Changes between Version 1 and Version 2 of privacy

Nov 4, 2015, 9:37:57 PM (5 years ago)
Steve Revilak

Draft of privacy presentation outline/handout


  • privacy

    v1 v2  
    22= Privacy =
    4 This privacy overview is part of a four part series originally developed as part of the 2015 Membership Meeting.
     4''This privacy overview is part of a four part series originally developed as part of the 2015 Membership Meeting.''
     7== What is Privacy? ==
     9You can find many definitions for the word ''privacy''.  A dictionary
     10will say something like "The state of being private; the state of not
     11being seen by others."  Judge Louis Brandeis called it "the right to
     12be left alone".  Dan Geer called it "having the ability to
     13misrepresent oneself."  The UK's CCTV program used the motto "If
     14you've got nothing to hide, you've got nothing to fear".  I'm not very
     15fond of these last two: they imply that privacy's usefulness is
     16limited to people who wish to misrepresent themselves, or having
     17something to hide.  That's simply not the case.
     19I'd like to talk about privacy as it relates to communications -- how
     20we talk and interact with one another.  In the physical, face to face
     21world, this is very easy to understand.  If you can a friend are
     22having a loud roudy conversation on the bus, then the whole bus is
     23going to hear it.  Both of you knew it, and probably didn't care too
     24much at the time.  On the other hand, if you pull your friend aside
     25into a quiet corner of the room, you're not expecting anyone else to
     26hear what you're taking about.  And if someone is creeping up and
     27trying to listen, one of you will probably notice.
     29Communications in the digital world are very different.  Even solo
     30interactions are very different.  For example, people have very
     31personal relationships with their phones, with video streaming
     32services, and with internet search engines.  Years ago, Netflix and
     33AOL released large collections of "anonymized" user searches; in both
     34cases, people were able to de-anonymize some of the data.  Google
     35recently announced that it's been recording and retaining voice
     36queries.  Even if companies don't release this kind of information to
     37the public, lots of people in the company have access to it.  As do
     38the employees of other organizations they share data with, or sell
     39data to.  Your personal relationship with your phone, or a third party
     40service probably involves a lot more people than you realize.
     42== Risk Management ==
     44When we get into digital communications, privacy really turns into a
     45game of information security, and your ability to have some control
     46over how information about you is used.
     48Information security falls under the broad heading of risk management.
     49Risk management is about as exciting as buying insurance (which itself
     50is a form of risk management).  The basic idea is that we start with
     51something bad that might happen.  Risk management is whatever you do
     52to prevent that bad thing from happening, or to make it less bad when
     53it eventually happens.  I've already mentioned insurance.  A couple of
     54other examples:
     56* locking your door
     57* wearing a bicycle helment
     58* looking both ways when you cross the street
     60This sort of thing happens on a continuum, and it involves a balancing
     61act.  Having two locks on your front door is safer than having one,
     62and having fifteen locks on your door is safer than having two.  But
     63who wants to deal with fifteen locks?  It really comes down to what
     64you perceive as a risk, and how much inconvenience you're willing to
     65tolerate in order to mitigate it.  That's security in a nutshell, and
     66it's different for everyone.
     68In terms of communications privacy, what do you guys see as risks?
     70== Resources ==
     72I expect that much of this discussion will be driven by folk's
     73perceived risks.  However, here are some general resources.
     75* EFF's surveillance Self-Defense guide.
     76* PRISM Break.
     77* Guardian Project.
     78* Email Self-Defense.
     79* A large collection of presentations from the Tor Project.
     80* [ GnuPG], [ GPG4Win], [ GPGTools]
    683[wiki:orientation Orientation] | [wiki:infrastructure Infrastructure] | [wiki:movement Movement]
    8 May First/People Link encourages all members to maintain their privacy online.