almost 9 years on 2008-05-01


1.  i am going to be speaking a bit about digital privacy - something i spend most of my days working on in one way or another

2.  for starters, what is privacy.  people pre-pend the word in phrases like private thoughts, a private journal, private bedroom exploits, or private plans to take over the world - but there are precious few good definitions of what the term actually means 

3.  the best way to describe privacy is as the limited transmission of information over time and/or between people.  it is about moving information from a trusted point a to a trusted point b without exposure.

4.  why do we care about privacy?  isn't it dead?  -- we care because in all sorts of scenarios the value of information is inversely related to how public it is.  from corporate secrets, to gambling and the stock market, to even personal intimacy

5.  fundamentally you are only as private as your weakest communicative link.  the model for a private exchange is a one to one discussion in the middle of nowhere.  output directly to input.  but the reality is that as we have made communication more efficient we tend to rely on more intermediaries to communicate.

6.  as with many things, one of the most interesting testing grounds for privacy is war.  during war private information is extremely valuable to all sides.... and you frequently have to use untrustworthy links in the communicative chain.  the solution that evolved quickly was 'security'

7.  all security is breakable - it functions by changing the cost structure of information.  you pay a cost to secure your information(which is less expensive than the info transmitted is valuable)... the key is to make it expensive enough for the enemy to break your security that it isn't worth it.

8.  the reality is that outside of war, until very very recently most information was harmless/ mostly valueless on a mass scale- so people were not very concerned about privacy.  there simply was little to 'steal' from you information wise, so you didn't have to incur much cost to protect your information.  

9.  three little familiar concepts, however, changed all that.  the cost of and therefore volume of communication, information storage, and compute power have changed the equation by making useless data useful and by making privacy measures much more expensive on a relative basis.

10.  these cost changes have drastically changed the amount of communication, the amount of communication that is saved, and the ability to access that information.  this is a huge deal

11.  people have been freaking out about this for a long time.  max weber wrote about all these concepts and their impact with regards to 'buracracy' and people have been updating the concepts all the way through foucault's power-knowledge in "discipline and punish"

12.  interestingly, all this information and organization did allow for a new mechanism of non-secure 'privacy'.  simply trust your privacy to them and the law.  it is a felony to open mail

13.  this worked relatively well, because even up through very recent history, little information was valuable and few people were in a position to break trust.
14.  internet changes all that - all of a sudden lots of information was valuable at scale, and lots of people could touch it

15.  institutions break down - laws don't work if you can't enforce them -- and with data flowing beyond boards and no transparency into who has what = no enforcement

16.  go military style?  doesn't work - because security only works on cost differentials.  security isn't getting cheaper faster than breaking security, information is getting more valuable for the bad guys and the good guys.

17.  in fact, we are worse off than military information - value of which is very perishable - our data lasts forever - so if you can't break today break tomorrow

18.  this really really sucks for your kids - because 'public key' security is going to crumble with quantum computing - so traditional security will melt.

19.  so what should we do - future of privacy is about unwinding - decentralize, de-tag, destroy... you are also going to end up with less 'privacy' - which is good, because you can sell your privacy for great stuff online

20.  recap - 

original swl blogposts and letters 2007-2010