The Facebook Experiment: Some Collated Views

A few pieces in the Facebook Experiment. I’m still mulling my view. 

Paul Bernal: The Facebook Experiment: the ‘why’ questions…:

 Perhaps Facebook will look a little bad for a little while – but the potential financial benefit from the new stream of advertising revenue, the ability to squeeze more money from a market that looks increasingly saturated and competitive, outweighs that cost.

Based on the past record, they’re quite likely to be right. People will probably complain about this for a while, and then when the hoo-haa dies down, Facebook will still have over a billion users, and new ways to make money from them. Mark Zuckerberg doesn’t mind looking like the bad guy (again) for a little while. Why should he? The money will continue to flow – and whether it impacts upon the privacy and autonomy of the people on Facebook doesn’t matter to Facebook one way or another. It has ever been thus….

(Via Paul Bernal’s Blog)

A contrarian view from Rohan Samarajiva: Confused objections to Facebook emotional contagion research:

I am puzzled by the predominantly negative reaction to the manipulation of Facebook content, in the recent published research article in the mainstream media (MSM), though perhaps less in blogs and such.

It seems to me that MSM’s reaction is hypocritical. They manipulate their content all the time to evoke different emotional responses from their readers/viewers/listeners. The difference is that conducting research on resultant emotional changes on MSM is not as easy as on Facebook. For example, magazines have used different cover images, darkening or lightening faces and so. Their only indicator of success is whether version A sold more than version B. Not very nuanced.

(Via LIRNEasia)

And Ed Felten: Privacy Implications of Social Media Manipulation:

To be clear, I am not concluding that Facebook necessarily learned much of anything about the manipulability of any particular user. Based on what we know I would bet against the experiment having revealed that kind of information about any individual. My point is simpler: experiments that manipulate user experience impact users’ privacy, and that privacy impact needs to be taken into account in evaluating the ethics of such experiments and in determining when users should be informed.

(Via Freedom to Tinker)

And finally from Robin Wilton: Ethical Data Handling and Facebook’s “Emotional Contagion” Study:

Once, in a workshop, while discussing mechanisms for privacy preference expression, I said I would be happier for data subjects to have some means of expressing a preference than none. An older, wiser participant made the following wry remark: “That only brings a benefit if someone is prepared to give weight to their preference. If not… well, ten million times zero is still zero”. And that’s the weight Facebook appears to have given to the legitimate interests of its data subjects.

(Via Internet Society Blog Feed)

We’re Not in the Business of Understanding our User

Za-tray2

A few years ago I wrote about sometimes your product is useful to people in ways you didn’t know—and that you’d be smart to recognise that and capitalize on itn (What Your Product Does You Might Not Know About, 2007).

One of the examples I cited was ZoneAlarm, a very popular firewall that was bought by Check Point. The point I made with their product was how useful the Windows system tray icon was in that it doubled as a network activity monitor. The logo, in short, would switch to a twin gauge when there was traffic. Really useful: it wasn’t directly related to the actual function of the firewall, but for most people that’s academic. If the firewall’s up and running and traffic is showing through it, everything must be good.

The dual-purpose icon was a confidence-boosting measure, a symbol that the purpose of the product—to keep the network safe—was actually being fulfilled.

Not any more. A message on the ZoneAlarm User Community forum indicates that as of March this year the icon will not double as a network monitor. In response to questions from users a moderator wrote:

Its not going to be fixed in fact its going to be removed from up comming [sic] ZA version 10
So this will be a non issue going forward.
ZoneAlarm is not in the buiness [sic] of showing internet activity.
Forum Moderator

So there you have it. A spellchecker-challenged moderator tells it as it is. Zone Alarm is now just another firewall, with nothing to differentiate it and nothing to offer the user who’s not sure whether everything is good in Internet-land. Somebody who didn’t understand the product and the user saved a few bucks by cutting the one feature that made a difference to the user.

Check Point hasn’t covered itself in glory, it has to be said. I reckon one can directly connect the fall in interest in their product with the purchase by Check Point of Zone Labs in December 2003 (for $200 million). Here’s what a graph of search volume looks like for zonealarm since the time of the purchase. Impressive, eh?

image

Of course, this also has something to do with the introduction of Windows’ own firewall, which came out with XP SP2 in, er, 2004. So good timing for Zone Labs but not so great for Check Point.

