The Map of Privacy

This a map that gives a brief history of privacy in the technological spectrum, with the section of ‘digital age’ expanded intentionally to outlook the future of privacy based on current phenomena. At the end a new interpretation to ‘privacy’ was given and referred to as ‘permission’, addressing the massive explosion of outdated information we will be facing with the aging of the Internet and ‘cloud data’. Following the current mode of online privacy management, the control over the information will become so costly and time consuming that it is even less efficient compared to the opposite way: giving permission of the information to the trusted groups and individuals. The map also provides clues to why it would be necessary to introduce the forgetting mechanics of online data and to rely partially on the human memory again in order to regulate social behaviors for privacy.

By designing the map, I got to think more critically over the research and ideas I came across before and to situate my design proposals for hiding (marked in red) in relation to other facts regarding privacy.

View original size here

Risk vs. Service: Online Privacy Dilemma Never Got Solved?

Another interview I had during the past few weeks is with Saikat Guha, an online privacy expert and engineer. His earlier researches have dealt largely with social network’s privacy service from the benefit for both the user and the advertiser: how to maximize the user experience with least risking of privacy and secrecy on one hand, and to reach the targeted market more efficiently on the other hand. Saikat’s latest research has shifted from the encryption of profile database to that of locative media related information processing. The privacy concern of the latter has outgrown the former with latest shifts in the technology use and more pervasive forms of information sharing.

A DNS tracking experiment in Saikat's paper "Identity Trail: Covert Surveillance Using DNS"

———————–
Me: In your paper “NOYB: Privacy in Online Social Networks” you described the way NOYB encryption model(NOYB standing for “None of Your Business”) works is by replacing one users name and age with another friends’ name and age?

Saikat: Yeah. Or anyone else’s name really. NOYB can loosely be defined as traditional encryption combined with steganography. How the other “atoms” (index of data that kept one type of information of the user) are picked is based on traditional encryption, but on top, the final result is something believable, whereas traditional encryption outputs what appears to be garbage or noise. So basically the benefit is that it’s as secure as traditional encryption, but can’t be easily detected like steganography.

Me: How does it benefit the social network users then?

Saikat: It benefits them in the sense that if Facebook were to start banning users that upload info that’s not real, it’s harder for Facebook to detect the NOYB users, vs. users that are uploading “garbage looking stuff” that traditional encryption produces.

Me: It can then allow one to shares false information about themselves?

Saikat: Well, whether the information is false or not is not where the encryption looks at, but rather by using NOYB, real meaningful information appears to others as false information, and only a select few can extract the real information out of it. So it is about sharing your information only to a specific type of group. The user has the selection of who can see his data, and specifically, he can say no one at Facebook should be able to read his profile, which he cannot do today. Or say that some random third-party facebook application developer or random facebook-connect website cannot read his profile, which he cannot now either.

Me: But in reality, the situation of giving permission can vary from time to time and person to person, that is sometimes you want to use the authenticity of the information to present yourself in a certain way you choose, and sometimes you don’t. and there are people you are not sure if you should give them access or not. So are there also technological solutions that provides a hierarchy of access permission?

Saikat: Giving different people different permissions is doable, for example, the paper by researchers from University of Maryland called Persona in Sigcomm. The problem is what happens when the permissions given to a person changes over time. If they are given greater access, that’s fine. But if their access is curtailed, then you can’t erase from their memory what they’ve already seen. At best you can limit any future content from being seen by them.

Me: Then, in this sense, is eliminating archived data a possible solution for protecting identity and personal information?

Saikat: the problem with that is it can result in people changing history for nefarious means. Privacy is one thing, but propaganda is another, and maybe even more worrying.

Me: I see. And in your other paper “Identity Trail: Covert Surveillance Using DNS” you have experimented different methods of tracking them geographically based on DNS addresses. Can I ask if it is also possible to track someone on 3G networks?

Saikat: Technically it’s very hard problem. There are many papers being written on how to do it. But location from 3G address is the least of people’s concerns if you ask me.  Applications on the phone have your GPS coordinates and they are sending it out willy nilly to strangers. There are a good half of applications on smart devices that had no business knowing your location data (for the purposes of the application) were collecting it nevertheless and sending to random third parties on the web.

Me: Locative media is tricky in terms of the way it gives out your privacy. How can we really hide with GPS data?

Saikat: This is exactly what we are trying to do now with our current research! The way it works basically, is that your location can be hidden in a way that neither the application learns where you are, nor anyone on the web. but they can still offer you location based services-  alerts of who are nearby, or Foursquare-like applications etc. It’s not difficult to do. But the key question is what applications cannot be built using the tricks we use. If there are very few such applications, then the trick we use can become the default and everything is rosy.  But if our proposal doesn’t become the default, then applications – that make money by selling your location – will continue to invade your privacy.

Me: Because locational data does not work in the way profile data works?

Saikat: Right. In profile data you need exact matches. “Soccer” is not the same as “saucer”… But with location data you need proximity “LA” might be the same as “Santa Monica” depending on the application. That extra bit of information you need for proximity can leak more than you bargained for. The reason you need the latitude-longitude data is so you know the distance between two points so you can compute “near” in a technological sense. If you could compute “near” without access to lat-long data, there would be no reason to expose your lat-long while still letting you do proximity, which would be a much safer approach.

“Bits of Me” here, “Bits of Me” there

This is a study of profile management across various social medias, that involves the collection of the text data(except for their names) from 15 on-line profiles (3 for each subject) and an interpretation of the data from strangers through the portraits they draw of the person based on the profile. With the human “algorithm” on one hand, the data was also parsed through LIWC (a linguistic analysis model) that gives a personality analysis of the text on the other hand.

Interestingly, there is an overall precise match of the disposition between the interpretive drawing and the personality analysis result. And when the data is not enough to make a judgment, people were confused just as the computer does. The two methods also support each other for details they are unable to find out respectively. I found that human drawings tend to make a better guess about the person’s age, and their disposition seems to be based on the looking of some other humans that shares the same features. It is also interesting that when the linguistic analysis shows very low “negative emotions” from the text, the number of positive vs. melancholy looking faces in the drawings are almost even.

Launch the analysis process

So what exactly does it say?

The initial intention of the project is to testify my hypothesis that people use social media to strategically present themselves. And the use of one media is complementary and influenced by the rest.

Most of the persons I studies have a high awareness of “what in where”, that is separating the information about themselves in different categories and share them via different networks, and also “how to put”, that is organizing how the same information is stated differently on various media.

There is only one person who has told me before that her Facebook self barely represent her in reality, whose result has shown a consistent pattern throughout all of her networks. In that case, she has done a good job keeping the actual self away from the medias, while still keeping her image consistent.

Work-in-Progress Exhibition at Art Center

Can repeating the same things 14 times to 14 people help creating a better thesis?

I still need to figure why Art Center adopts such way of getting your work critiqued, but… as a result, I did kill my thesis in some way, as I realized the inconsistency between my projects is so huge that I struggled to state them across a single message.

But right after, a new thesis was born on top of the big mess I made…

Good bad news.