Back to: Buy the tee shirt! | Forward to: The inadmissible assumptions

Not an April Fool

There is an app, currently on the Apple app store as a free download, called Girls Around Me.

A couple of days ago, computer journalist John Brownlee wrote an essay about it explaining why he found it disturbing. I'd like to propose that it is symptomatic of a really major side-effect of our forced acculturation into Facebook's broken model of human social interaction—a broken model shared by all the most successful social networks, by design—and that it is going to get much worse, until it kills people. Quite possibly in very large numbers.

I wish this was an April Fool's joke or a piece of dystopian near-future fiction. Unfortunately it isn't.

First, a quote from John's essay on the subject of "Girls Around Me" (I strongly suggest you go read the whole thing, both for his analysis and for some screen shots showing what it looks like):

Girls Around Me is a standard geolocation based maps app, similar to any other app that attempts to alert you to things of interest in your immediate vicinity: whether it be parties, clubs, deals, or what have you. When you load it up, the first thing Girls Around Me does is figure out where you are and load up a Google Map centered around your location. The rest of the interface is very simple: in the top left corner, there's a button that looks like a radar display, at the right corner, there's a fuel meter (used to fund the app's freemium model), and on the bottom left is a button that allows you to specify between whether you're interested in women, men or both.

It's when you push the radar button that Girls Around Me does what it says on the tin. I pressed the button for my friends. Immediately, Girls Around Me went into radar mode, and after just a few seconds, the map around us was filled with pictures of girls who were in the neighborhood. Since I was showing off the app on a Saturday night, there were dozens of girls out on the town in our local area ...

Now, here's the point.

What "Girls Around Me" does is simple: it looks up your GPS location, then queries Facebook and FourSquare for people matching a simple search criterion (are they female?) who have checked in (or been checked in by their friends) in your vicinity. It then makes it really easy to pull up their publicly visible information—stuff such as age, occupation, favourite sports, what school they attended, and so on. All the stuff Facebook encourages you to share.

You can probably see why John and his friends became increasingly uneasy about this app: it's pitched as innocent, slightly hokey fun, but it stops being amusing the instant you imagine it in the hands of a stalker or serial rapist. Or even just an unscrupulous ass-hat in search of a one night stand who isn't above researching his target's taste in music and drinks without their knowledge.

Unfortunately you don't need a special purpose tool like "Girls Around Me" to do this, if you have a reasonably powerful Facebook query tool and know how to use it. I can't stress this strongly enough: the problem was not invented by SMS Services O.o.o. of Russia, who wrote the app. And banning the app will not make the problem go away.

What "Girls Around Me" does is make clear just how useless Facebook's security settings are. In theory if you know what you're doing you can disclose your personal information to Facebook and prevent FB from sharing it with strangers. But in practice ordinary people are not all Bruce Schneier. Ordinary people with Facebook accounts tend to over-share personal information because our social instincts encourage us to share information with everyone we can see, and to discount abstractions (such as the possibility that software bots thousands of miles away might be harvesting the photographs and information we put online in order to better target advertisements at us—or worse).

The problem is this: all social networks run on the principle that if you're not paying for the product, you are the product. They operate as profitable businesses because they encourage users to channel their social interactions via their network, perform data mining on the interests that users disclose, and present the users with advertisements tailored to their interests (which are consequently much more likely to result in a successful sale).

However, to make such micro-targeted advertising practical, the social networks need to motivate their users to disclose information relevant to advertisers. There's no point marketing bacon to Jews or Muslims, so religion is relevant. There's no point marketing turkey to vegans or wheat products to coeliacs, so dietary preferences and medical conditions are relevant. If a user is a member of a subculture associated with a distinctive clothing fashion, that information is relevant to garment vendors. And so on. So Facebook, Orkut, G+ and so on all attempt to induce their users to maximize their self-disclosure and to tie their accounts to as many useful third-party information sources as possible.

You may have noticed that Facebook provides privacy controls, for those who are sufficiently worried about stranger danger to want some illusion of control. Unfortunately the vast majority of people have no idea how widely visible "show to all" really is, or that it might enable the users of apps like "Stalking Targets Around Me" to identify and track them. And it is not in Facebook's commercial interest to promote the use of privacy controls. If someone is using the privacy controls with all the settings jacked up to 11, it becomes very unlikely that long-lost friends and relatives will be able to make contact with them through Facebook. Which is a lost advertising opportunity, and therefore detrimental to the revenue stream.

We are encouraged to over-share, for commercial reasons (just as we are encouraged to over-consume, but that's an issue for another time). We are discouraged from imposing reasonable limits on access to our shared information, again, for commercial reasons. (And the mechanism employed for discouragement is a combination of benign neglect and ignorance on the one hand, with behavioural marketing on the other—"if you tell us where and when you went to school we can put you in touch with your long-lost high school friends!")

Moreover we are actively discouraged from maintaining any separation of spheres of identity. Facebook was written by students, for students; one of its pernicious hallmarks is that it assumes that human beings possess but a single identity (which can be harvested by Facebook, needless to say). Ask any teacher whether they want to share their private life and relations with their students! Or parents with children, for that matter. Real human beings live complex lives in which they occupy different roles which are exposed to different people. Facebook tries to bundle everything up into one amorphous blob, and makes it relatively hard to hold information back from some categories. (G+ at least comes with the concept of circles, which is an improvement; but is it sufficient? After all, Google—like Facebook—is essentially the photoluminescent lure dangling in front of the sharp-toothed maw of an angler fish advertising company.)

It's easy to imagine how we could make something worse than "Girls Around Me"—something much worse. Facebook encourages us to disclose a wide range of information about ourselves, including our religion and a photograph. Religion is obvious: "Yids Among Us" would obviously be one of the go-to tools of choice for Neo-Nazis. As for skin colour, ethnicity identification from face images is out there already. Want to go queer bashing? There's an algorithm out there for guessing sexual orientation based on the network graph of the target's facebook friends. It's probably possible to apply this sort of data mining exercise to determine whether a woman has had an abortion or is pro-choice.

In the worst case, it's possible to envisage geolocation and data aggregation apps being designed to facilitate the identification and elimination of some ethnic or class enemy, not only by making it easy for users to track them down, but by making it easy for users to identify each other and form ad-hoc lynch mobs. (Hence my reference to the Rwandan Genocide earlier. Think it couldn't happen? Look at Iran and imagine an app written for the Basij to make it easy to identify dissidents and form ad-hoc goon squads to proactively hunt them down. Or any other organization in the post-networked world that has a social role corresponding to the Red Guards.)

But as I said earlier, the app is not the problem. The problem is the deployment by profit-oriented corporations of behavioural psychology techniques to induce people to over-share information which can then be aggregated and disclosed to third parties for targeted marketing purposes.

215 Comments

1:

Ray Kelly from Barracuda networks presented a wide reaching talk at last year's B-sides San Francisco on the risks from social location trackers in the hands of malicious individuals, both technical and non-technical!

2:

Thanks Charlie, I read the article yesterday. It both reinforces my determination to have as little as possible to do with Facebook and similar services compatible with living in the modern world.

The worrying thing is that while I have young relatives who don't understand the hazards of oversharing it's not confined to teens I'm aware of at least one case where someone who called in sick once to often prompted HR to check their Facebook page. What they found there resulted in an official warning and less than three months later there was a new vacancy at the company. The dangers of oversharing are wider than the extremes you've raised.

3:

Google is peeved at facebook because FB wouldn't allow Google to crawl the FB info. So while FB is bad, I'm more concerned about the world's largest internet advertising company that seems to have gained 30% market share with a browser that is harder to configure for privacy and do-not-track-me than Firefox. Mountain View certainly didn't build Google+ because they wanted to create a social network that gave you your privacy. They wanted their bit of all that juicy personal data.

Both organizations are frightening - but I'm more worried about Google because a lot of geeks seem to be willing to give them a free pass on this issue, rather than being as vigilent as they are about Facebook.

Security researchers once found that 30% of people would give away their company logon password for a chocolate bar. Most Humans aren't wired for privacy - and it isn't surprising that some companies have built an amazingly successful (one of the few successful internet business models) on that built-in-flaw.

4:

"Security researchers once found that 30% of people would give away their company logon password for a chocolate bar."

Common misconception.

Researchers found that people would offer up something they said was their password when offered a bar of chocolate. No attempt was made to test the passwords...

5:

I hope you're wrong, but threat assessment needs to be about capabilities, not intentions.

6:

I also read the article yesterday and was both amazed and appalled. I do have a FB account, but have my privacy settings at 11 - not because I was afraid of apps like that, but because I loathe most advertisements (also why I don't watch television). What is really sad is how so many people think they are tech-savvy and still let things like this happen because they don't know how to properly apply the available privacy settings.

7:

I read this earlier today; it inspired me to add a few more lies to my Facebook profile. (The system tried to get skeptical about me being over 80; perhaps it's catching on?) I really don't see any advantage to me in telling it the truth about anything, since anything I say would be for the benefit of my friends - who already know who I am. But more fiction certainly won't hurt.

8:

For added creepiness, do away with the need for a human lynch mob by coupling this to drone strikes.

9:

Oh, that's a great piece, Charlie, and deserves a wide audience.

10:

Love this - "The problem is the deployment by profit-oriented corporations of behavioural psychology techniques to induce people to over-share information which can then be aggregated and disclosed to third parties for targeted marketing purposes." - but you're not going deep enough, Charlie.

Modern ultracommerce is all about screwing with our heads to make the fastest, biggest buck possible. Brand loyalty has something to do with it, but more important than that is the engendering of consumerist behavior to the point of addiction.

