2010 07 07

From TheCommandLineWiki
Jump to: navigation, search

Contents

Feature Cast for 2010-07-07

(00:17) Intro

(02:12) Listener Feedback

(15:32) Hacker Word of the Week: filter

(16:09) Will we ever have controls up to the task of complex privacy?

  • What do I mean when I say complex privacy controls?
    • Simple is the choice between entirely public,
      • Sharing with no one at all,
      • And maybe the choice to share with first degree connections
    • Such scenarios fit our earliest uses of any social network
      • In particular when new media matched our expectations of old media
    • Telephone calls are essentially as private as instant messages
    • Emails could be thought of as falling under simple privacy
      • But the ease of a recipient forwarding starts to change the equation
    • The way email and newer media start to break simple privacy
      • Points at what I mean when I talk about complex privacy
      • And foreshadows my line of reasoning from it
    • Complex privacy encompasses all of the degrees of connection
      • Between zero and one on one end
      • And infinite on the other end
    • This model offers a great deal more possibilities
      • Than simple privacy alone
    • The promise is that we can craft social spaces of arbitrary sizes
      • Based on some selectable depth of how far our connections go
    • Think about how you converse in a public space
      • You may engage in talking about a private subject
      • If you have a strong sense of anonymity, that no one around you knows you
    • The less you are concerned about a subject
      • Even though it may still be discrete
      • The less likely you are to spend time looking for anyone you know
    • Some public spaces are starting to break these assumptions
      • Crowds at media events are more likely to include someone recording
    • But there are still plenty of crowd situations
      • Where these nuanced expectations hold true
    • There are probably many more examples
      • Where we have expectations of privacy
      • Embedded in non-private, non-secret spaces
    • Each example needs careful consideration for how it can inform complex privacy controls
    • We just don't have enough experience with online social spaces
      • And their counter intuitions brought about by technology
      • That is largely frictionless and has an effectively permanent memory
  • What got me thinking about this question was danah boyd
    • In her rants in the wake of Facebook's recent privacy embroglio
    • Her studies revealed that there was a considerable gap
      • Between the expected reach enabled by allowing friends of friends to share
      • And the way a computer actually hashed out and flattened that into a long list
    • I've been trying to think through why that is
    • People have to have some sense that FoaF multiplies the list in unexpected ways
    • Maybe they don't think actively about anyone
      • But the friends they consciously connect with
      • And maybe they friends in common, as signal for social overlap
    • Friends in common of course doesn't paint a complete picture
    • It isn't easy to see how the non-overlapping friends
      • Add to our entire social graph
    • You get a simple number, maybe a small, random sample
      • Or you can dig a little deeper and get set of pages of a friend's friends
    • Undoubtedly there are third party applications to help visualize your network
      • Out to two degrees, maybe even further
    • Such applications I'm sure are taking more as a curiosity
    • Maybe people just thinking of them like badges
    • You can put a static image or a scripted one that changes as your network grows
      • More as a signal of your growing popularity
    • A more graphic way of displaying to how many people you are connected
      • Or even potentially how far your reach is
    • If people had an intuitive sense for how this picture affected the privacy of their info
      • Then there wouldn't be this puzzling surprise about setting access to FoaF
  • BREAK
  • To my original question, I suspect the answer is no
    • Some privacy experts think expecting complex privacy controls is unrealistic
      • http://www.theregister.co.uk/2010/06/18/facebook_hoofnagle_podcast/
      • In this Register article, they quote Hoofnagle
        • Director of the Berkeley Center for Law and Technology's information privacy programs
        • And senior fellow to the Samuelson Law, Technology & Public Policy Clinic.
      • He thinks opt-in for everything is impractical
        • And that it simply runs counter to, in this case, Facebook's business interests
      • His solution is data should be retained for a limited amount of time
      • I don't think that is any more practical because of the value of that data
      • I am deeply skeptical any schemes for vaguing up or forgetting data are practical
      • They don't address the problem of data spreading wider than we intended
        • Not through our direct relationship with 3rd parties
        • But through our medium and long range social connections
    • I've been reading Clay Shirky's "Here Comes Everybody
    • It is an excellent book for explaining how new social tools
      • Are responsible for changing our behaviors and their outcomes
    • It was part of what got me thinking again about my questions around complex privacy
    • The book explains a concept that I hadn't encountered before
      • One that really makes sense of how information moves through social networks
      • And how those networks themselves structurally hang together
    • Shirky describes the nature of a small world network
    • What small networks lead to is that any person in a much larger graph
      • Is unlikely to be directly connected to anyone else
      • But they are connected within only one or two hops
    • The name actually comes from the real world phenomenon
      • That two strangers seem to have a better than random change
      • Of having a friend or short chain of friends in common
    • Shirky goes on to explain how this structure allows social networks to scale
    • If everyone was directly connected to everyone, the connections would grow too fast
    • Connections grow at a geometric rate
      • Each new person needs a connection to every other person in the network
    • Messages and information wouldn't have far to go
      • But managing the flood of many-to-many connections would be impossible
    • In a small world network
      • There is a limit on the number of connections per person
      • People are connected in many small groups
      • Rather than to everyone else
    • So how do these networks actually work to span a large number of people?
    • Each group has at least one member connected with one or more other groups
