The Permissible Intrusion

Are we sometimes too pious when it comes to security and privacy? When the conversation turns to privacy, in the industry everyone’s first thoughts (to avoid being sued) are

Privacy is valuable

Privacy must be guarded

We can’t allow any intrusion on rights of privacy

All this is very true; privacy is a big issue. But instead of thinking about compromises to privacy only in terms of threats, could they also be seen as an opportunity? What if users would be willing to give up some forms of privacy in a controlled manner? Are there situations in which they might decide to do that? And what kind of gain would make it worthwhile?

One ready example is retail store “loyalty” cards. Shoppers who use loyalty cards to get a small discount are also allowing their shopping preferences to be logged into the store’s databases. In this case, users don’t seem overly self-protective. The benefit for them is very straightforward: a monetary discount. They sell this sort of private information for a relatively cheap price.

Another kind of gain that users may get in exchange for private information is access to another person’s private information. Here the motivations are less straightforward. What value can be realized from this sort of swap? In the case of complete strangers, not much, but if the people involved are family members or close friends, the information could be quite precious. What personal information would you like to share with your nearest and dearest right now? You probably wouldn’t mind letting your children know where you are and what you’re doing. You might be happy to let your spouse know, for instance, whether anything special is happening, if you’re feeling better, or if this is a good time to call. Close friends could get almost as much information as family. Colleagues could have access to all your work-related information, such as whether you are at your desk. Will you be available for a quick chat before leaving the office? Acquaintances and associates may have access to very little of your private information—maybe the equivalent of what’s on your business card. In addition, you could elect to make certain information public, like a published Webpage, and available to everyone.

In each of these scenarios, access to the user’s private information is, and must be, fully under the user’s control. As a default, private information would be available to nobody. But since technology-mediated information exists apart from the users, these users must also be able to trust device manufacturers, service providers, and network operators that private information is used only for the purposes that they have permitted.

Currently the only way I can share personal information with you is to tell you. I can call you or send an email. In Europe the short message services are used extensively for this purpose. The typical content of a text message is not factual, like the time of the next meeting or flight reservation details, but emotional: greetings, jokes, expressions of feelings, saying “good night” or “I love you.” If such information were available all the time, the intended recipient could access emotional content without any action by the sender. This would increase the sharing of truly personal information, enhancing and intensifying the relationships between people.

The mobile phone would be an excellent platform for sharing private information. It is carried on the user’s person most of the day. It automatically knows the user’s communication patterns. The phone even possesses information about the use context. For example, the user already can put her phone in a meeting mode to prevent it from ringing aloud. The phone already has a calendar application that contains information about where, and with whom, the user is at the moment. For a set of trusted persons, all this information could be mediated by a personal device, much as it once was by a private secretary.