All human beings have some potential for addictive behaviour, and the gods of marketing know this in their grubby little heart of hearts. Drill down into our data-persona, find the quivering desires before which we are powerless, and make sure that we discover that these needy needs can be satisfied by the overmind-market (so long as we have the buying power to open the gates.)

One of us, one of us, one of us!

11:

It's about to - just saw it listed on Hacker News.

Maybe I'm just an old fart, but I just don't get why some people don't see oversharing of information as not being a problem. At best, it seems like something they haven't thought through.

12:

Both organizations are frightening - but I'm more worried about Google because a lot of geeks seem to be willing to give them a free pass on this issue, rather than being as vigilent as they are about Facebook.

Geeks (Engineers, scientists, programmers, whatever, see Big Bang Theory) tend to be oblivious to privacy issues. What was that Google thing where suddenly everyone in your email contact list was being told who you sent emails to or similar?

Couple that with naive folks who don't get why telling the world that you're family is at the beach for 3 days and you had to kennel the dogs as you couldn't get a house sitter and well you have a nice system for criminals.

My question about the "geeks" is: Are these personality traits wired together or is social cluelessness learned due to social isolation growing up?

13:

You need a double-negative in your last clause: social clueless is not un-learned due to social isolation growing up.

14:

During his current standup tour, Stewart Lee got into this topic, and insists that Twitter and the rest are actually highly sophisticated global surveillance networks staffed by millions of gullible fools. I think I see what he's on about.

15:

It's very frustrating. I keep trying to explain the privacy issues to people, but they don't understand and don't want to listen. Facebook is shiny!!

(We don't need to summon bat-winged squid gods, we're building them over the Internet...)

16:

And nobody are more eager to exploit the full potential of the disclosed information, than the political campaigns.

How likely is a politician, elected thanks to "demographics" which were "derived from social networks" to regulate these same networks ?

17:

Building on the above, it's simple to set-up virtual stalking and trace movements over a period of time. As with the network graph, all sorts of information about an individual or a group could be ascertained from the data collected. This doesn't require advanced geek chops to build nor much time.

18:

Charlie,

At the risk of sounding like I'm defending "profit-oriented corporations" (which I'm not sure is such a bad thing) and unscrupulous privacy practices, I think it's important to recognize that many (most?) people OPT-IN to using Facebook and other social services, knowing full well they are sharing their personal data within an ever-expanding public sphere, which, yes, could even include creepster apps like Girls Around Me.

Facebook's level of disclosure and defaults could lean FAR more towards transparency and user empowerment, but is it really a surprise, to anyone, that Facebook would enable an app like this after their history of privacy fiascos?

I don't think so and, even if it were, I don't think it would deter those unclued few from continuing to sign up and share compulsively. People Love Facebook... and they'll continue to make the privacy trade-offs where they see utility and social norms.

Alex

19:

Dude, I'm profit-oriented; I'm a self-employed businessman. But there are ethical ways to turn a profit, and less ethical ways. And corporations are, alas, generally required by law to maximize shareholder value by any legal means available -- even if it's unethical and misleading to their customers.

And re-reading your comment, I see you defending unethical behaviour by feigning weary surprise that anyone could expect anything better. That attitude is part of the reason why we're in this mess; I think you need to take a hard look at your value system.

20:

This behavior isn't new. I remember back when my student ID number was my social security number plus a couple of digits. Unsurprisingly, I got a message from said university a few years ago saying their database of graduated students had been hacked. Wonder why?

Going back even further, I was amused to read someone's article about how the Navajo avoided things like bragging, talking to reporters, and even having their picture taken, for fear of witchcraft. I don't know how much of this is true (since the Navajo are also known for a certain sense of fun, especially with gullible new reporters), but Navajo witchcraft was seen as an outgrowth of things like jealousy, envy, and hatred from other groups. That's a real problem, and there's nothing supernatural about it. Now, instead of spells, we've got apps.

And it gets creepier. For example, look at how the spread of cheap genomics is going to make it harder to keep your medical issues private. Imagine, for example, that HR takes a DNA sample off the water glass they offer you during the interview, and only offers you a job if your genomic (and epigenomic) profile comes back with no serious medical concerns. They could do it now, except that it's a bit too slow and expensive for most employees. Another five years, and it might be hard to keep your genome from being posted somewhere, possibly behind a paywall.

Anyway, I won't be surprised if we become more private and modest in the future, not because of fears of witchcraft, but due to the incursions we're seeing now. We may also get more concerned about how we control our body remnants and secretions, too. It's interesting how technology seems hell-bent on making Frazer's magical laws of Sympathy and Contagion work in the real world.

21:

i'm living in iran, and basij simply doesn't do that, either they can or not. they're the best people living among us.

22:

So, do you think there will be an emerging market for paid services that aggressively censor the information that FB, et. al. make public?

23:

Dude, u're right, there is only 1 thing u forgot to think about... the freaking government... they can obligate the owner of any social network or app to give the info in order to arrest someone, and by the time the person that let a criminal use their pc has time to explain, he'll already be in jail... btw, surfing secretively on the internet is not so hard, all u have to do is forget about the social networks for a second, and if u want to socialize do it with a browser like torbrowser, but seriously bro, if u really think that the world is gonna end if u give ur information out to the government, u should do something like using the proxyserver i'm talking about, listen, this: https://www.torproject.org/projects/torbrowser.html.en is a website for a proxy server's download, and what a proxy server is, it is basicly something that changes ur adress so, whoever tries to spy on u, that person being google, or fbi, or even ur mom, will think u're in a different place, like, if i was using it right now, I'd be anywhere but in my home country, brazil. it does that for u, and much much more. and also consider using the duckduckgo search engine, because google keeps all the data u use, and duckduckgo doesn't.

i know all u said was true, and i do believe u, but from the bottom of my heart, if u're that smart, that should not apply to u. I'm with u bro, i know its impossible to give up on social networks, cause I can't. but the best u could do is use fake information, fake adresseses, hide under the shadows, and whatever... I'm with u.

24:

Charlie,

I am NOT defending unethical behavior, and really don't see the need for an ad hominem shot.

I was arguing that users have a responsibility to be aware of the privacy settings and attitudes of the apps they use, especially when the companies behind those apps have a history of acting in unethical and unscrupulous ways.

I share your concern over the way Facebook and some social services abuse user trust, and the cultural trend towards openness without considering privacy and security.

But to blame companies entirely for exposing user's private data is to suggest that users have no power to stop them - which is not true. People don't have to sign up for Facebook. They can limit their sharing. A few people I know have deleted their accounts.

Alex

25:

The access that for-profit corporations have and share to this data is the least of my worries. What if Stalin had that kind of data?

What if Stalin had that kind of data and believed all members of a particular religion (say, Catholics or Mormons) were enemies of the state? What if Stalin had that data, belief structure, and drones?

26:

I do like that at the bottom of the original article there is a widget advertising the offending app. A little human intervention might be required there.

(Thanks to Mary Branscombe for pointing this out.)

  • Neil.
27:

Thanks for mentioning what I consider to be the true tyranny of FB--the single sphere of identity. I don't enjoy (or really use) FB for exactly the same reason I don't enjoy being in a room with with everyone I know--Grandma, ex-girlfriends, high school friends, my work manager, drinking buddies--where everyone one of those people has a microphone and they're all looking at me. The reasons why should be blindingly obvious to most people.

And I wonder what kind of effect this forced homogenization is having on the subtleties of social interaction among FB's users who are growing up without ever truly having separate, walled spheres of social interaction. I think superficially it looks liberating, somehow, as though it's actually promoting honesty and transparency (not being 'two-faced'), but I suspect there will be far-reaching unforeseen negative consequences.

28:

Great post, Charlie - very thought-provoking!

I'm not sure about your assertion that public or least-restricted sharing is a necessary consequence of Facebook et al selling info to advertisers, though. While I hadn't thought of your point that it oils the mechanism of increasing links, I still reckon that it's a better idea for them to implement safe, secure privacy settings, because it makes people more likely to put their information on there in the first place. For instance, I only have my mobile number on Facebook because I can control who sees it; if I had to share it with the world I certainly wouldn't! Facebook don't care, since either way it's available for their advertisers, so strong privacy is better... No?

Having said that, I (like to think that I) know what I'm doing, so I guess this is just evidence that Facebook have got the balance right between strong privacy (encourage nerds to put info on there in the first place) and "public" defaults (easier to find new friends, as you point out). Damn...

29:

"Religion is obvious: "Yids Among Us" would obviously be one of the go-to tools of choice for Neo-Nazis. As for skin colour, ethnicity identification from face images is out there already. Want to go queer bashing? There's an algorithm out there for guessing sexual orientation based on the network graph of the target's facebook friends."

If Neo-Nazis are motivated enough to use sophisticated software tools to find Jewish or gay people, guess what, they can very easily find them anyway. Mohamed Merah was able to find a group of Jewish children within minutes with no planning.

This is silly stuff tbh, on the level of 'oh what if terrorists use Google Maps'. The point about sexual predators has slightly more merit, but only slightly; serial rapists will be serial rapists with or without social networks, and stalkers aren't likely to choose random individuals from facebook to obsess over.

30:

I think it's important to recognize that many (most?) people OPT-IN to using Facebook and other social services, knowing full well they are sharing their personal data within an ever-expanding public sphere, which, yes, could even include creepster apps like Girls Around Me.

Actually, I think most people aren't aware of how their data is being shared. They sign up to view pictures of their grandkids, or find out about a new product, or some similar reason — they view Facebook as just another website. They aren't aware of the tracking and data-mining.