Which is why they should have figured out that the one thing that separated Zone Alarm from other firewalls was the dual purpose icon. So yes, you are in the business of showing Internet activity. Or were.

(PS Another gripe: I tried the Pro version on trial and found that as soon as the trial was over, the firewall closed down. It didn’t revert to the free version; it just left my computer unprotected. “Your computer is unprotected,” it said. Thanks a bunch!)

Carrier IQ’s Opt-Out Data Collection Patent

ZDNet writes here about an Carrier IQ patent that outlines keylogging and ability to target individual devices . Which is interesting. But Carrier IQ owns a dozen patents, including this one, which to me is much more interesting. This patent indicates what Carrier IQ software could do—not what it does—but it is revealing nonetheless:

A communication device and a data server record and collect events and event-related data to create an activity record. A user of the communication device may request that events and related data be recorded and collected using a configuration option on the communication device or through an interaction with the data server. Data are grouped into data sets and uploaded to the data server either automatically or upon user approval. The data server uses the uploaded data to create an activity record which the user may access through a website. The user uploads additional data which are associated with the activity record. In some instances, the data server embeds a link pointing to the additional data in an entry in the activity record corresponding to an event associated with the additional data.

Basically this patent offers a way for a “user”—which could be either the user of the device or the service—to have a record of everything they do:

image

While most of the patent is clearly about a product that would create a ‘lifestream’ for the user—where they can access all the things they’ve done with the device, including photos etc, in one tidy presentation, there’s clearly more to it than that. Buried in the patent are indications that it could do all this without the user asking it to. It’s paragraph 0023 which I think is most interesting:

A user of a mobile device requests that events and event-related data be collected by a data server and data collection begins. Alternately, data collection may be a default setting which is turned off only when the device user requests that data collection not occur. In yet another embodiment, a request from a server can initiate, pause, or stop data collection. The mobile device is configured to record events performed by the mobile device as well as event-related data. Typical events that the mobile device records include making or receiving a phone call; sending or receiving a message, including text, audio, photograph, video, email and multimedia messages; recorded voice data, voice messages, taking a photograph; recording the device’s location; receiving and playing an FM or satellite radio broadcast; connecting to an 802.11 or Bluetooth access point; and using other device applications. The data most often related to an event include at least one of: the time, date and location of an event. However, other event-related data include a filename, a mobile device number (MDN) and a contact name. Commonly, the mobile device records events and provides a time, date and location stamp for each event. The events and event-related data can be recorded in sequence and can be stored on the mobile device.

This seems to suggest that

  • basically all activity on the phone can be logged
  • the software can be turned on by default
  • the software can be turned on and off from the server

All this information would be grouped together and uploaded either with the user’s permission or without it:

[0025] The mobile devices may be configured to store one or more data sets and upload the data sets to the data server. In one embodiment, the data sets are uploaded automatically without user intervention, while in other embodiments the mobile device presents a query to the user beforehand. When the mobile device is ready to upload one or more sessions to the data server, a pop-up screen or dialog may appear and present the user with various options. Three such options include (1) delete session, (2) defer and ask again and (3) upload now. The user interface may present the query every time a session is ready to upload, or the user may be permitted to select multiple sessions for deletion, a later reminder or upload all at once. In another embodiments, the uploading of sessions may occur automatically without user intervention. Uploads may also be configured to occur when the user is less likely to be using the device.

This point—about the option to collect such data without the user’s say-so—is confirmed in [0030]:

Although typically the device and the server do not record, upload and collect data unless the user requests it, in other embodiments the communication device and the server automatically record, upload and collect data until the user affirmatively requests otherwise.

And in [0046]:

In embodiments where participation in the data collection services is the default configuration for a mobile device (e.g., an “opt-out” model), it is not necessary to receive a request from a user prior to recording data.

An ‘opt-out’ model is hard to visualize if this is a product that is a user-centric lifestream.

While patents only tell part of the story, there’s no evidence of any such consumer-facing product on Carrier IQ’s website, so one has to assume these capabilities have been, or could be, wrapped into their carrier-centric services. In that sense, I think there’s plenty of interest in here.

Deconstructing Carrier IQ’s Press Release

I couldn’t find this press release on their website, and it’s a couple of weeks old, but I thought it worth deconstructing anyway. My comments in quotes. The rest is from the release. I don’t pretend to have got anything right here, but these might be the starting points for deeper questions.

