If you’re not listening from the CBC‘s Search Engine podcast, shame on you. It’s a kick ass show that looks at technology and culture, globally, but with an emphasis on Canada and the United States.

Episode 25, “CCTVs, biometrics, and self-destructing data,” is particularly good. It’s an interview with Canada’s information and privacy commissioner, Ann Cavoukian about online privacy and using a combination of technology, law, and ethics to protect citizen and customer data.

What stood out for me was this point made by Cavoukian (at about the 6:30 mark):

Your ability to control the information you have shared with others and their subsequent control of that — that’s when everything falls apart. You may be able to restrict the information to five people. But what you can’t do is — you have no ability to control what they do with your information. And that’s when things get weakened in terms of the weakest link of the chain, in terms of security.

I have run into this a few times with my Twitter friends. I have a private feed, largely to keep it from being Googled. I understand that “private” online is not really private — and despite my propensity to overshare, there are some things I just won’t tweet. Yet I am still uncomfortable when items in my feed are retweeted, or captured in a screen shot and reposted. My feed is protected, dang it! If I wanted my content to be Googled or re-contextualized, I would have blogged it or published to my public stream.

As J.Brotherlove pointed out in a (protected) Twitter posting, however:

I see your tweet re: your issue with SNS. this isn’t new though. we’ve had this issue with email.

I’ll argue, though, that email (and instant messaging for that matter) are conceived of as a one-to-one conversation, rather than a one-to-many conversation. It’s true that you can copy-and-paste an IM or email into another medium. But our behavioral norm is that these messages should not be re-shared without explicit permission. It’s the same from a technical standpoint, yes, but not a social one.

When it comes to tweets, Facebook data, or Flickr photos, however? As a community, we clearly have different expectations for privacy on social network sites. As thatblackchick put it (in a protected Tweet):

The nature of social networking means that it’s a one-to-many conversation, therefore, the sharing rules are different (IMO)

And what’s compounding the problem? Jason says:

Twitter, however, and it’s tools, don’t value or promote privacy. I can’t tell by glancing at tweetdeck which people in my stream are private.

He isn’t entirely right. Twhirl differentiates between protected and unprotected feeds. Twitter does too, though design changes would make those differences clearer. [Jason corrects himself in the comments: "Twitter does value privacy. The lock icon is clearly seen on the site, protected tweets don't show up in RSS feeds, you can't deeplink to protected tweets and make them accessible to non-permissioned users." I DO think that some UI changes would make it clearer, however.]

The obvious answer to all of this, of course, is don’t tweet / post / publish that which you do not wish to be reshared. Still, I’d like a higher degree of informational self-determination and awareness on all sides.

I think Cavoukian and data privacy researchers are on to something with this idea that rules for data use are embedded in and travel with the data. Going forward, I would like to see tools, APIs and user interfaces that enable and encourage people to respect public/protected settings, or enable users to opt-out of certain privacy-eroding features.

Embedding data rules in Twitter posts (or Facebook pages, Flickr photos, etc.) may be technologically unfeasible if not overkill. But how about allowing users to make their posts unavailable to the API? How about interfaces (for desktop clients and the web) that alert users they are about to retweet an item from a protected twitter feed? How about letting users opt out of being retweeted? How about ultra-granular, per-tweet privacy controls (a la Plurk)?

None of those is perfect, of course, but they can encourage a culture in which people are more conscious of and respectful of other users’ controls.

Related here:

• What I’m reading: Privacy, security, pervasive technology and society
• Ethics, friendships and Flickr (or “Why I don’t drink around some folks”)
• Plurk.com: “Karma” and Community
• My Love Life. Online.
• On Twitter-ing
• Who do you trust more: Corporations or Government?

Related elsewhere

• “Social Media is Here to Stay… Now What?” by danah boyd
• “Getting Smarter About Twitter” by Jason Toney
• “What is YOUR use for Twitter” at MrTweet
• Podcast #26: how Spybots can fire you, and is “SmartData” personal DRM?
• “Privacy by Design” by some smart Canadians
• “How I use Twitter” by jbrotherlove
• “Blogging With Split Personalities” by Sarah Dopp

I like to think that I am an above-average user of technology by American standards. And yet, if I am overwhelmed by the sheer knowledge of networks, software and hardware that is becoming required in our digital age, what implications does this have for the less savvy, if not downright technophobic among us?

And from a social justice and social control perspective: Who keeps the keys, who can get them, what rules do we draw about using them, and hell, could we even enforce those rules anyway?

The sheer powerlessness we all have compared to this faceless, mindless, multi-headed, and inherently ethics-free technical beast¹ has me feeling disenfranchised, disenchanted, disaffected, and discombobulated by it all.

Join me in my mood, won’t you? Here’s what I’ve read recently(-ish) that has me wanting to move to some remote, uninhabited, no-tech island.

Malwebolence

The New York Times Magazine looks at the culture of internet trolls and online harassment. A few paragraphs seem like a crock of bullsh*t from a movie script somewhere. And yet, maybe it was real and knowing or not knowing is part of the point.