And I'd argue that most people aren't aware of just how revealing data-mining can be.

31:

WUT? Is this real?

32:

You made me realize that all this stuff is a private investigator's dreams come true.

And I don't just mean the lone operator living out the Sherlock Holmes dream in a limited way, I also mean the career PIs in the investigation branch of AB Securitas.

By the way, did you know that AB Securitas has bought up both Pinkerton and Burns, the centuries old detective and guard agencies of the US?

http://en.wikipedia.org/wiki/Securitas_AB

33:

Well at least Foursquare has apparently blocked location access to the App. But obviously this was done in response to the publicity and is probably specific rather than a general rule.

But while OGH rails against the business model of social networking sites, one should realize that people have always had to deal with unwanted publicity. Live in a village and you get little privacy. Live in a surveillance state, the "authorities" remove your privacy. Consider the issue of cash strapped government agencies selling your location based on public vidcams. The NoW hacking revelations of police involvement should make you very concerned.

The question becomes less how to control your public life (it isn't under any meaningful control) and what countermeasures are possible for your protection. In the case of "Zoe", rather than being a naive on the town, in future she may cultivate a battery of techniques to protect herself. Some any sensible person will be familiar with from the pre-internet age. Some will be very new. And that is a job of the good SF writer to explore.

34:

You made me realize that all this stuff is a private investigator's dreams come true.

It also means that everyone can be her own private investigator now, possibly making the profession obsolete.

35:

I was arguing that users have a responsibility to be aware of the privacy settings and attitudes of the apps they use

You're right in principle, but you're right for the same reason and to the same limited extent as if you said "people have a responsibility to be aware of the locks on their front door and windows and to use them". Which is that you omit the other side of the social contract: we all have an obligation not to exploit our neighbours' negligence if they leave their door unlocked by burgling them.

In this instance, it seems to me that you're assuming everyone is universally competent to understand privacy settings and the attitudes of the apps that use them. I strongly disagree. I also don't think that expecting the uncertain to delete their FB accounts is a reasonable response to such uncertainty: it's like expecting them to live on a park bench because they don't understand the small print in their domestic insurance policy.

36:

I have no idea if he's real or not, but I find it enlightening that within minutes of an organization being mentioned here for the first time ever, someone pops up to defend it.

It might be a coincidence, but more likely it indicates the extent of Iranian government-associated internet surveillance. (Not, in all probability, of my blog, but the article I wrote is a trending topic on Hacker News right now.)

37:

In the worst case, it's possible to envisage geolocation and data aggregation apps being designed to facilitate the identification and elimination of some ethnic or class enemy, not only by making it easy for users to track them down, but by making it easy for users to identify each other and form ad-hoc lynch mobs.

Almost like a distinctive national dress. Actually, a good many people might be interested in such things, not just the sex criminals. Have you an algorithm to determine who is likely to accept bribes? MI6 and MI5 may wish to talk to you. This could be a tremendous area for renewed national competition, either between states or populations.

Here's a link to an article claiming that the recent spate of metal thefts in the uk is run by foreign criminal gangs. It sounds highly plausable, I don't see anything that would stop them, and I could well believe in organised crime with a nationalist bent.

http://telegraph.feedsportal.com/c/32726/f/564430/s/1df61c03/l/0L0Stelegraph0O0Cnews0Cuknews0Ccrime0C9176160A0CForeign0Ecriminal0Esyndicates0Ebehind0Emetal0Ethefts0Ein0EBritain0Bhtml/story01.htm

I'd always thought the big threat was 'organised infantry over encrypted communications', although organised subversion could be just as big. What if we don't have a society in the first place? Our present, quite liberal society is quite gardened, really. What if that no longer works?

38:

"Stalkers aren't likely to choose random individuals from facebook to obsess over."

Are you kidding?

39:

Hi Alex,

I think I understand your point of view, but I remain a bit shocked by it, especially the part about people not doing their best to protect their privacy. I mean, have you had a look at facebook Privacy settings recently? They are a massive headache to deal with.

A few years back, I crafted lists to manage different levels of access on my facebook account. I wanted close friends to see it all, and the rest to see only some. It took me a few hours, but I managed to get just what I wanted. Since then, I have seen the flexibility of this feature degrade: - I used to be able to choose who and what list could post on my wall. Now, it's either friends or no one. - I used to be able to see the content of a list at a glance, which is very useful for management. Now, I can on each individual's profile what list he/she's in, but I can't see the whole list itself - I used to be able to choose to post something visible to the member of 2 lists from my mobile, but for the past few month, a bug (?) on the app has been preventing just that - and so on...

And I could keep going for a while on the granularity of those privacy settings becoming a thing of the past to promote over-sharing. Funnily enough, most of those changes happened after G+1 came, and under the excuse that facebook was trying to mend and be more like circles on G+1. Like.

My point is that I agree in principle that people should take responsibility and either do without facebook or work on protecting their privacy. But objectively, it's getting difficult to do without facebook, especially when you are pressurized by peers to use it and can't resist it without being cast apart (ah, teenage angst...). And I think it's a bit distasteful to point your index and give the Nelson laugh at people that are abused by a schem... system that is designed to abuse them.

Not everyone as the time to explore this stuff, not everyone is inclined to or is aware of the issues it could pose. But I think it still doesn't give facebook (or the others) the right to abuse those people.

40:

To tell the truth, I expect better grammar from a government-associated internet defender.

41:

Our present, quite liberal society is quite gardened, really. What if that no longer works?

For extra paranoia, consider this: what if New Labour law'n'order legislative program from 1997 to 2007 wasn't quite as stupidly pettifoggingly managerialist as it looked at the time, but was actually an attempt to pre-emptively respond to some far-sighted future scenarios that included just such an internet-mediated disintegration of civil society? (Leading them to decide that having the apparatus to install a temporary panopticon surveillance state from the top down was the best way to deal with it.)

Naah, I don't think they're that far-sighted. (I think they're just the same think-they're-the-smartest-folks-in-the-room political elite we've got running things today, except they got their fingers slammed in the drawer in 2008.) But it's a scary thought.

42:

... In a language not their own?

43:
Over and over again, I find that people’s mental model of who can see what doesn’t match up with reality. People think “everyone” includes everyone who searches for them on Facebook. They never imagine that “everyone” includes every third party sucking up data for goddess only knows what purpose. They think that if they lock down everything in the settings that they see, that they’re completely locked down. They don’t get that their friends lists, interests, likes, primary photo, affiliations, and other content is publicly accessible.--Danah Boyd, Facebook and Radical Transparency: a Rant. Danah Boyd is an excellent researcher in this area, and deserves attention.

Notes:

  • The earliest social networks were co-ops rather than for-profit services. One might say the idea has been co-opted.

  • People behave in social networks as if they were in public spaces which they control, rather than private spaces which are managed for someone else's benefit.

  • Attacks based on social network data are how Margaret Atwood describes the founding of the Kingdom of Gilead.

  • Social networks have also been liberating: they have been the basis of risings worldwide.

  • 44:

    This kind of reminds me of when C|Net ran a big expose in 1999 about how dangerous it was you could look someone's home address up in google. They published Eric Schmidt's address and everyone had a conniption...

    Social networking technology is still in it's infancy, and controls continue to evolve toward more empowerment to end users (g+circles, facebook lists and groups) rather then the opposite.

    This despite the fact that consumers are caring less and less over time.

    There are actually two issues in play

    1: How to educate/nudge users into understanding and making good decisions around what kind of information they share and expose online

    2: How to ensure the companies themselves use the information they gather in ethical ways.

    The first issue is as much or more a matter of ignorance on the part of the end user then nefarious scheming on the part of social networking company. It's actually a subset of the "not having a freaking clue how technology works in the modern era" and manifests itself in many many ways.

    There is also a healthy dollop of the consumer not giving a shit about privacy despite the fact that they probably should. Just like the average consumer does not give a shit about their personal health, government, climate, etc etc even though they should.

    I'm not sure how you make people care about things they should care about but don't, if anyone figures that one out, please let me know.

    The second issue is more clearcut to me, and is solved by the correct level of government over-site.

    45:

    Sounds like an opportunity for a clever coder to write up a "Stop Stalkers Around Me" app that simplifies and takes care of your FB and G+ privacy settings for you.

    I think the comparison of a pickup app to the Rwandan genocide is a bit much. If mass killings, genocide, or suppression of dissidents is in the books for a society it's going to happen no matter what tools are, or are not, there. The vile monsters who perpetrate these crimes have not been slowed down by the lack of FB and Google in the past.

    If a bunch of neo-nazis want to beat the shit out of someone for being the wrong color they already know what neighborhoods and bars will have a supply of victims. The ability to track them down electronically wouldn't speed things up any.

    Besides, leg-breakers tend to be good at what they do by spending their free time breaking legs, not fiddling around with their iPhones.

    46:

    National security agencies are big customers of the big data miners, and the big data miners in turn are customers of the social networks. I think this is why the social networks are so big on traceable identities: the security agencies want that data.

    The social networking firms are subject to infiltration and manipulation by security agencies, as well as threats.

    The data the social networking firms gather can also be purchased by criminal and terrorist organizations.

    It seems we are all cypherpunks now.

    47:

    "I'm not sure how you make people care about things they should care about but don't, if anyone figures that one out, please let me know."

    Whack people with a stick, and suddenly, they will care much more about said stick. Painful, but it's the most efficient, alas.