Carrier IQ Says Measuring Mobile User Experience Does Matter! – MarketWatch:

MOUNTAIN VIEW, Calif., Nov 16, 2011 (BUSINESS WIRE) — Carrier IQ would like to clarify some recent press on how our product is used and the information that is gathered from smartphones and mobile devices.

Carrier IQ delivers Mobile Intelligence on the performance of mobile devices and networks to assist operators and device manufacturers in delivering high quality products and services to their customers. We do this by counting and measuring operational information in mobile devices — feature phones, smartphones and tablets.

operational information is a very vague term. And it’s clear from this comment that it’s not just smart phones that have the software installed. Feature phones and tablets also have it.

This information is used by our customers as a mission critical tool to improve the quality of the network, understand device issues and ultimately improve the user experience. Our software is embedded by device manufacturers along with other diagnostic tools and software prior to shipment.

It calls it a diagnostic tool, but most people’s understanding of a diagnostic tool is one that runs in diagnostic mode. This doesn’t. It runs all the time–even on WiFi and airplane mode. But this comment also hints that there are other tools and software installed by manufacturers too.

While we look at many aspects of a device’s performance, we are counting and summarizing performance, not recording keystrokes or providing tracking tools.

‘Recording’ keystrokes could be as it looks, or it could be weasel language, given the fact that keystrokes are definitely logged. Logging could be considered different to recording in this context.

The metrics and tools we derive are not designed to deliver such information, nor do we have any intention of developing such tools.

But they clearly do, so is that a bug? Is the word deliver here key, as in not designed to deliver such information to certain parties?

The information gathered by Carrier IQ is done so for the exclusive use of that customer, and Carrier IQ does not sell personal subscriber information to 3rd parties.

This doesn’t really help. Not only was it not really the issue that Carrier IQ was selling the data–it was assumed the carrier would be, if anyone was–and the term personal subscriber information is quite possibly a weasel term, as personal has tended to mean to include the actual subscriber’s name. But we know now that even anonymized data can be mined so it is quickly connected to a specific person.

The information derived from devices is encrypted and secured within our customer’s network or in our audited and customer-approved facilities.

I don’t know enough about this, but I’m guessing these are weasel words too. The key word is within. It seems pretty clear that most if not all of the Carrier IQ data is in plain text, so presumably the encryption and securing is only when that data reaches the customer’s network (i.e. this doesn’t include the external network, but the customer’s own computer network.) It also makes clear that the data, whether encrypted or not, also resides within Carrier IQ’s systems.

Our customers have stringent policies and obligations on data collection and retention. Each customer is different and our technology is customized to their exacting needs and legal requirements.

Except that at  no point was any customer, as far as we know, actually asked whether they approved this data being collected about them. In fact, we don’t even know who those customers are in order to be able to verify this.

Carrier IQ enables a measurable impact on improving the quality and experience of our customer’s mobile networks and devices. Our business model and technology aligns exclusively with this goal.

Don’t get me started on the word ‘experience.’ It covers a multitude of sins and can mean more or less anything. My experience of call dropouts? Yes, sure, fix that. My experience of what services I use, how many times I enter my password, whether I’m buying something in Starbucks or Coffee Bean, how many people are in my address book etc. No. Not what I want you to log.

I think there’s another element at play here. Clearly the device manufacturers have allowed this to happen since the software is installed at the point of manufacturer. A carrier can use the service because whatever device their customer uses, they can be pretty confident that the Carrier IQ software is embedded. So one has to ask what data are being shared between carrier, Carrier IQ and manufacturer? And how does this work?

SOURCE: Carrier IQ

AboutFacebook

This is a copy of my weekly Loose Wire Service column for newspapers, hence the lack of links.

By Jeremy Wagstaff

A few weeks ago I talked about Facebook’s brave new world of connecting your profile to all the other bits and pieces you leave on websites. I erred, and I apologize.

I thought that people wouldn’t mind the reduction in privacy that this would involve. At least I didn’t think they’d mind as much as a couple of years ago, when Facebook tried something similar.

But people did. And Facebook has been forced to respond, simplifying the procedures that allow users to control who can see what of the stuff they put on Facebook.

So was I really wrong? Do people still care so deeply about privacy?