Everyware: The dawning age of ubiquitous computing

Adam Greenfield’s look at the ethical, social and moral issues surrounding pervasive and ubiquitous computing. My main thought while reading this was “Where are we going to find the energy for this always-on network of interlinked technologies and at what economic and environmental cost?” I had more thoughts that focused on the social justice implications of ubicomp too, but the sustainability concern loomed largest.

Electronic Frontier Foundation’s Test Your ISP

Our aim is to ensure that the Internet community has the tools and organization to quickly recognize when ISPs engage in interference or protocol discrimination in the future.

Travelers’ Laptops May Be Detained At Border

Federal agents may take a traveler’s laptop computer or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Of interest? Truecrypt

A People’s History of the United States: 1492 to Present

A look at the history of the United States in a way that centers the experiences of non-rich, non-capitalist, non-white, non-Christian and/or non-male people. This book really changed my perspective on what it means to be a citizen of the United States and the steady stream of propaganda we’re fed, even by “liberal” media outlets.

Your Privacy Is An Illusion: Privacy advocates nearly publish guide to carjacking Google executive

Well, it is an illusion, particularly as technology becomes more pervasive and more entrenched in our lives.² The comments are particularly fun.

OSS voices must be heard in national security debate

A FASCINATING review of Christine Peterson’′s OSCON 2008 presentation / opinion piece by Ryan Paul of Ars Technica on the role of open source developers and the security of our technical infrastructure. Resistance, however, is not enough. In order to overcome such challenges, technology enthusiasts must find better ways to address the underlying problems that seemingly necessitate the faulty solutions.

Objection

Firefox extension for deleting Flash’s Local Shared Objects or “Flash Cookies.” Did you know Flash stored those? And that merely deleting your cookies doesn’t delete this data? And how many web sites do you visit every day that serve rich media ads? Yeah. Install this one.

Possibly related

• Who do you trust more: Corporations or Government?
• Yahoo! Mash: an interesting exercise in trust and control
• Why I went private on Twitter
• Recommended: “SNS visibility norms (a response to Scoble)”
• Ethics, friendships and Flickr (or “Why I don”t drink around some folks”)
• Recommended: Jeremy Keith’s “Lock up your data”
• Is Google evil?

¹ Yes, I realize that computers can only do what we tell them to do. But as anyone who uses technology knows, engineers, designers, and developers have a mediocre track record with regards to the ethical, moral, social, privacy, and security concerns of the technology they (we) build. And with any technology, people will use it in unexpected, even malevolent ways.

² Honestly, whatever notion of privacy that existed in a pre-tech world really hinges on obscurity and the footwork someone is willing to put in. Birth records? Property records? Tax returns? Your friends, enemies, and associates? It’s all there for the aggregating.

In one of my moments of Random Thoughtitude, I was thinking about what my ideal country would look like. My first thought was infrastructure. I want a government that adequately funds and maintains a viable, nation-wide mass transit system and mandates bike lanes on every road. I want an educational system that actually teaches kids.

My next thought was: and what if our telecommunications infrastructure was owned and maintained by the government? What if our cable wires, our radio, our phone lines, and — the thing that sparked my original thought — our Internet were seen as massive public works projects on the order of sewers and roads?

Corporations would then compete in other ways. They might, for example, offer special content and charge for access to it. Or they might sell the hardware to connect to this otherwise national infrastructure.

Telecommunications, and the Internet in particular, has become this sort of basic, critical business commodity that is key to economic growth. But the corporations that run them are either too concerned with profits or really don’t have enough capital to upgrade their networks.

And we wouldn’t have this ‘Net Neutrality issue of corporations wanting to charge more or limit the flow of certain forms of data because boo-frickin-hoo, they don’t want to invest in their systems. Corporations are, after all, legally-bound to pursue profit. Their decisions must be made — for the bottom line, not the common good. Our government, on the other hand, would really have to treat all data the same and invest in our systems because we were all paying for it with our tax dollars.

Makes perfect sense, right?

Or does it? I thought some more and remembered that China controls its Internet infrastructure. And they have a few issues with censorship. Ditto Iran.

Our own government also has issues with freedom and privacy. Maybe handing them the keys to the Internet car would not be such a good idea after all.

I realized then that this is a pretty big conundrum. I wholeheartedly believe that corporations are evil, heartless, parasites who are incapable of doing The Right Thing unless it will make money. But I also believe the U.S. government is more concerned with maintaining power, control, and protecting their own personal safety and wealth than with building a just, free, and fair society.

So the question becomes: Who do you trust more? Corporations or Government?

And as importantly, what entities do you trust or would you trust? What does your ideal nation look like?

The obvious question is ‘How much should you trust code from strangers?’ And can this be done in a safe(-ish), secure(-ish) way?

Possibly related: Cross-domain Ajax links and Access Control for Cross-site Requests (implemented in Firefox 3)