    48:

    One think that occurred to me the other day, at least tangentially related: Most everyone is on a service that encourages you to list your entire educational history, often all the way back to elementary/primary school. At the same time, one of the most common (in)security questions pretty much every website in the world asks you to associate with your account, including secure ecommerce sites that people don't think twice about saving a credit card on, is "where did you attend elementary/primary school," "what was your high school mascot," or at least something like "who was your first grade teacher" (and since most schools are small enough to have only a handful of classrooms per year, if you know approximately when someone attended it becomes trivially easy to narrow that down to a one in three or four shot). I've always found that question ridiculous -- when you consider that even in our modern mobile culture the majority of people end up living in or near their childhood hometown, those are already pretty easy questions to divine the answer to. But I only recently linked this to the Facebook sharing problem -- I'm pretty sure there are a large number of people who have unwittingly answered a question on their public profile that could as easily read "My password recovery answer is:"

    49:

    Obsolete? No, not a chance.

    You need a lot of practice to do it well, even with the newer tools made possible by social networks.

    50:

    Actually, I think that's just the sort of high cognition low evidence thinking that they liked. Also, it matches some of my form room discussions, as does monitoring all network traffic and trying to be on the inside of any encrypted systems in existence. The cameras are just a plus, and were thought at the time to help with crime.

    51:

    Correction, I was misremembering statistics; it's not the majority that live near their hometown, at least in the US, but it is still a large percentage (about 40%).

    52:

    I think the comparison of a pickup app to the Rwandan genocide is a bit much. If mass killings, genocide, or suppression of dissidents is in the books for a society it's going to happen no matter what tools are, or are not, there. The vile monsters who perpetrate these crimes have not been slowed down by the lack of FB and Google in the past.

    You don't know that.

    53:

    THIS IS WHY ... Most serious especially "City-of-London" employers point-blank ban & dispbar their employees from having a Facebook page, AT ALL. If you then open one, it's the short walk to the door, right now.

    They prefer the up-market / "professional" version called: "LinkedIn" erm .....

    And yes, someone up-discussion mentioned store loyalty cards. Precisely.

    54:

    If mass killings, genocide, or suppression of dissidents is in the books for a society it's going to happen no matter what tools are, or are not, there.

    You might want to peruse Edwin Black's book IBM and the Holocaust. Better tools apparently allowed for more efficient exterminations. Caused, no. Useful factor, yes.

    55:

    I am interested in knowing how you would do data mining in order to figure out if a woman had an abortion?

    56:

    LinkedIn, of course, is run by employment agencies. It gathers exactly the kind of data about personal connections and employer policies that is valuable to those agencies.

    57:

    Of course the thing that we have direct and immediate evidence of is the roll social networking played in the Arab Spring...

    58:

    Hi Charlie,

    well that ruined my Saturday afternoon.

    Just some thoughts on some comments:

    Geeks … tend to be oblivious to privacy issues

    I would think CCC, Piraten(_Innen)partei, and others in Germany alone, as well as the German federal position on privacy, prove that opinion to be lacking credibility.

    If a bunch of neo-nazis want to beat the shit out of someone for being the wrong color…

    The recent case in Germany where neo-nazi groups were found to have extensive databases of left-wing politicians, anti-facist and queer activists, as well as the eviction of two neo-nazi's from this year's CCC (not to mention the nationalists in Russia) shows that right-wing groups are quite comfortable with using whatever technological means is around to their benefit. Characterising them as bone-headed thugs represents a grave lack in taking right-wing extremism seriously.

    Considering the recent Google 'Do not Track' subversion, this kind intentional breaching of privacy has already gone far beyond 'opt-in' or coherent social network platforms (i.e. logging into fb), and instead 'opt-in' is being interpreted by these companies as "using any network constitutes a de facto, explicit opt-in agreement".

    Given that the app is called 'Girls Around Me', and the obvious extreme discomfort all of the women in the article showed (especially coming in the midst of long-overdue discussions by men of the massive problem of sexual discrimination and harassment in tech), I think the commenters who are male and are dismissive of the serious threat even the idea this app represents to women and other marginalised groups, could do well with educating themselves with a bit of feminism. Previous posts by Charlie are a good place to start.

    59:

    "Of course the thing that we have direct and immediate evidence of is the roll social networking played in the Arab Spring..."

    ...with particular notice of the Syrian faux-youtube device and the Bahraini use of social networks against uprisers.

    60:

    I don't know. That's the worrying bit. But the fact that you can do data mining on facebook to, with a high degree of accuracy, predict whether someone is a closeted gay male or not? That's a clue that we can make inferences about aspects of a personal identity that aren't explicitly present in their social graph.

    This stuff isn't supernatural. I'm thinking in terms of direct or transitive links to family planning organizations, or to FB friends who are family planning advocates, along with a shortage of links to anti-abortion churches or groups, which when aggregated with retail purchase histories ("Ms X did not buy tampons this month or last, and now she's buying them at the wrong time of month, and she refilled her gas tank that afternoon in town Y, which is the only town with a PP clinic in this county, before making a payment to PP") can give rise to damning conclusions.

    61:

    Playing devil's advocate, while I don't disagree for a moment that this particular app is decidedly creepy, I think many people, myself included, would rather be the product than pay for it. For all that facebook encourages over-sharing, and makes money from it, it has also enabled me to re-establish contact with people who had drifted away over the years, and has made me more likely to get in touch in real life with people I might not otherwise have done. But in order to work effectively in this way, such a network almost certainly requires to be free to join. Most people wouldn't pay for a social-networking tool. If the price to be paid for having free access to a tool which I genuinely have found useful to me in my real life is that my privacy is compromised (and if this service couldn't be provided for free without this) I can live with that.

    Furthermore, the fact that to survive, these social networks have to attract and retain users, means that there is a limit to how nasty they can be with your data.

    But don't get me wrong - I'm all for people being aware of these issues, and this was an interesting article. I just think these tools also have a tremendous upside which would be lost if people were scared away from them - and that 'user as product' is probably the only way they will ever make commercial sense.

    62:

    " Centuries Old " doest exactly guarantee bright shinning star, Justice Are US, Law Enforcement of the

    " The Lawman came with the sun, There was a job to be done, And so they sent for the badge And the gun of the Lawman.

    And as he silently rode, Where evil violently flowed They knew he'd live or he'd die By the code of the Lawman. "

    http://www.tvrage.com/shows/id-4207

    " During the labor unrest of the late 19th century and early 20th century, businessmen hired the Pinkerton Agency to provide agents that would infiltrate unions, to supply guards to keep strikers and suspected unionists out of factories, and sometimes to recruit goon squads to intimidate workers. The best known such confrontation was the Homestead Strike of 1889, in which Pinkerton agents were called in to enforce the strikebreaking measures of Henry Clay Frick, acting on behalf of Andrew Carnegie, who was abroad; the ensuing conflicts between Pinkerton agents and striking workers led to several deaths on both sides. The Pinkertons were also used as guards in coal, iron, and lumber disputes in Illinois, Michigan, New York, and Pennsylvania, as well as the Great Railroad Strike of 1877. "

    http://en.wikipedia.org/wiki/Pinkerton_Government_Services,_Inc.

    Frankly, in the light of the present U.K. governments evident longing to Privatise the Cops ....

    http://www.guardian.co.uk/uk/2012/mar/02/police-privatisation-security-firms-crime

    The Pinkerton Agency - and its rivals in the Private Security Business Model- give me the cold horrors and more than a few of the U.Ks cops are chilled by it too.

    63:

    And also in the Occupy movement.

    Movements like Occupy and the Arab Spring seem to be the children of social networking technology. Like Patrick, I think that for many people the positives of social networking outweigh the negatives, despite the real and substantial negatives.

    64:

    No need for gay-bashers to write an app to find targets for them (if in fact they know how to write.) A gay dating service app will do the job just fine.

    65:

    Only for the folks who use gay dating apps. Which is a subset -- not a majority -- of the gay community.

    66:

    I see no upside in using Facebook, or any other social networking site, whatsoever. I guess that makes me "anti-social"...

    67:

    ...I see you defending unethical behaviour by feigning weary surprise that anyone could expect anything better. That attitude is part of the reason why we're in this mess; I think you need to take a hard look at your value system.

    What Charlie said. Love it.

    68:

    And it's kind of amazing what you can find on LinkedIn and job-hunting sites in the material relating to people who've worked on government projects.

    69:

    Note that a huge multinational detective and guard company like AB Securitas (which is very present in the UK already, go look a their Web site) is not in the business of wish-fulfillment for right wing politicians.

    They're in this for steady profits.

    And frankly, those UK police privatization schemes look risky. The politicians are hoping for a quick fix to lower their costs. As is too often the case serious companies are not interested in "filling" something cast off by the politicians.

    70:

    ... In a language not their own?

    Especially in the language not of their own. If I was in charge of the Iranian government PR agency I'd make sure I only have agents who are proficient in english and don't behave like fat trolls.

    71:

    When Osama bin Laden struck on 9/11, a friend called him "the first super-villain." This wasn't quite accurate, of course, but even a tiny bit of consideration will prove that the cost of being a super-villain is dropping rapidly. Consider how cheaply one can build a surveillance drone, for example, or the guy who built the automated squirrel squirter in his back yard. (The same tech could obviously build an automated person-shooter, right?)

    Obviously governments will respond to this in fairly predictable ways. John Robb has been talking about this stuff for years, and I suspect the trend was obvious well before 1997 to anyone dealing with hacking or technically oriented criminals.