Hard to say. Back then I said that we have gone through something of a revolution in our attitudes to privacy, and I think I’m still right about that. But I hadn’t taken into account that just because our attitudes have gone through wrenching changes doesn’t mean we’re comfortable with them.

Social networking—itself only a few years old—has forced us to shift our approach. When the Internet was just about email, that was pretty simple. We might balk at giving our email address out to weirdoes at parties with hair growing out of their ears, but that was no different than handing out our phone numbers, or home address.

But social networking is different. By definition the barriers are down, at least partially, because the network demands it. Networks require nodes, and that means that Facebook and every network like it needs to make it easy for people to find other people—including your folically resplendent stalker.

So already we’re talking a question of degree of privacy. And of course, we insist on these services being free, so the relationship we have with the purveyor of the social network is an odd one: Our investment in it is one of time, not money.

But nowadays many of us value time more highly than money, so we feel oddly possessive about our social networks. It’s not, I hasten to add, that we wouldn’t take our business elsewhere, as we did with MySpace and Friendster, but Facebook is somewhat different.

For one thing, the numbers are astonishing. Facebook has more than 400,000 active users—half of them logging on at least once a day. In other words, for many people Facebook has become email.

This has forced changes in privacy, because it’s impossible not to be private and be an active Facebook user. Unlike email, most Facebook activity is visible to other people. So I can, if I want (and I don’t, but can’t really help it), find photos of my nephew caressing a female friend, something I would have been horrified to allow my uncle to see when I was his age.

In part it’s a generational thing. We adults have no idea what it must be like to surrounded by cameras, transmission devices, mass media—an all-embracing Net–from our early years.

But does that mean that younger people are just more relaxed about privacy, or that they just haven’t learned its value? Much of us older folks’ understanding of privacy comes from having lived under snooping governments, or knowing they exist on the other side of iron or bamboo curtains. Or we read and could imagine 1984.

Or, simply, that we’ve had something private exposed to the public. I once had some love poems I had written at school to two sisters read out in front of the school when I foolishly left them behind on a desk. Since then I lock up all my love poems to people related to each other under lock and key.

Younger people, it’s thought, don’t care so much about this. They grow up in a world of SMS, of camera phones recording every incident, of having one’s popularity, or lack of it, measured publicly via the number of friends one has on Facebook.

This is all true, of course. And while employers may still be Googling potential employees, and looking askance at images of them frolicking, this is going to get harder to do when all their potential employees are on Facebook, and all sport photos of them frolicking.

This is part of a new world where the notion of privacy is balanced by transparency: Online is no longer a mirror image of offline, in the way email was just a more efficient postal service.  It’s now a place that one shares with lots of other people, and to play a role in it entails a certain visibility.

This is both the price and the reward of being online. There are bound to be things we’d rather keep to ourselves but we also recognize an advantage in such public access. Just as people can discover things about us, so can we discover things about them. A rising tide, as they say, lifts all boats. If you have an Internet connection.

In some ways this is deeply subversive, since it undermines the traditional structures of society. A teacher or speaker can be subverted by a back channel of comments among the class or audience to which he is not privy. Reality gets distorted, and traditional dominance undermined.

I was sitting in a hearing the other day where those being grilled by the legislators were maintaining a quite noisy twitter presence that stood in contrast to their respectful tone in the session. Two channels, both of them public, but both of them trains running on parallel tracks. Which of them is real?

Technology is moving ahead, and we’re catching up. But we’re catching up at different rates.

If an employer can’t make a distinction between an employee’s office persona and their, for want of a better expression, their personal persona, then they’re probably not very good employers.

Still, there are limits. The British man who joined a rampaging mob in Thailand and yelled at a passing citizen journalist hadn’t considered the consequences should that video clip end up on YouTube. Which it did and he now faces a lengthy time in jail.

Adolescents who share racy photos of themselves by cellphone are discovering the limits to transparency when those photos spread like wildfire. And one can’t help but suspect that not all school kids feel comfortable with the intensity of digital interactivity.

Which brings us back to Facebook.

Facebook is the thin end of a big wedge. We’ll probably look back and wonder what all the fuss was about, but that doesn’t mean we’re wrong in questioning Facebook’s actions or its motives.

But we’d be smarter if instead of putting Mark Zuckerburg in the stocks, we took stock of what we really want out of these services, and what we really want to share and what we don’t. I suspect that we simply haven’t done that yet, and so we lash out when such moves force us to confront the new reality: that definitions of privacy and openness have changed, are changing, very radically and very quickly.

