I saw my first pair of Google Glass at the IAPP’s Privacy Summit a few weeks back. I can’t say for certain but I’ve got a feeling that the wearer was not only loving the utility his pair of Glass provided but also the circumspect looks shot his way by hundreds of privacy professionals. This got me thinking about how societal privacy issues are born – not just with Google Glass but with any technology.
As Glass debuted, people have been raising multiple privacy concerns including the concern that Glass could send images of people’s faces back to the Googleplex for post-processing such as facial recognition. This concern is rooted in the asymmetric relationship between the people in the line of sight of the Glass wearer, with whom they may not have a relationship, and Google who could collect their image and use it for whatever purpose it sees fit. The random stranger might not have a relationship with the Glass wearer and she most certainly does not have a relationship with Google (or whoever makes the next Glass-like widget) in this context. The concern, I believe, is not just of asymmetric relationships and power imbalances but also one of post-processing.
Certainly Google isn’t the first organization to gather data for post-processing. From a privacy perspective, news agencies deploy photographers to gather images of people for their form of post-processing – publishing newspapers. Data brokers have gathered both publically and privately available data for post-processing – selling information about one party to another. Our governments gather huge amounts of public and private data, including CCTV images, for their flavor of post-processing as well.
The desire on the part of innovating enterprises is to continue to find ways to post-process information. In fact, this isn’t a desire but a business imperative. And this leaves me with nagging questions:
- How does one opt-out of asymmetric relationships and situations of post-processing?
- Do I have to wear a burqa to keep my face from being swept up by the latest gadget only to be post-processed by a company with whom I have no relationship?
- How do I design privacy-respecting products and services when the end-user isn’t the only party whose privacy I have to be concerned with?
One fictional approach to these problems is found in the devilishly confusing “The Quantum Thief” by Hannu Rajaniemi. In essence, a people living on Mars create a system by which all sensory data is encrypted, before it can be post-processed by the brain. Through different interactions people can grant keys to other people to decrypt this sensory data. You might be aware of a blob walking towards you on the street, but unless I grant you a key, you won’t see my face. You won’t remember our conversation if I don’t grant you another key. And so on.
Ok Earthlings, what’s going to be our approach? Stopping organizations from concocting more and more ways to post-processing information is an impossibility. How then shall we shape our cultural norms? How will our behavior change? How can we smooth out asymmetric relationships and power imbalances?