    72:

    1 Foursquare doesn't do proxy checkins but Facebook does allow your friends to check you in; it doesn't affect the point but in case anyone nitpicks for detail rather than macro

    2 rich! those surveys about what people will give their password up for; the chocolate bar survey was followed by a Starbucks card survey; one of the respondents said 'I don't know my password, I'm phoning my secretary to ask her'. If you wanted to give a fake password, you wouldn't phone someone to get it.

    3 assuming everyone saw the story recently about Target profiling to catch pregnant women, finidng they were creeped out to get unrequested discounts for items of interest to pregnant women and rather than stopping sending out coupons they added barbecues and power drills so it didn't look so targetted.

    73:

    Since that article was written Facebook have been told about it (Foursquare - the other site's it was using - have ToSsed them off the network). Facebook are "Reviewing" it.

    74:

    Social network privacy issues are seemingly always looked at from one perspective. Why not consider both?

    Pretty much anything that helps people in some way can be used for good and bad things. Cars help people get around, yet stalkers can benefit from cars to get to their target's residence. Does anyone consider making cars illegal because of that?

    Knives can be used to chop vegetable or to attack people.

    Sure, people should be more educated on the consequences of their actions. Best way to think about Facebook is "everything I post/share/do is by default, and most likely completely public." If you don't want to share something, then don't share it, simple.

    About targeted advertising, am I the only one who isn't afraid of it? Why would I want to see random uninteresting ads, if instead I could see ads targeted for my preferences, likes or needs. I'm not afraid of ads that will make me buy stuff against my wishes. I really don't get what the big deal is...

    75:

    " They're in this for steady profits. " and those selfsame ' steady profits ' can be made from the UKs Political Establishments determination to complete Marget Thatchers Heroic Efforts to Privateer ..oops, ' privatise ' the UKs public services.

    http://diaryofabenefitscrounger.blogspot.co.uk/2012/03/scottish-gps-call-for-immediate-end-to.html

    Note ATOS ...

    http://www.guardian.co.uk/society/2011/may/31/renewed-concern-atos-medical-assessments

    ATOS has been making those ' Steady Profits ' for awhile now and looks likely to continue to do so for the foreseeable future. Unless the UKs present government confesses that it was Wrong and revokes its entire Business Model for shrinking the State and eroding the Welfare State ..... in a time of Opportune Austerity that may not occur again for the next half century ?

    Privatising the Cops is Merely a try on to see what the Plebs will stand for and a negotiating tactic when reducing the expectations of the UKs cops on contractual conditions of service for warranted officers. In the mean time Welfare Scroungers and Chavs will be denounced, as they have been for a decade or two now, and " Hard Working Family's " persuaded that this is only right and proper.

    In another mean Time ...and I mean MEAN time in England .. Scotland is Different ....

    http://diaryofabenefitscrounger.blogspot.co.uk/2012/03/scottish-gps-call-for-immediate-end-to.html

    76:

    It might have been a posting by a freelance supporter of the Iranian government. You do get them -- Back in the 80s the two Iraqi student groups in the UK were wont to whale on each other at demos. One side was anti-Saddam, the other was the Ba'ath Party in mufti, Sunni volunteers for the cause hoping to shinny up the greasy pole to a well-paid Party job back home.

    77:

    Write this book, please! As awful as all of this is, the ideas are fascinating and I'd LOVE to read a near future sci-fi story based around this idea.

    78:

    Well, we have laws to ban chopping people up with knives, or to criminalize drink-driving. Maybe we should take this as an indicator that the use and misuse of social networks is something for which legislated guidelines might be appropriate? Or at least ought to be discussed?

    (I have a gut feeling that "Girls Around Me" might actually be in breach of the Data Protection Act (1990) or at least of the various data protection guidelines issued by the commissioner, and is probably a violation of various EU privacy directives. But IANAL, and I haven't asked m'learned friends to chip in yet.)

    As for targeted advertising ... let's just say that I hate advertising in general, with very few and very specific exceptions, and leave it at that. Okay?

    79:

    So the obvious job for someone with creepy stalker-ish tendencies - or an obsessive fetish for photographing drunk women in short skirts - is to get a job in one of the data -aggregation companies that serve the advertisinginductry...

    Or just write a facebook-for-mobile app. Any damned app, 'find the nearest taxi', 'nearest bus-stop', rate-my-lipstick, whatever, and let it read all the things it's allowed to read off the users' iPhones.

    The mistake that the GirlsAroundMe developers made was allowing useless joes with no money to see the results. Selling the product to advertisers might be good - although that market's probably saturated - but there's very little to stop some stalker, or pervert, or sex offender from using the data for his own purposes.

    80:

    I'm not a programmer, but I've got a great idea for an App. It's to be called Squid Ink, and the idea is that, when someone checks you in to a locale, you use it to check yourself in to a bunch of randomly generated other locales, possibly using pictures pulled from Google.

    Programmers can add as much free, random, and obfuscating content as they wish.

    So long as the App is free.

    Is there an app out there like Squid Ink? Perhaps I an interest someone in creating it?

    81:

    That's an excellent analogy -- societies in which there are spell wars (there's one currently happening among the family of friend of Unnamed place for example) and apps.

    I'm another who doesn't have an fb, twit or other account of those natures.

    I'm looking into using other search engines than google, and dumped the blogger account because they now, as of April 1, force you to employ Chrome to use it, Chrome which pitches everything into google, including my gmail address book.

    Not that there isn't huge amounts of stuff to find out easily about me anyway, if anyone wanted to.

    The worst thing is the coercion. There are fewer and fewer sites in which you participate unless you come with fb and / or twit accounts. Ah well, when everyone is networked into those, me without them will be almost under the radar perhaps?

    82:

    @20 So Gattaca then for the DNA for Jobs.

    @24 From clued up friends who use Facebook when the do updates to the system it quite often resets peoples privacy settings to fully open, without warning the users so unless you check your settings regularly your left wide open. Also even if you delete your account it doesn't mean they will let it remain deleted the only way I know to kill your account where the will not bring it back is to draw a cartoon and label it Mohamed posting it up on your account.

    @74 But we do restrict Guns in most Countries because of the ease of misuse and some products do get banned for this reason. For example in New Zealand over a decade back a fire starting gel for use with wood fires and BBQ's was banned after three weeks on sale because of it's potential usefulness in arson.

    83:

    Am now even more glad I'm a Luddite compared to my friends given this new info.

    84:

    I think the comparison of a pickup app to the Rwandan genocide is a bit much.

    I don't. What about an app to show all Jews/Muslims/Nigerians/Old Etonians/Gays/Tories/Tamils/Trans/Trade Unionists/Bosniaks/Blacks (&c &c) in your immediate area?

    85:

    I once read this really really great science fiction novel which made this point as a very minor plot element (I wish the author had expanded upon it).

    Basically, people in public could set themselves to an "anonymous" mode so that others in public saw them as fuzzy clouds, or something like that.

    The binary nature of that impressed me (that author really understood information security issues, by the way -- it takes an awful lot to impress me in that area). I work with security policies (I did my Ph.D. dissertation in that area; not for use by amateurs!) and having something so simple, that people can understand, actually appeared amazingly rare to me. I felt totally delighted.

    Security policies do NOT compose well. 1+1=0 in many cases. But, of course, these systems evolved without security in mind, so, axiomatically (to a security geek like me) that makes the situation about as bad as it gets, because we have this view that you have to design security in from the beginning. Which almost never happens.

    We have a term for that. We call it "job security." :(

    --Steve

    86:

    This sort of thing only confirms that I'd like an alternative online identification that appears real enough to fool people but ultimately is not connected to me....

    87:

    Geeks (Engineers, scientists, programmers, whatever, see Big Bang Theory) tend to be oblivious to privacy issues.

    Nope. We're mostly rather clued up on that sort of thing. Its the marketers and PR people and advertisers who push the limits of privacy, and the people who fall for it most are those who know least about how the stuff works.

    The stuff some of my teens-and-early-twenties nieces and cousins put on FB is absurd.

    88:

    'Sounds like an opportunity for a clever coder to write up a "Stop Stalkers Around Me" app that simplifies and takes care of your FB and G+ privacy settings for you.'

    Your ideas are intriguing to me and I wish to subscribe to your newsletter. I think I've got the minimum visible on both (and I NEVER post photos), but FB always seems to be reshuffling things to make their users more vulnerable. And, having been in the pre-affordable Internet days stalked by someone who called 40+ times a day seven days a week, I am a bit sensitive on privacy questions.

    89:

    So where does the IP of the poster resolve back to? You have access to that.

    90:

    And what if Santorum, or Rodney had this tool ? (Or Sarkozy, as I should matter, living in France). Ther is a BIG urge to have a revolution and real democratic control over these things. If we don't do it now, it will be too late ...

    91:

    David L: The IP of that commenter (91.98.11.197) belongs to a dynamic IP pool from an ISP in Tehran.

    (Admittedly that's not conclusive; the same IP lookup services think I am somewhere in Newcastle or Durham.)

    92:

    Nope. We're mostly rather clued up on that sort of thing.

    Some are. Like many here. But from my experience being in this crowd since about 1970, most are not clued up as you say.

    93:

    Most IP lookups are very accurate as to country due to the way they are handed out by the IANA. But once inside a country they can move around. And if not geo-located by someone they tend to point to the headquarters of your ISP. Or an ISP who used to control it. I'm consistently listed as being 20 miles away from where I am as they tend to local me at the address of my ISP.

    You can start here and see what country any IP has been assigned to. And many times get it to the ISP. www.iana.org/numbers

    If it shows from a dynamic pool in a city in Iran, I'd bet it is from Iran for real.