The Gist of Things

(This is a copy of my Loose Wire Sevice column, produced for newspapers and other print publications. Hence the lack of links.)

By Jeremy Wagstaff

It’s interesting to see how we’ve changed in the past few years.

If you had predicted that we could follow someone’s activities by accessing a single page, right down to where they were, what restaurant they’d visited, where they’d been on holiday, what they were reading, what they were listening to, their employment history, what had made them laugh or cry, the reaction would probably have been somewhat negative.

Back then we had a different idea of privacy.

We basically saw privacy as a garden fence. Only neighbors could look in—unless they’ve got telescopes and twitching curtains. Our privacy wasn’t exactly a massive wall, but a shared understanding that there was a kind of wicker fence, or hedge, between us and the outside world.

Nowadays—maybe five years on—our views have changed. Well, they haven’t really changed, because I don’t think we really ponder it too much. Perhaps we’ve just tacitly accepted that the garden fence no longer exists.

This is probably because the benefits of accepting this outweigh the disadvantages.

Let’s look at the first bit again. If we befriend people on Facebook, we share with them tonnes of personal information, from our birthdays to our kids’ photos to our views and thoughts on the world, revealing either directly or indirectly all sorts of things about our lives.

Two friends died recently and Facebook was the vector for not only that information but for the grieving process of all their friends and relatives.

What was private or intimate is now public or semi-public.

LinkedIn blasts our CVs out there for everyone to see. What we once treated as confidential is now public—including our yearnings for another job. If you doubt me, scroll down to the bottom of a LinkedIn page and you’ll see how many people have opted to include the line “interested in career opportunities”. I’m surprised this doesn’t put more bosses’ noses out of joint.

Then there’s twitter: Every thing we feel, think, or get irked by is out there for everyone to see.

Music sites like Last.fm and Pandora share what you’re listening to, while Google Latitude and foursquare share your location.

You can get a sense of how all this fits together—and why, perhaps, it’s not such a bad thing—when you try out services like Gist. Gist assembles all the people in your address book and creates sort of virtual pages for them, populating each with whatever it can find on the Internet about them.

So, their LinkedIn page, their twitter feed, their MySpace page, their blog, any mentions of them in the media, are all collected together, alongside your email exchanges with them and other people involved in those email exchanges. Calendar entries, and email attachments, are all there easily found and reconciled.

The result is a somewhat disconcerting, but very useful, page which tells you everything you need to know about that person in order to remain in contact.

Indeed, that’s the purpose of Gist: to turn business networking into more of a science and less an art. You can see when you last communicated with them—and whether you should ping them to keep things bubbling.

Gist has even bought a service that flashes photos of your contacts at you to help you remember who they are.

From a privacy point of view, it’s unnerving to see your details so readily collated in someone else’s address book. And from a human point of view, it’s scary to see the personal reduced to a few algorithms and search spiders.

But it’s actually very useful, and turns our familiar tools of email and contact books into something more dynamic.

I don’t care so much about staying in touch with business contacts; I do, however, like to be able to see what my friends and colleagues have been talking about. And to be able to see all that on one page is a boon.

It bypasses both my address book and my email service. Gist finds pictures of the people I’m corresponding with before I’ve even met them. (Some surprises are in store: Not everyone is the gender you think they are.)

This, in short, is what has happened to our notions of privacy. What once would have been considered somewhat creepy stalking is now considered a valid means of staying on top of all the people and bits and pieces in your professional life.

No more garden fences. Now it’s more like a permanent open house cum garage sale, where anyone can poke around as much as they like.

And maybe offer you a job.

Art, the Internet and the Rise of Symbiosis

Great piece from the NYT on the decline of mystery and the rise of symbiosis for artists, who find there’s a living of sorts to be made by engaging with fans online and allowing the community that emerges to choose the direction their musical careers take — even to the point of how much to charge for their creations. But it leaves some doubts:

clipped from www.nytimes.com

“I vacillate so much on this,” Tad Kubler told me one evening in March. “I’m like, I want to keep some privacy, some sense of mystery. But I also want to have this intimacy with our fans. And I’m not sure you can have both.”