    • If all of the small groups are knit together with sparse connections
      • Then a message can travel between any two people
      • In a small number of hops
      • But the connections per each person remain much more manageable
  • The hyper connected people in social networks make complex privacy so hard
    • There are a minority of people that have a much higher connection density
    • These are bridging people that help cohere small world networks
    • Without some number of members with a way above average number of links
      • Then the distance information would have to travel
      • Is too great for a network to be very useful
    • Social spaces like Facebook and Twitter rely on the hyper connected
    • They encourage them to come into existence
      • And try to help regular users connect to them and through them
    • The problem comes in with the friends-of-a-friend setting
    • If you have a manageable number of friends
      • And each of your friends in turn has a similar set
      • Then the multiplication out is pretty intuitive
      • Especially since there is likely to be some overlap in all these smaller sets
    • The odds in a useful social setting
      • That you have one or more hyperconnected friends is high
    • When you multiply our your 2nd degree links with even one hyper connected friend
      • That's when the surprises kick in
    • By definition that kind of acquaintance is not likely to overlap with your other friends
      • Or even friends of friends
      • And the number of 2nd degree links through them may dwarf all the rest
    • In this case, it is hard to have an intuitive sense
      • Of have information, or privacy rules, commute from you
      • Through all your friends, including the hyperconnected
      • Into the result mass of recipients for any data or messages you post
    • The hyper connected stitch large social networks together
      • Without putting too much of a burden on each person
      • But ultimately do anyway in situations where info can travel 2 or more degrees from a source**
  • BREAK
  • We cannot avoid nuanced privacy situations
    • For better or worse, this is our new social fabric
    • The networks and services we use rely on small networks
      • And hyper connections within them to scale practically
    • I think we've also become accustomed to some of the surprises this invites
    • I know my own network is laced with totally serendipitous connections
      • That only were made possible by this structure
    • I imagine a lot of folks enjoy the pleasant surprises that arise
    • My point isn't to say that small networks with densely connected people
      • Are in and of themselves a problem
      • Quite the contrary
    • Unfortunately, they don't map well to how we used to craft semi-private spaces
    • Our expectations were forged in networks where the connections
      • Could be identified and walked through in your head
    • It simply isn't clear to me how we deal with how these lumpy networks
      • Defy our ability to suss out who can see what we are saying, sharing
    • I don't think You cannot selectively carve out the hyper connected
    • Doing so would drastically impoverish your network
      • And would be a constant drag on your decision to post or share something
    • Treating these networks as if they were entirely public isn't acceptable either
    • We are social animals and have needs satisfied by different kinds of sharing
  • Some hints of pieces we'll need started to occur to me
    • While complex graphs aren't easy for most people to imagine
      • There is some sound math and algorithms for working through these
    • Many recommendation engines use these sorts of structures
      • Like Amazon's recommendations of what you've bought
      • Triggering other items commonly bought at the same time
      • Or recommendations exposed from people that you know
    • What if we could calculate a measure of the density of connections
      • When info is flowing from you out to 2nd degree connections
    • Let's call that a social gauge, just a metric for the difference
      • Between the easy connections you can think through
      • And when someone in your network is him or herself connected to way more than average
    • It should be possible to come up with some standard ways
      • That are relative to each persons unique social foot print
      • To figure out when that gauge buries the needle
    • If we went about calculating and measuring, we could at least
      • Show a social map that picks up where our pre-internet intuition starts to fail
    • It isn't clear to me how we could weld that into either a static control
      • Like allowing private data to be seen by friends, friends of friends or everyone
      • Or how we could bolt that onto messaging to carve out or target the hyper connected
      • Based on the content and context of a message
    • Merely knowing where the really steep slopes or pits are may help
      • But I don't think it is enough, at least without impoverishing our new, rich social spaces
    • Maybe if we used something like ad hoc tagging
      • Where we could craft a policy for more personal tags to avoid tricky social gauges
      • And less fraught tags could be routed to to 1st and 2nd degree targets without hindrance
    • I wonder if this is a space where intelligent agents could help
      • Although maybe that is functionally the same as simple policies
  • BREAK
  • What do we do if we cannot craft understandable controls?
    • We're not going to stop being social creatures
    • I don't think we'll be entirely satisfied with simple privacy
      • It is just too much of an all or nothing proposition
    • I doubt that any established player in the social tools space
      • Will experiment with complex privacy, truly
    • Facebook has willing trod into it with their friends of friends setting
      • But they have too much invested in how things fail right now
      • Leading to their users sharing more information, messages than they believe that they are
    • There are a lot of experiments taking place right now
    • Many of them are open source projects which gives me hope
    • It is far easier to take big risks with an open source project
      • Risks that may lead to it failing
    • Failure for an open source project is an opportunity for others to learn
    • Through lucky, random success or by a series of instructive failures
      • Someone needs to figure out how to support the wickedly complex nuances
      • Of the new social fabric that a post network world enables
      • Or we will continue to feel frustrations in just trying to express our social instincts

(30:55) Outro

Personal tools