    94:

    So far, after a quick scan, I'm wondering about the absence of any comments about an App named "BoysAroundMe" or "GuysAroundMe". Perhaps nothing like that is for sale because few girls/women would be expected to be interested, but I should think it would be temptingly cheap to make/modify from the extant one.

    95:

    Playing devils advocate for a moment, not on behalf of the social media corporations, which I find disturbingly manipulative, but the idea of a networked society where everyone is aware of the six degrees of separation connecting them to every stranger on the street... it can have its upsides.

    In the specific instance of this app, it's a perceived unbalance in power between the hypothetical predatory iphone geek and the women, but, much like people are starting to wise up to PUAs and their games this should just become another element of social interaction.

    96:

    As a counterpart of the neo-nazi YidsAroundMe, I propose the ultra-national-jewish GoysAroundMe app. Admittedly, there are going to be a lot of goys around in any place that is not Israel\New-York, but that just means a target-rich environment. 8-))))

    97:

    Could it be that there's some kind of deep-rooted sexism in the way everyday western life works? Surely not. After all, if that were the case, a man who spent all his time looking for sex with random women would be "a bit of a lad", while a woman who spent equivalent time expressing sexual interest in unknown men would be called something more negative, like "whore", or "slut".

    Oh, wait.

    98:

    I became wary of providing too much accurate info quite a number of years back, well before Facebook lumbered onto the scene. I had call to attempt to track down and find out as much information as I could on a particular individual, from just a name.

    When I had amassed info on his address, where he went to school, pics of his girlfriend, etc. - all from publicly accessible info - I became much more careful about my own data. It's just too damn easy to track back and make connections, even worse if you automate the techniques. Hence Facebook only ever got the bare minimum of information from me (same with Linkedin).

    Quick tip: Next time you have a job interview, get the names of the individuals on the panel. In 5 minutes you can have the hot button interests of each; and a leg up on getting them well disposed towards you.

    "Girls Around Me" is on the low end of the nefarious games you can potentially play. Once, with a friend in a drunken hour brainstormed what you could do if you were minded - and we outlined stuff that started getting really dark, enough to sober us up. Thing is, numbers like "60 million" are tractable today...

    99:

    A colleague of mine is involved in the Privacy Patterns project, which aims to promote "privacy by design." Some companies do think this is a good idea, though it clearly can be an uphill battle.

    100:

    FB is a successful marketing tool, not a community. It divides the users into market clusters, not groups with shared interests or values. These clusters are people likely to respond to advertising in a similar way.

    It is because the only remaining value is $. All the gods are dead except Mammon. And Zuck is his prophet.

    101:

    Well, that, and the fact that the existing app already has an option to search for men, or for both men and women.

    102:

    Remember those old sci-fi stories where the protagonist had amazing powers because he wasn't listed in the global databases?

    103:

    So far, after a quick scan, I'm wondering about the absence of any comments about an App named "BoysAroundMe" or "GuysAroundMe".

    This was a marketing failure, and a rather bone-headed one. If they'd called it Folks Around Me and let people set a few basic parameters they might be having less trouble right now. It would be trivial for the end user to choose options for Female and an age range, optionally leaving blank other search criteria - all of which would default to Everybody.

    It would have expanded their potential customer pool and made the app more flexible. For example, someone with no need to pick up women might be interested to know if other engineers were congregating at any nearby pubs. This ship may have sailed; I suspect any similar apps will be looked at suspiciously now.

    104:

    Thanks for that - hadn't heard the second survey one. Just followed the reporting on the first survey, and either drew the logical conclusion or read it on comp.risks...

    105:

    Of course, the data deluge that makes such apps possible also makes countermeasures much more convenient.

    It makes things easier for the "targets," by letting them do a fast Facebook check (or whatever) to find out who this person is ("so you know my friend Janet? Let me ask her about you"). I know a lot of ladies who do this now, and there's even a few message-passing systems (using text/photo messages and Facebook groups) that ask "does anyone know this guy? - he's hitting on me in Club XYZ." It flips the issue from "data stalking" to "distributed processing instant background checks."

    Since this sort of data publication also makes it easier for friends to find friends, it allows people to meet up with their close social groups more reliably, instead of being stuck at a bar all alone with nobody to help insulate them from Stalker Guy/Girl. The quoted article talks about how there would be several girls in one bar - and glosses over how those girls are probably all from the same social circle, and aren't too keen on letting Random New Guy cut Miss Available out of the pack without some effort.

    There's also the secondary effects - I know a few younger gents and ladies who cleaned up their acts a LOT after seeing what was said about them in social media. One buddy from work got Facebook, and part of his initial motive was "I have to grow up, because people were saying bad things about me that I really deserved, and this lets me keep an eye on my own reputation."

    106:

    Actually there's been an app for that for ages called Grindr - I think it was more consensual than this, designed by and for gay men to coordinate their hooking up in toilets, you had to have the app, be signed into it and tell it to announce your presence, in turn you could do a search of your local area for other people with the app on.

    Then there's the knockoffs like Maleforce - notably both of those last two apps were hacked into back in january this year (2012 for people from the future).

    Now there was nothing intrinsically stopping either of those two apps from being used by gaybashers to save them the effort involved with creepily hanging around toilets for potential cottaging prey, but it's still a slight facilitation of an activity that is already doable without the app.

    Where Girls Around Me adds in the creepiness along with the Faceboogle+ linkages is that you can actually use this app with very little extra effort to pick better victims - you want find a girl, well you can just look around, but if you want to find a girl who is also estranged from her family, has few friends or relationships that mean she won't be missed before someone discovers her body? There's now an app for that. The same goes the other way for gay bashers - why use Grindr to merely find a gay man to kill, when you can instead find an especially lonely and isolated gay man.

    On the other end, using the app to target not especially vulnerable but especially juicey targets, you can turn it into a "Kidnappable Foreigner Around You" app, for those politically or monetarily motivated kidnappers that are turning up more and more in the news, who can now target and assess potential ransom/theft bait according to monetary ability to pay up.

    And at the most extreme end, the mythical shady organ harvesters of ex-soviet Ruritania among you could probably cross link this with Fitocracy to identify the healthiest and juiciest of ad-hoc organ donors.

    It is for this reason that soon, all of us will have special names — names designed to cause social networks to resonate, not because we want to be found amid the turgid waves of the googleplex, but for the opposite reason; Because you know how you cancel out a wave? Pulse a carefully matched and apposite resonation back through the medium the wave is transmitted along.

    Death to Facebook! Long Live The New Flesh!

    108:

    Erich Mielke is kicking himself in his grave: "We wasted years building a network of informants that eventually added up to more than 2% of the population - and all that time, if we'd only known it, we could have had nearly 100% of the population spying on themselves and collating the information for us to use!"

    Of course over-sharing can be used in your favor as well - if you're female, just add to your profile that you're into collecting 1930's bottle tops and raising Panamanian jumping shrews, and watch the Facebook-stalkers out themselves as they oh-so-casually try to pick you up.

    109:

    My Name Is Legion by Roger Zelazny.

    110:

    The novel you're thinking of sounds like Philip K. Dick's "A Scanner Darkly" (?)

    111:

    Curious whether psychiatric diagnoses of "social anxiety" are rising because of the expectation that everyone should be socially available all the time.

    I don't do Facebook. I have a Facebook page that I update very rarely, and I don't respond to friending requests or notification emails. I have my privacy settings turned up to the max. I know this is probably rude, but I find more and more good reasons not to do Facebook.

    Maybe "social anxiety" is merely the proper functioning of your social immune system. You should be a bit anxious about letting perfect strangers into your life.

    I also work for an org in which social networking is not encouraged, for confidentiality reasons. It isn't forbidden outside of work, and the younger employees surely do FB at home, but no employees are allowed to contact clients through Facebook or other social media outside of work. Why take the chance, since everyone is 6 degree or less of separation from everyone else? (figurative ref, I'm aware the "six degrees" study has been questioned).

    112:
    Well at least Foursquare has apparently blocked location access to the App. But obviously this was done in response to the publicity and is probably specific rather than a general rule.

    Yeah, that does seem pretty dishonest.

    They claim that the app violates their policy by "aggregating information across venues", but isn't it kind of obvious that if you offer an API that lets you perform a search across a geographical area (I'm assuming that's what's going on here, rather than the app developers having a database dump of all locations people can check in to and doing the search on their end), people will use it to do exactly that, in order to find people?

    Seems to me that the real violation here was making Foursquare look bad, and that everything that this app did is still available for someone who would want to do the same thing with a better presentation.

    It'll be interesting to see if there is going to be any privacy-related legislation proposed as a result of this.

    113:

    Nonprofit social network which intends to respect privacy: Diaspora. See joindiaspora.org for more info. It's currently in alpha.

    114:

    Well, what a good guess! I actually cryptically referred to the beginning (first act?) of the novel "Glasshouse" by some author named "Stross." :)

    However, please don't feel bad: while writing the post, like you, I also realized that some of it could apply to "A Scanner Darkly." Except in Philip K. Dick's magnum opus of ultimate paranoia, only the police had the cloaking technology (I think -- it certainly didn't have ubiquitous use and the novel gave the impression that it had a prohibitive cost). Of course, it worked by zapping through real faces at lightning speed (presumably so people would subliminally not even note it in use), and not as a sort of cloud. But both had the same purpose: to anonymize the individual in public or the workplace.

    By the way, as an information security professional I found "Glasshouse" a masterpiece (and for other reasons as well). And Mr. Stross: thanks for the fun reference to "The Prisoner" in it, which really tickled me. Anyone who likes the topic of this thread should read both novels (I swear I don't get paid by Mr. Stross :) ).

