passed, let’s get privacy at a reasonable level. I guess that’s all I can tell you, what else can ya do?

  11. Boz

    Jason. Nope. It’s not my responsibility to defend against bizarre misinterpretations of my argument, as I’m sorry to say, yours is. Danah gives a gentle slap on the wrist to technologists, then turns around and says “there was nothing technologically wrong” with what they did. But that’s flatly untrue. She provides no support for the claim, and frankly, I wonder if she’s qualified to make that judgment. The current technological approach is fundamentally wrong – the gaping holes straightforward to fix if only a few of the major players the industry choose to do so. That would be something of an activist position. Instead, we get a brilliant critique, and then a closing section that passively and uncritically accepts the notion that technologists can do nothing once information goes beyond existing API’s and makes its way into the wild. Really, activists should realize it’s a matter of whether a few of the largest social media web properties – decide to do it. The publicity releases from these properties imply that it is impossible for these companies to stop their *partners* from using data once it’s in the wild. Danah falls far short in her recommendations, instead parroting the standard social media industry soft-sell that it’s all a misunderstanding, nothing that a little grounded understanding, engagement, and careful thought can’t solve. Wrong. Although those are needed, so too is fundamental change at the level of the interfaces by which these interrelated piece parts interact. It’s apparent from Danah’s critique, and the many like it, that some the major social media web properties aren’t motivated to fix the technology fundamentals. It’s entirely understandable that an ethnographer / social networking expert would on a first attempt take the side of people who are unmotivated to do the right thing. The key for me is whether she changes from her current passivist recommendations to a more activist approach, in keeping with her stated philosophy. Her current draft provides *the single most conservative set of recommendations* I have ever read on the privacy topic. Pretty strange for an activist to do that, no?

  12. Jason Treit

    Boz,

    Your straightforward privacy fix, which, after hundreds of words, you still haven’t begun to specify, rests on the tidy premise of “a few of the largest social media web properties” having unilateral reach into the rest of the web and all its “interrelated piece parts.” They don’t. Nor should we wish them to.

    The Internet is a medium of many, subject to negotiation by many. Were it a cogwheel of industry, Tor and WikiLeaks and bittorrent and Skype would be ‘fixed’ instead of thriving. The imaginary conditions you attach to all web-based interpersonal disclosure don’t even cover the conversation we’re having now.

  13. Boz

    Jason, I’m not offering to specify the straightforward fixes to gaping holes to you. It’s pretty clear that you’re for the gaping holes, users be damned. I’m offering to discuss details of what an activist position would be with Danah. So to someone like Danah, who asked for debate and engagement, I’d suggest looking to patterns like compensation in service-oriented architectures. One would think that as an academic and activist on this subject, she’d want to follow up. Maybe not, but that’s usually what Harvard and Berkely academics feel a responsibility to do.

    Unilateral reach … hmm… Does it really? Who has their hands on the data, who allows use of the data via public API’s, who is it who states the terms and conditions over those public API’s, who regularly announces deals with industry partners for piping data over those API’s? Companies don’t already have mature schemes in place for data cleansing once those data have gone beyond the bounds of their systems? Sorry, technical fixes abound and are standard practice. Too, industry standards are quite common. It’s only a question of whether people want to do right by their end users, try to reach some common ground, or whether they’d rather stick with the broken approach we have now because it’s in their self-interest. Ayala up above has it pretty close to right. “Imaginary conditions…” That’s funny – this suggest you are opposed to other efforts by these very same web properties to institute other standards?

    I don’t see how you can be opposed to industry taking responsibility to fix its broken technological framework and for Danah’s position. Or are you opposed to her critique? Danah indicates she’s most fond of people who debate her. Given that you appear to be against users controling their data once it’s made its way past the first layer of API’s, and thus against end users, I gather she wouldn’t like what you’re saying. Then again, she says she’s an activist (though her position here is not) and you seem to express a similar outlook (though your position in this conversation is pretty close to reactionary).

