loose wire blog

If there's one myth that endures in this age of online participation, blogs, shared photo albums and Web 2.0, it's that we've overcome our concerns about privacy. It sounds on the surface, logical: We must have gotten over this weird paranoia, or else why would we share so much online? Why would we bother about privacy issues when there's no real evidence that people, companies, governments and the NSA are out to get us? This, for example, from Web 2.0 blog TechCrunch guest contributor Steve Poland:

I’m sure there’s data to back me up on this, but today compared to 10 years ago — people are way more comfortable with the Internet and have less privacy concerns. Or at least the younger generations that have grown up with the Internet aren’t as concerned with privacy — and spew what’s on their mind to the entire world via the web.

I can't speak for the younger generation, having been kicked out of it some years ago. But if we're talking more generally about folk who have embraced the Net in the past 10 years, I'd have to say I don't think it's that we don't care about privacy. We just don't understand it. In that sense nothing has changed. I think what is happening is the same as before: People don't really understand the privacy issues of what they're doing, because the technology, and its liberating sensuality, are moving faster than we can assimilate to our culture. This is not new: Technology has always outpaced our intellectual grasp. If you don't believe me think radio, TV, cars and cellphones. We were lousy at predicting the impact of any of these technologies on our environment. Lousy.

Usually, it's because we just don't stop to think about the privacy implications, or we don't stop to ask deeper questions about the sacrifices we may be making when we buy something, give information to a stranger, register for something, accept something, invite someone in to our digital lives, install software, sign up for a service, or simply accept an email or click on a link. The speed of communication - click here! register here! -- makes all this easier. But I don't really blame the reader. Often it's us journalists who are to blame for not digging enough.

Take, for example, a new service called reQall from QTech Inc in India. On the surface, it sounds like a great service: phone in a message to yourself and it will appear in your email inbox transcribed with 100% accuracy. Great if you're on the road, on the john or at a party and don't want to start jabbing away or scrawling the note on the back of your spouse's neck.

Rafe Needham of Webware initially enthuses about it on his blog. But then he later finds out that

Update: I'm told that ReQall's speech-to-text engine isn't wholly automated. "We use a combination of automated speech recognition technology and human transcription," a company co-founder told me. Which means there may be someone listening to your notes and to-do items. Yikes!

Yikes indeed. Who would record a message knowing that a stranger is going to be transcribing it, and a company storing it on their servers? To be fair to Rafe he's not the only one not to initially notice this privacy angle. And at least he bothers to write it up. Dean Takahashi didn't mention it in his (admittedly) brief Mercury News piece, for example. The company's press release makes no mention of it either, saying only that

reQall is patent-pending software technology that uses a combination of voice interface and speech-recognition technology to record, log and retrieve your tasks, meetings and voice notes.

(The same press release appears on Forbes' own website, which I always think looks a bit odd, as if there's no real difference between a story and a press release. But that's another rant for another day.) That, frankly, would leave me thinking there was no human interaction either.

But then again, there are clues here and if we (by which I mean us hacks) were doing our job we should probably follow them. Any Google search for reqall and privacy throws up an interesting trail. A CNN report on memory quoted Sunil Vemuri talking about reQall but says issues about privacy and keeping such records free from subpoena have yet to be worked out. When a blogger called Nikhil Pahwa quoted CNN on ContentSutra someone from QTech wrote in:

Please note that there is an inaccuracy in the post. QTech is not “currently working on sorting out issues related to privacy laws, and how to prevent these recordings from being subpoenaed.” Can you correct this?

The text was duly crossed out, so now it reads:

According to the report, they’re currently working on sorting out issues related to privacy laws, and how to prevent these recordings from being subpoenaed are still to be worked out.

So we're none the wiser. Are there issues? Are QTech working on those issues? Or are there issues that other people are working on, not QTech? Their website sheds little light. There's nothing about human transcription on any of the pages I could find, nor in the site search. Their privacy policy (like all privacy policies) doesn't really reassure us, but neither does it explicitly scare our pants off. A brief jaunt through it (I'm not a lawyer, although I sometimes wish I was, and I think John Travolta in "A Civil Action" makes a good one) raises these yellow flags:

• QTech can use your location, contact details etc to "send you information related to your account or other QTech Service offerings and other promotional offerings." I.e. the company knows where you are, your phone number and home address and could spam you.
• QTech may "include relevant advertising and related links based on Your location, Your call history and other information related to Your use of the Services." I.e. The company could send you stuff based on what information you've given in your messages, and any other information you carelessly handed over during the course of using the service.
• QTech can use the content of your audio messages (and your contact information) for, among other things, "providing our products and services to other users, including the display of customized content and advertising,  auditing, research and analysis in order to maintain, protect and improve our services ... [and] developing new services." I.e. the company can mine the contents of your messages and other stuff and spam other customers. Somehow this seems more scary than actually spamming you.
• QTech will hold onto those messages "for as long as it is necessary to perform the Services, carry out marketing activities or comply with applicable legislation." I.e. don't think your messages are going to be deleted just because you don't need them anymore.

Privacy documents are written by lawyers, so they're about as weaselly as they can be. And QTech's is no different. But there is some cause for concern here, and we journalists should at least try to explore some of these issues. I looked for any acknowledgement that there's a human involved in the transcription, and some reassurance that the content of those messages is not going to be mined for advertising purposes, and that it would be possible for customers to insist their messages are deleted. I couldn't find anything, although to their credit QTech do say they won't "sell, rent or otherwise share Your Contact Information or Audio Communications with any third parties except in the limited circumstance of when we are compelled to do so by a valid, binding court order or subpoena". But if QTech are doing their own advertising then does that really make any difference?

I'm seeking comment from QTech on this and will update the post when I hear it. And this isn't really about QTech; it's about us -- citizens, readers, bloggers, journalists -- thinking a little harder about our privacy before we throw it away for a great sounding service. Do you want, for example, your personal memos ("Calling from the pub. God I really need a holiday. I think I'm cracking up") mined for advertising ("Hi! Can I interest you in Caribbean cruise? I hear you're cracking up!" "Hi, need psychological counselling? I'm told you do" "Hi! Need Viagra? I hear from that last message you left you probably do")?