    The point though (and I found this implicit in "Glasshouse" which might just map my world-view and not reflect the author's): you can look at mechanisms as much as you want (which seems the main topic of what most have posted here), and I certainly view security mechanisms (or lack of them) as very important. But you really have to start things off by thinking about security policy. And from the ground up: you must think about security policy before you actually start designing the non-security parts of the system (alas, that almost never happens). Worse, security policy has a very counter-intuitive aspect, not to mention the potential for astoundingly difficulty (often intractable and sometimes theoretically impossible, depending on the context). Even worse than that, we have to deal with what we call the "secure composition problem": taking two or more "secure" systems (however you want to define that) under different policies, and composing them (hooking them up together in simple ways). This often leads to disaster (hence my 1+1=0 analogy).

    For desert, some of us tend to take the view that the average person has the ability/training/time/etc. to think about this stuff. Because this allows us to blame them, when we should blame ourselves (I speak for the security "community" in general, and not specific individuals).

    Now look at Facebook and other social networking sites through that lens, and despair.

    --Steve

    115:

    And, while the IP address is technically dynamic, and might change, it's a lot easier all round if it doesn't change too quickly after a broadband connection is dropped.

    Dial-up modem systems usually didn't change the IP address of the ISP's modem, and the ways the telco routed connections connected you to a different modem every time. That doesn't happen with broadband. I'm on ADSL, and there is a specific black box connected to my phone line, all the time.

    A Swiss court has ruled that an IP address is protected by data protection laws, much as a private phone number is. British lawyers advise that companies should handle the IP addresses of customers with the assumption that it is protected by the Data Protection Act.

    116:

    You're absolutely right about the importance of understanding policy requirements and knowing what policies you need to support before designing mechanisms. This principle applies to almost every aspect of information technology; it's a lesson that got burned into my brain when learning about network protocols, and how choosing the wrong mechanism at one layer can break an upper layer's attempt to implement a policy there.

    I've sung the praises of Glasshouse before, but I do want to mention that one of the reasons I like it so much is how well the theme of "societal function viewed through the lens of network communication theory" is woven through the book, as well as the theme of "international agression seen as disease etiology in a communications substrate".

    117:

    My child's school has Scripture lessons once a week.

    For the convenience of the teachers, (when the time comes around for Scripture they go off to a different room) there's a list on the wall. It lists all the children by their religion.

    It is a totally innocent thing, but just to see a bunch of adorable little five-year-olds listed under headings: Muslim, Hindu, etc, REALLY gave me the creeps. There aren't any Jews in his school, but still, the very existence of a list like that made me think of the Nazis.

    118:
    I think the comparison of a pickup app to the Rwandan genocide is a bit much. If mass killings, genocide, or suppression of dissidents is in the books for a society it's going to happen no matter what tools are, or are not, there.

    In the Rwandan case, perhaps 300,000 Tutsi survived the genocide, out of an original number of 1 million in a total population of 7 million. I'm pretty sure that, had the Huttu officials who organized) the genocide (and there's no question but that it was organized) had a social network app to locate their victims, the survivors would have been much fewer in number.

    I believe that's a good reason to consider the privacy policies and use of information by social networks very carefully, and to be very aware of how they could be used by both governments and para-governmental organizations (religious groups, political parties, and organized crime among others).

    119:

    The presence of Muslims on the list makes me think of a number of incidents in the US and Europe over the last 20 years or so in which ordinary Muslims were targeted for violence, and either seriously injured or killed (and, as it happens, I'm Jewish). The point being that not one of the groups that might be mentioned in that list doesn't face potential danger from the public nature of such a list.

    120:
    The Pinkerton Agency - and its rivals in the Private Security Business Model- give me the cold horrors

    Me, too. And for the information of other readers, the Pinks long history of union-busting, worker intimidation, and right-wing political muscle work extended well beyond the end of the 19th century. They were the go-to thugs for the West Virginia mine owners who wanted to have union organizers beaten or disappeared in the 1930's to the 50's (and probably after that, although I don't have any eyewitness accounts from later than that).

    121:

    Alex, I don't think that anyone is saying you're a bad man, we're all to some degree a reflect of our environment, and all that jazz. But I do find that what you reflect there is a disturbing contemporary tendency to the "every man for himself" anti-ideology, aggravated by contempt for people who are not privacy or tech-savvy. The tendency of geeks to value personal research and improvement easily degenerates into social Darwinism of the worst kind.

    It is all the most ironic that we geeks are hardly an aristocracy: for all our technical merit, as a class, we tend to be the modern version of the proletariat, in service of our corporate and finance masters. And as a class, oh boy, do we rant about the 1%... By the standards of "those fools opting in Facebook deserved what they got", we deserve to be poor for the lack of foresight that prevented us from joining management schools.

    All this "Left-Hand Path" is seductive at first, but there's always somebody stronger or more clever than you out there, so you can't survive by making your way up the food chain on your own. And now, a weirdo selection of quotes to meditate upon (it's the 1st of April after all...): - "For every step that we take in the development of our occult powers, we must take a thousand steps on the path of sanctity." (Samael Aun Weor) - "Progress means nothing unless it is shared by all" (TGV advertisment)

    122:

    Chris @ 96 Excuse me but bollocks. If you think we're bad, have you tried errrr, Japanese society, or sub-Saharan Africa, or any society dominated by islam? It may be that we are not too good, but like democracy, have you seen the others?

    carl @ 99 I believe Charlie is giving a talk at Eastercon on this very theme .....

    Angus M @107 Yes, the Stasi's wet dream. Now, if in 2016, an ultra-right xtian takes the USSA over, the ease of revolt shown by Heinlein will NOT be possible. It will be a darker version of "The Handmaid's Tale" Yes, I said a darker version.

    Proposition Joe @ 116 NO It is not totally innocent Where is this place, and it needs stopping RIGHT NOW! How do you think the Nazis found it so easy to round up Jews in the Netherlands? And, "There is no such thing as a "muslim" or a "christian" child. Their PARENTS might be - but they are, hopefully as-yet-unbrainwashed CHILDREN. This is evil.

    As opposed to the TGV advert I lurve that.

    123:

    I've worked at Facebook for a while, and your claims are not totally accurate. In some sense, yes, we want users to share information. Some of that is because it allows us to make more money showing users ads, although that's not really the main reason. There hasn't been a single piece of user data we've asked for primarily for financial considerations. It's always a secondary concern. The real reason we ask for it is because we think it will make a better product.

    We are also very cognizant of relevant privacy issues. Many aspects of our privacy model have been changed because of employee discussion, always in the direction of more user control over their data. We are all users too, and we have the same issues about it.

    I find the argument that Facebook facilitates undesirable behavior extremely silly. Nothing that has happened since 2004 would even come close to the list of greatest atrocities in history. Violent crime is at or near its lowest levels ever in the developed world. After all, a serial rapist (not that there are all that many) doesn't need Facebook to find girls. It's not exactly a challenging group to locate.

    124:

    The Quantum Thief, by Hannu Rajaniemi? OGH recommended that a year or so back IIRC.

    125:

    Actually, that was rather good, but no, it's glasshouse, as he's admitted upstream.

    126:

    This problem would exist even if Facebook didn't.

    It's an emergent side-effect of the rise of social networking in general. FB is currently the most successful English-language social network and therefore gets a lot of stick for (a) the methods it employed to get there, and (b) simply because it's the biggest target. But the general problem is, as Steve Greenwald points out up-discussion, that we don't design in security from the outset, and that security policies that follow different architectures frequently cancel out when data can be aggregated across different social networks.

    I'm not sure that changing security policy in the direction of more user control over data is actually any kind of solution to this problem: most users are human beings, and human beings are not all intelligent, rational actors with perfect understanding of what they need to do to avoid unforeseen hazards (such as the consequences of adopting a given security policy on social network "A" if, at some future point, they als join social network "B").

    Finally, the argument nothing that has happened since 2004 would even come close to the list of greatest atrocities in history is idiotic because it's comparing a span of 8 years to the whole of recorded history -- roughly 5000 years. It's unlikely that any 0.15% sample of a given time series is going to contain a stand-out signal! So rather than relaxing into a false sense of security, I'd rather see some awareness that just because nothing bad has happened recently, it doesn't follow that disaster isn't potentially just around the corner.

    (TL:DR; This is the same miscalculation that the designers of the Fukushima reactor complex made wrt. tsunamis ...)

    127:

    @ 124 Problem with "Quamtum Thief" is trying to understand ANYTHING as to what is actually happening in said book. I bought it, read it, found parts fascinating. But I still haven't got a single clue as to what is actually supposed to be happening (rather ike some of the very late parts of "Accelerando" until OGH explained it to me, duh!

    128:

    Another one which I fear is not an April Fool:

    http://www.bbc.co.uk/news/uk-politics-17576745

    So it goes...

    129:

    Nope. We're mostly rather clued up on that sort of thing. Its the marketers and PR people and advertisers who push the limits of privacy, and the people who fall for it most are those who know least about how the stuff works.

    There is a strong desire to be oblivious to certain things. I've a friend and colleague who teaches ethics issues in social sciences (a compulsory first year course): of the students he has noticed that some, like nurses, are strongly interested in the subject, while others like business studies and economics majors really do not want to know about it. Not just dislike the course, but, it seems, treat it as hazardous to their career.

    130:

    One case that people might find interesting from a data protection/ privacy perspective is the "Household charge" that's being introduced in Ireland.