  14. Brian O' Hanlon

    Danah,

    You got me thrown off my group blog once one time, for getting way off topic. Howard Rheingold said I was bang outa line, outa line completely. I was collaborating with him and some other fine folks on the cooperation commons blog. You can read the particular offending blog post of mine here:

    http://www.cooperationcommons.com/cooperationcommons/blog/brian-ohanlon/119-mining-projects-online

    It was in reponse to an Apophenia entry dated February 5th 2007, about those walled gardens. I went to a lot of work to root out that old post, so I hope you appreciate it. The memory of Howard’s stinging criticism is still vivid in my mind though. No, he was fighting a losing battle in terms of keeping me on topic. My own personal blog is available if you click on my name above. I notice you move about Havard circles nowadays. I was watching the PBS documentary, Faces of America, by Henry Louis Gates, Jr. today. His interaction with one member of a native tribe was interesting. Asked to offer a DNA sample to do a full genome mapping, to figure out here origins, she refused. Apparently, she asked her tribe, and they said it was their history too – it was not hers to give. I like what Elizabeth Warren is doing, in looking at credit references for individual people too – it seems as though, defaults in one credit line can trigger same in others etc. All very weird and wonderful ways, to look at what privacy might be in 2010. I mailed you a link to the Bulletin Board history documentary series to view online. I found it interesting, one contributor said he set up a ‘gay and lesbian’ bbs for the Washington area in 1986. Many people at that time, he said, thought they were the only ones in their area. Is that some sort of dimension to do privacy also?

    Brian O’ Hanlon

  15. Brian O' Hanlon

    Yeah, I re-read my old cooperation commons blog entry now – the key question I have for you Danah, today is, why do cultures such as Amish communities etc, which are treated as being so conservative minded, also manage to facilitate such a sense of the group? Of the near-ness of people as opposed to far-away-ness? In the cooperation commons blog entry I made reference to the old thatched cottage culture that existed until my father’s time in Ireland. Which was open in ways we don’t understand today – yet, also closed as a culture, similarly in ways we don’t understand. BOH.

  16. Brian O' Hanlon

    Danah,

    One other comment, if I may be so bold. I gazed down through your ‘tags’ for this blog, and I looked for the tag which was used the least – it is ‘ideas’ with only a single blog entry. C’mon now, you can do better than that. Try starting, by listening to Norman Bodek at the Lean Blog dot org site. Norman Bodek reckons that employees in the US have less than 10 ideas, every 10 years. Compared to the companies in Japan, where they have maybe 1000 new ideas each year.

    http://www.leanblog.org/podcast/audio-podcast/

    Another thing, that might serve to put this into a ‘social’ context, of how people work together and interact, was a recent scanadl in Ireland, where patient X-rays go un-looked at. The Irish Times – Friday, March 12, 2010 featured a story about hospitals in Ireland, ‘System ensures services go to those who shout loudest’. Anyhow, I don’t know how this relates back to privacy. But I know it involves something social, on some level. I hope to see the ‘ideas’ tag used a bit more often. Over and out. BOH.

  17. nick s

    Thanks for posting the crib, danah.

    Thinking back to what you’ve said, going back at least as far as ETech 2004, is it a fair argument that all the sociological research and advocacy is basically not going to change what actually gets built, particularly at engineer-driven places like Google? It might put out a few fires after the products launch or the default settings get changed, but I’m pessimistic that it will affect the design and testing process. Right now it’s more like parallel conversations: you can make your call to arms, and it will generate lots of discussion and good ideas, but it’s not going to penetrate workforces hired to grok data, not people.

    In short, I get the feeling that you’re going to spend a lot of your writing and speaking time on post-mortems and accident reports, each of which will push out the limits of acceptable practice with regard to user data a bit further. And I’m not sure if you’re going to enjoy that.

  18. Brian O' Hanlon

    Have you read this article Danah? I saw it linked on a project management blog site today. I suppose it is the idea of lower down ranks in an organisation, becoming more ‘public’ about themselves.

    http://www.nytimes.com/2010/01/17/business/17corner.html

    The answer is to allow employees to develop a name for themselves that is irrespective of their organizational ranking or where they sit in the org chart. And it actually is not a question about monetary incentives. They do it because recognition from their peers is, I think, an extremely strong motivating factor, and something that is broadly unused in modern management.

  19. Anonymous

    In light of the emergence of sites like http://www.dirtyphonebook.com that basically destroy privacy, including giving out phone numbers and personal information, are you willing to reconsider your stance against the “privacy is dead” meme?

  20. Raul Pacheco-Vega, PhD

    Hi danah,

    Thanks for this talk – if you *ever* come to Vancouver, do let me know! Would love to chat more. Also, glad you finally moved to WordPress! 🙂 I noticed a big change in the layout and design of your blog, much cleaner!

    Best wishes

  21. Kat

    What’s cool about this presentation is the fact that it is *still* important and relevant even two years later. Privacy issues are at a more critical stage than ever, and it’s great to read Danah’s words and compare things now to what they were in March of 2010. I’d love to see her do a similar talk in the near future, based on the privacy issues we have now as compared to then!

Comments are closed.