It seems to me that what he thought he was referring to was cases like a subpoena for child pornography. The cases when google is obliged to divulge personal information are reserved for cases in which someone is seriously believed to be evil.
When people read his quote I think tend to think of embarrassing things they themselves have searched for, but no one is going to subpoena (or even care) about your search for "nurse + handcuffs".
When I use google I know that there is some probability of the results getting hacked or leaked or subpoenaed or looked at by a google employee trying to improve search. However the expected value of that embarrassment (probability of someone I actually care about seeing it X how embarrassed I would be) is very low, and, for me, doesn't even come close to outweighing the benefit provided by the suite of google products.
On the otherhand (and I think this is Erik's point) if you are using google to do something that would legitimately land you in jail the expected value of bad-stuff is much higher. (Actually both the probability of getting subpoenaed and the level of bad go up).
I feel that there is this idea that everything you do everywhere on the internet can and should be totally private and that any chance that it isn't is seen as removing a fundamental right. In my opinion the internet is more like a trail out in the middle of the wilderness: usually no one sees what you do and its probably ok to have sex with your girlfriend without anyone knowing, but if you start burying bodies out there the FBI can and will use that against you.
When people read his quote I think tend to think of embarrassing things they themselves have searched for, but no one is going to subpoena (or even care) about your search for "nurse + handcuffs".
How about in a divorce trial, when character is at issue, and you are fighting for child custody rights?
More generally, the argument of as long as you aren't doing anything wrong, why should you be worried has been debunked, I think rather convincingly in places like http://news.ycombinator.com/item?id=984088 hopefully the discussion can continue.
I worked for a company that routinely provided user-uploaded child porn to the FBI along with user details. The EULA gave us the right to do this although I'm not sure how explicitly this was stated. I'm ok with this, but it's a slippery slope downward.
Thats interesting. How do you avoid the liability of possessing child pornography? Invariablly, someone needs to see it before it can be passed on, and it has to be stored somewhere + communicated. Is there protections in your local laws?
The problem is more fundamental. The more of your life you conduct through the centralized conduit of your internet connection, the more power someone who controls that conduit has over you.
Cases like child pornography are the wedge justifications for putting into place controlling mechanisms, and cheered on by lots of well-meaning people. But once the controlling mechanisms are there they can be used and abused for political and commercial gain by police both public and secret.
The inherent non-visible, automatable and centralizable nature of such controls makes them more powerful than any real-world analogue. No large conspiracies, long chains of command or big bribes for armies of cronies are needed for historically unprecedented manipulation of the futures, careers and freedoms of people and companies. I don't think one can trust the law to catch up or to be effective in restraining those with the power. The bogeymen of terrorism and child molestation are more than effective enough to frighten the councils of old men who largely control court decisions.
IMO, decentralization and transport encryption, to the point that real-time centralization of control is infeasible, ought to be baked into the design of such a vital infrastructure. The privacy problems are going to get worse. We're still waiting for the big scandal, the hidden nuke test that went wrong, which will make this need obvious to the public at large. If we're unlucky, we might never see that scandal.
Maybe no one in the western world cares about your search for nurse+handcuffs, but what about in China? Iran? How do they comply with the laws in those countries?
So to put that scenario in the same context as the original quotation, one just needs to imagine the surprise party being ruined because the secret was handed over to the authorities under the U.S. Patriot Act.
It seems to me that what he thought he was referring to was cases like a subpoena for child pornography. The cases when google is obliged to divulge personal information are reserved for cases in which someone is seriously believed to be evil. When people read his quote I think tend to think of embarrassing things they themselves have searched for, but no one is going to subpoena (or even care) about your search for "nurse + handcuffs".
When I use google I know that there is some probability of the results getting hacked or leaked or subpoenaed or looked at by a google employee trying to improve search. However the expected value of that embarrassment (probability of someone I actually care about seeing it X how embarrassed I would be) is very low, and, for me, doesn't even come close to outweighing the benefit provided by the suite of google products. On the otherhand (and I think this is Erik's point) if you are using google to do something that would legitimately land you in jail the expected value of bad-stuff is much higher. (Actually both the probability of getting subpoenaed and the level of bad go up).
I feel that there is this idea that everything you do everywhere on the internet can and should be totally private and that any chance that it isn't is seen as removing a fundamental right. In my opinion the internet is more like a trail out in the middle of the wilderness: usually no one sees what you do and its probably ok to have sex with your girlfriend without anyone knowing, but if you start burying bodies out there the FBI can and will use that against you.
When people read his quote I think tend to think of embarrassing things they themselves have searched for, but no one is going to subpoena (or even care) about your search for "nurse + handcuffs".
How about in a divorce trial, when character is at issue, and you are fighting for child custody rights?
More generally, the argument of as long as you aren't doing anything wrong, why should you be worried has been debunked, I think rather convincingly in places like http://news.ycombinator.com/item?id=984088 hopefully the discussion can continue.
I worked for a company that routinely provided user-uploaded child porn to the FBI along with user details. The EULA gave us the right to do this although I'm not sure how explicitly this was stated. I'm ok with this, but it's a slippery slope downward.
Thats interesting. How do you avoid the liability of possessing child pornography? Invariablly, someone needs to see it before it can be passed on, and it has to be stored somewhere + communicated. Is there protections in your local laws?
2 replies →
The problem is more fundamental. The more of your life you conduct through the centralized conduit of your internet connection, the more power someone who controls that conduit has over you.
Cases like child pornography are the wedge justifications for putting into place controlling mechanisms, and cheered on by lots of well-meaning people. But once the controlling mechanisms are there they can be used and abused for political and commercial gain by police both public and secret.
The inherent non-visible, automatable and centralizable nature of such controls makes them more powerful than any real-world analogue. No large conspiracies, long chains of command or big bribes for armies of cronies are needed for historically unprecedented manipulation of the futures, careers and freedoms of people and companies. I don't think one can trust the law to catch up or to be effective in restraining those with the power. The bogeymen of terrorism and child molestation are more than effective enough to frighten the councils of old men who largely control court decisions.
IMO, decentralization and transport encryption, to the point that real-time centralization of control is infeasible, ought to be baked into the design of such a vital infrastructure. The privacy problems are going to get worse. We're still waiting for the big scandal, the hidden nuke test that went wrong, which will make this need obvious to the public at large. If we're unlucky, we might never see that scandal.
Maybe no one in the western world cares about your search for nurse+handcuffs, but what about in China? Iran? How do they comply with the laws in those countries?
Hiding some behavior is not an acknowledgment that the behavior is wrong, just that there may be someone out there who thinks it is.
What, have you never planned a surprise party? People need privacy not only for nefarious ends.
So to put that scenario in the same context as the original quotation, one just needs to imagine the surprise party being ruined because the secret was handed over to the authorities under the U.S. Patriot Act.
2 replies →