The Privacy Myth

If there’s one myth that endures in this age of online participation, blogs, shared photo albums and Web 2.0, it’s that we’ve overcome our concerns about privacy. It sounds on the surface, logical: We must have gotten over this weird paranoia, or else why would we share so much online? Why would we bother about privacy issues when there’s no real evidence that people, companies, governments and the NSA are out to get us? This, for example, from Web 2.0 blog TechCrunch guest contributor Steve Poland:

I’m sure there’s data to back me up on this, but today compared to 10 years ago — people are way more comfortable with the Internet and have less privacy concerns. Or at least the younger generations that have grown up with the Internet aren’t as concerned with privacy — and spew what’s on their mind to the entire world via the web.

I can’t speak for the younger generation, having been kicked out of it some years ago. But if we’re talking more generally about folk who have embraced the Net in the past 10 years, I’d have to say I don’t think it’s that we don’t care about privacy. We just don’t understand it. In that sense nothing has changed. I think what is happening is the same as before: People don’t really understand the privacy issues of what they’re doing, because the technology, and its liberating sensuality, are moving faster than we can assimilate to our culture. This is not new: Technology has always outpaced our intellectual grasp. If you don’t believe me think radio, TV, cars and cellphones. We were lousy at predicting the impact of any of these technologies on our environment. Lousy.

Usually, it’s because we just don’t stop to think about the privacy implications, or we don’t stop to ask deeper questions about the sacrifices we may be making when we buy something, give information to a stranger, register for something, accept something, invite someone in to our digital lives, install software, sign up for a service, or simply accept an email or click on a link. The speed of communication – click here! register here! — makes all this easier. But I don’t really blame the reader. Often it’s us journalists who are to blame for not digging enough.

Take, for example, a new service called reQall from QTech Inc in India. On the surface, it sounds like a great service: phone in a message to yourself and it will appear in your email inbox transcribed with 100% accuracy. Great if you’re on the road, on the john or at a party and don’t want to start jabbing away or scrawling the note on the back of your spouse’s neck.

Rafe Needham of Webware initially enthuses about it on his blog. But then he later finds out that

Update: I’m told that ReQall’s speech-to-text engine isn’t wholly automated. “We use a combination of automated speech recognition technology and human transcription,” a company co-founder told me. Which means there may be someone listening to your notes and to-do items. Yikes!

Yikes indeed. Who would record a message knowing that a stranger is going to be transcribing it, and a company storing it on their servers? To be fair to Rafe he’s not the only one not to initially notice this privacy angle. And at least he bothers to write it up. Dean Takahashi didn’t mention it in his (admittedly) brief Mercury News piece, for example. The company’s press release makes no mention of it either, saying only that

reQall is patent-pending software technology that uses a combination of voice interface and speech-recognition technology to record, log and retrieve your tasks, meetings and voice notes.

(The same press release appears on Forbes’ own website, which I always think looks a bit odd, as if there’s no real difference between a story and a press release. But that’s another rant for another day.) That, frankly, would leave me thinking there was no human interaction either.

But then again, there are clues here and if we (by which I mean us hacks) were doing our job we should probably follow them. Any Google search for reqall and privacy throws up an interesting trail. A CNN report on memory quoted Sunil Vemuri talking about reQall but says issues about privacy and keeping such records free from subpoena have yet to be worked out. When a blogger called Nikhil Pahwa quoted CNN on ContentSutra someone from QTech wrote in:

Please note that there is an inaccuracy in the post. QTech is not “currently working on sorting out issues related to privacy laws, and how to prevent these recordings from being subpoenaed.” Can you correct this?

The text was duly crossed out, so now it reads:

According to the report, they’re currently working on sorting out issues related to privacy laws, and how to prevent these recordings from being subpoenaed are still to be worked out.

So we’re none the wiser. Are there issues? Are QTech working on those issues? Or are there issues that other people are working on, not QTech? Their website sheds little light. There’s nothing about human transcription on any of the pages I could find, nor in the site search. Their privacy policy (like all privacy policies) doesn’t really reassure us, but neither does it explicitly scare our pants off. A brief jaunt through it (I’m not a lawyer, although I sometimes wish I was, and I think John Travolta in “A Civil Action” makes a good one) raises these yellow flags:

  • QTech can use your location, contact details etc to “send you information related to your account or other QTech Service offerings and other promotional offerings.” I.e. the company knows where you are, your phone number and home address and could spam you.
  • QTech may “include relevant advertising and related links based on Your location, Your call history and other information related to Your use of the Services.” I.e. The company could send you stuff based on what information you’ve given in your messages, and any other information you carelessly handed over during the course of using the service.
  • QTech can use the content of your audio messages (and your contact information) for, among other things, “providing our products and services to other users, including the display of customized content and advertising,  auditing, research and analysis in order to maintain, protect and improve our services … [and] developing new services.” I.e. the company can mine the contents of your messages and other stuff and spam other customers. Somehow this seems more scary than actually spamming you.
  • QTech will hold onto those messages “for as long as it is necessary to perform the Services, carry out marketing activities or comply with applicable legislation.” I.e. don’t think your messages are going to be deleted just because you don’t need them anymore.

Privacy documents are written by lawyers, so they’re about as weaselly as they can be. And QTech’s is no different. But there is some cause for concern here, and we journalists should at least try to explore some of these issues. I looked for any acknowledgement that there’s a human involved in the transcription, and some reassurance that the content of those messages is not going to be mined for advertising purposes, and that it would be possible for customers to insist their messages are deleted. I couldn’t find anything, although to their credit QTech do say they won’t “sell, rent or otherwise share Your Contact Information or Audio Communications with any third parties except in the limited circumstance of when we are compelled to do so by a valid, binding court order or subpoena”. But if QTech are doing their own advertising then does that really make any difference?

I’m seeking comment from QTech on this and will update the post when I hear it. And this isn’t really about QTech; it’s about us — citizens, readers, bloggers, journalists — thinking a little harder about our privacy before we throw it away for a great sounding service. Do you want, for example, your personal memos (“Calling from the pub. God I really need a holiday. I think I’m cracking up”) mined for advertising (“Hi! Can I interest you in Caribbean cruise? I hear you’re cracking up!” “Hi, need psychological counselling? I’m told you do” “Hi! Need Viagra? I hear from that last message you left you probably do”)?

An End to the Anonymity of Trash?

Britain is quietly introducing RFID (Radio Frequency Identity) tags to rubbish bins (trash cans) in a bid to measure the individual waste of each household and charge them accordingly. Some Britons are up in arms about this, saying that households have not been informed and calling it an abuse of privacy. Is it?

The UK’s Daily Mail reports that some bins, provided by local councils for households to dispose of their trash, contain coin-sized devices that monitor how much non-recyclable waste the owner throws out:

With the bugging technology, the electronic chips are carefully hidden under the moulded front ’lip’ of wheelie bins used by householders for non-recyclable waste. As the bin is raised by the mechanical hoister at the back of the truck, the chip passes across an antenna fitted to the lifting mechanism. That enables the antenna to ’read’ a serial number assigned to each property in the street.

A computer inside the truck weighs the bin as it is raised, subtracts the weight of the bin itself and records the weight of the contents on an electronic data card.

When the truck returns to the depot, all the information collected on the round is transmitted to a hand-held device and downloaded on to the council’s centralised computer. Each household can be billed for the amount of waste collected – even though they have already paid for the services through their council tax.

According to The Mail two German companies manufacture the bins and sensors, Sulo and RFID specialist Deister Electronic.

As with all such things, the story reflects local fears, obsessions and behaviour. First off, drinking: The Mail quotes a local council chairman saying he believed the chips “were simply to ensure bins could be returned to the right addresses if they got mixed up or drunks rolled them off”. Second, avoiding paying: The opposition Conservative party warns that “people will simply start dumping bags in their neighbours’ gardens or at the end of the street to avoid paying”. And then there’s the whole castle thing: a council spokesman in Wiltshire says the chips were “to sort out disputes between householders about whose wheelie bin is whose. If there are any arguments we can just send out an officer to scan the chip and settle the argument.” Oh, and then there’s the whole WWII hang-up: The headline at The Evening Standard’s This is London website is “Germans plant bugs in our wheelie bins”.

Is this something to be worried about? Well, the government, and local councils, haven’t been very smart about installing these tags before explaining their use to the public. But that’s not unusual: A council in Australia did the same thing a few weeks back. What I think is most interesting about this is that coverage of the subject in both countries lacks depth, pandering to the fears of its readers (The Mail may not know better, but The Press Association and The Independent should.) Even basic research would show that this sort of thing is not new, is widely used elsewhere, and has a name: Pay-by-weight.

It seems the same technology is already in use in Ireland and has, according to the company involved, reduced the amount of trash put out for collection by 40%. (There may have been some privacy uproar, but I can’t find any obvious evidence of any.) In Canada the program has been in place since 1994, and as of 1999 more than 1.5 million transponders have been deployed throughout the world, including the U.S., although there have been problems with the technology (this being RFID an’ all.)

That said, just because it’s being used elsewhere doesn’t necessarily make it a good thing. Trash is as much a privacy issue as anything linked to personal property, and the angry response to the news is related to an individual’s desire to keep what they throw out a secret (however illogical this is, given you’re putting it in an unlocked plastic bin in the street for hours, if not days, before it’s picked up.) Further research into what these RFID chips are capable of isn’t particularly reassuring: The SULO device for example (PDF file), can measure exact weight, when the bin is emptied, can report any damage to the bin, and, if linked to other equipment, could also locate where the bin was emptied. Nothing too sinister about this, but it increases the possibility, at least in theory, that an individual’s trash is no longer as anonymous as it was.

Bottom line? I don’t think this is likely, and given the technology has been in active service for more than a decade. But who knows where the technology may go? This is more a story about how RFID — although it’s not really identified in the story as such — scares people when they hear about it because instinctively they recognise its power. No one would disagree with the goal — reducing the amount of non-recyclable waste — but, as with all technologies, Pay by weight has to be handled carefully, its usage and goals explained, and clear and transparent limits to its usage imposed.

Keep a Blog, Get Fired

Here’s an interesting statistic, in the light of Scoble’s departure from Microsoft (no direct connection, I promise, but it does raise issues about whether corporates really like blogging): 7.1% of companies have fired an employee for violating blog or message board policies.

According to email security company Proofpoint, whose survey you can download from here, decision-makers at large U.S. companies show growing concern over sensitive information leaving the enterprise through electronic channels such as email, blog pages and message boards: “In fact, 55.4% of these large companies (with 20,000 or more employees) have expressed their uneasiness that regulations guarding the firm’s privacy will be violated by members of the “e-communication” community.  In an effort to reduce risk of exposure, 44% of larger companies employ staff to monitor outbound email, and nearly 1 in 5 companies (17.3%) has disciplined an employee for disobeying blog or message board policies.”

Proofpoint’s survey suggests they may be right: “more than a third (34.7%) of companies report their business was affected by the disclosure of sensitive material in the past year. Furthermore, more than 1 in 3 investigated a suspected email leak of confidential or proprietary information and 36.4% investigated a suspected violation of privacy or data protection regulations in the past year.” While a lot of this is email, “companies fear that financial data, healthcare information, or other private materials may be posted in blogs, sent through instant messaging, or transmitted by other means.”

Some other titbits:

  • Nearly 1 in 3 companies (31.6%) has terminated an employee for violating email policies in the past 12 months. More than half (52.4%) of companies have disciplined an employee for violating email policies in the past year.
  • More than 1 in 5 (21.1%) companies were hit by improper exposure or theft of customer information (whatever that means), while 15% were impacted by improper exposure or theft of intellectual property. (I think this means customer information or other sensitive data were stolen.)
  • Companies estimate that more than 1 in 5 outgoing emails (22.8%) contains content that poses a legal, financial or regulatory risk. The most common form of non-compliant content is messages that contain confidential or proprietary business information.
  • Here’s a funky one: 38% of companies with 1,000 or more employees hire staff to read or analyze outbound email. 44% of larger companies (those with more than 20,000 employees) employ staff for this purpose. I bet you didn’t know your company was hiring people to read your outgoing email.
  • Nearly 1 in 5 companies (17.3%) has disciplined an employee for violating blog or message board policies in the last year. 7.1% of companies fired an employee for such infractions. Ouch. 10% of public companies investigated the exposure of material financial information via a blog or message board posting in the past year.

Of course, Proofpoint have a point to prove (thank you) here, but probably this information is sound. There’s definitely a sense out there that blogging is something that needs to be controlled, for better or for worse. Of course, the bigger point is that information is no longer something that can be kept within organisations. Once it became digital, and once employees could move that digital data out of the company easily (remember when company email was not Internet-based, and there was no gateway out of the company email system? I do) then the walls were already tumbling down. The question now for companies is: do we try to ring-fence as much as we can, or do we put more trust and faith in the hands of employees so they don’t feel the urge to vent outside the company gates?