    This is a new tax (initially set at 100 Euro, but with expectations of 1000-2000 Euro next year) as a charge for local services; basically a council tax. (Local councils in Ireland are currently paid for mostly from the general taxation, eg. Income) There are various objections to it, mostly around it being an unfair flat charge, etc. , but it is also a proxy for protest against current austerity policies, as it is one measure that can be avoided, due to incompetence in administration.

    The tax is to be paid per household. Only we don't yet have a list of properties and householders in Ireland. Householders are being asked to register to pay the tax. As of yesterday (the deadline), just under half the population has yet to do so, making it the largest civil disobedience measure in the states history.

    Now, the relevant minister is fuming, and plans to get objectors via utility bills, only to run into problems with the Data Protection legislation. Which he considers a minor matter of legislation, to be fixed immenently. Not necessarily so.

    Basically, the DP legislation came in via EU treaty, not local choice. It was put there to handicap governments from doing things they didn't have popular support for (following certain unpleastnesses in recent European history). This case arguably is a good example.

    So is Data Protection is set to be a national issue? as the blog pointed to shows, if not carefully handled it may even lead to another referendum.

    131:

    Andy, the way that Facebook operates, and appears to make available user data, would be illegal in Europe.

    I've known other American corporations not even bother to try. Being better than them is hardly difficult, or admirable.

    The company you work for insists that we share a real-world identity, one that a stranger can search for, and use to combine the data Facebook reveals with the data that might be revealed by other companies.

    I wonder what Leo Brett, George Orwell, Bron Fane, Currer Bell, or John Hume Ross would have made of such a policy?

    132:

    OPT-IN 10 years ago, we had mails with many recipients and the subject line "what club tonight?" Or I'm going to show xyz, who's coming?" - no more, not being on facebook means for me not getting a lot of invitations and so on. (lot's of) people don't write e-mails anymore. So while FB is cerntainly opt-in as a whole, it's not always easy to not have opted-in.

    THE MOST CREEPY THING I EVER SAW ON A NAZI SITE - 10 years ago I think - was a link to "Jewish friend-finder - find jewish friends in you vicinity" Pre - facebook, so to speak, only members of said friend-finder site could be found by people looking for jewish friends or antisemite stalkers, now everyone on FB. I think that's the new thing (plus the tie-in with geo-location). Put another way round: pre-facebook, you had account separation by being forced to pursue different interests via different sites.

    I totally agree with charlie - FBs business model is the core of the problem. In my hacker utopia, everyone has one little server under her complete control for publishing information relevant to one public aspect ( Itsokaytobuymebeertonightheresmylocation.com ). Of course, in a hacker utopia everyone can be bothered to run their own servers.

    133:

    One of my nieces was being stalked by a creepy guy. She upped the privacy of her Facebook account, pruned her friends list, and so forth, but it was too late as the guy already knew the Facebook accounts of her social circle, so as long as one of them posted party pictures, or played one of those geotagging games, the guy could find her.

    It's not enough to protect yourself — your friends and acquaintances can make you vulnerable as well.

    134:

    The Rwandan genocide was, in fact, facilitated by new media technologies. Well, new in the context of Rwanda. Specifically, broadcast radio. And I suppose you could say the Church.

    The problem isn't that people wouldn't have been able to find Tutsis, it's that they wouldn't have been able to learn to hate them enough, and also that it would have been harder to find and howl down people on their side who dissented. The first step in genocide, after all, is to eliminate the people on your side who will stand out against it.

    Also, if you want a media-enabled failure of civil society, get Francis Maude to appear on TV and suggest filling up your car with petrol.

    135:

    Personally, I have never hidden my identity or personal info on the Net. Google, "dirk bruere" = 41,100 hits Google Groups "dirk bruere" = 184,000

    If you are worried about the govt reading your emails, use PGP. Soon, the most suspicious people will be those with no Net presence.

    136:

    "Also, if you want a media-enabled failure of civil society, get Francis Maude to appear on TV and suggest filling up your car with petrol."

    Just shows what a load of sheep most people really are.

    137:

    That's the thing, though - your niece needs to learn the counter-stalking strategies that are inherent in the current system, not just the old "hide and hope the jerk goes away" ones that used to sorta-but-not-really work in the 1970s. Open data and personal transparency is not a one-way street.

    If she has such a large circle of friends that they keep giving away her location, she needs to use those same social networks to let ALL of them know to look out for Mister Creepy.

    Back in the "old days," when people tended to live in the same city or neighborhood all of their lives, this sort of situation was usually handled by family members and friends. It's only the fragmented modern lifestyle that's made it easy for this sort of situation - you may have "friends," but only see them for a few hours a week, and they tend to come and go on a regular basis.

    By forging active and large electronic social networks, you get a lot of that safety net back. Even casual acquaintances will happily step in and help out when bad things happen.

    Ignoring and hiding from stalkers didn't work that well in the first place: the winning strategy has always been to make sure everyone knows who they are.

    138:

    Peter Kavanaugh @ 138 Dirk @ 135 Well, this is just the so-called "Civil Sevice" pushing the supposedly-elected Government again, isn't it? It is an almost-exact-replica of the shite that NuLieBour tried to pass on ID cards etc. I note that already some senior tories are saying they are agin it, so it will be interesting to see if it even makes it as far as the next Queen's Speech. After that, life gets intersting, because the "Lords" can gut it.

    139:

    Also, if you want a media-enabled failure of civil society, get Francis Maude to appear on TV and suggest filling up your car with petrol.

    I'm just back from fulling my fuel tank.

    I bought a new car last month (well, it's actually six years old, but new to me and newer than the 16-yo it replaced) and it is a diesel. For which I am very glad, because when I got to my local garage the forecourt was covered in signs saying PETROL SOLD OUT - ONLY DIESEL AVAILABLE. The trip computer now reads "780 miles to empty".

    As I'm driving to the Eastercon next week [with passengers], and it's 440 miles away, this is kind of a big deal for me -- thanks to David Cameron's insane hard-on for emulating his role model Thatcher by bashing a union[*], I'd have had to cancel eastercon if I still had the old vehicle (range: approximately 450 miles, give or take) and was facing a high probability of being unable to find fuel en route.

    But seriously, my fellow benighted islanders, WHAT THE FUCKING FUCK?!?

    [*] A union whose bashing is warranted because their members apparently want better on-the-job training and the enforcement of health and safety regulations on the handling, transport, and delivery of multi-ton quantities of inflammable and explosive liquids in built-up areas. I really am unable to see how Cameron and his idiot cronies expect to improve the commonweal by opposing this ...

    140:

    I'm a DBA (database admin bod).

    I was a contractor for 12 years, worked for banks, health, automotive industries, the MOD all over.

    The stories I could tell... (actually I think Charlie heard 1 or 2 at a con a while back).

    Every couple of years, just to check, I see what info I can get about some random bod on the interwebs (usually someone who has been bugging me in an MMO). I have 2 rules: no paying for data, no hacking - just publicly available stuff.

    This scares the crap out of me TBH.

    I know the sort of information I can get about pretty much anyone.

    I know the level of security implimented at most of those corporate enties collecting data.

    (I once had the CEO of one company tell me they didn't have to bother with the data protection act because they didn't hold personal data, just names and addresses. He just couldn't make the connection that names and addresses ARE personal information - and very personal indeed when they are held by a debt collection agency...........)

    I'm an IT professional and I lie to corporations, social networks and data collection agencies about pretty much everything.

    And I know I still have no privacy at all.

    It's getting to be a strange new world.

    Sincerely,

    Tabitha Orgabanga (Mrs.)

    141:

    Hey, maybe Cameron is a really progressive fella and he's trying to get the UK used to the idea of robot driven petrol lorries.

    But seriously, we just had Harper do this to us when he bashed the Canadian Union of Postal Workers. He even went farther in micro-managing the aftermath, forbidding overtime to get rid fast of the piles of undelivered mail that had grown during the work interruption.

    The important thing was to punish the workers, see to it that they didn't profit from overtime pay, no matter how much this insane policy would hurt individuals and small businesses waiting for the mail.

    Only positive spin to this is that now I can add "forecourt" to my list of quaint British motoring terms.

    142:

    "A union whose bashing is warranted because their members apparently want better on-the-job training and the enforcement of health and safety regulations"

    That's a good point - the government should immediately agree to increasing training and safety, while keeping wages and pension contributions absolutely stable and working conditions somewhat sane.

    That should solve things, right?

    143:

    That would solve things. Except another chunk of the problem is that the big fuel distributors have outsourced a lot of the delivery operations to contractors who have not only squeezed the drivers on H&S but are also squeezing them on wages. Keeping wages and pension conditions absolutely stable would be a win, from the union's point of view, at least compared to what's going on now.

    144:

    The problem isn't the "privacy model" of Facebook or even Foursquare (and Foursquare was the bigger issue behind Girls Around Me, not Facebook). The problem is how people use that privacy model.

    If you share where you are right now with anyone and everyone, that really isn't Foursquare's "problem". Yes, they gave you the ability, but you knowingly took it and ran with it. If you tell everyone your age, gender, where you went to school, and how much you love buttered popcorn, that's not Facebook's problem either.

    People were happily giving their SSN, bank account, and CC# to telephone callers for years before the Internet. People send money to so-called Nigerian princes who email them. People see a question and think they must answer it, no matter how personal the data.

    The problem isn't FaceBook. The problem isn't Foursquare. The problem isn't Apple (for allowing this app).

    The problem is educating the masses.

    If Facebook disappeared tomorrow -- If Foursquare had never existed -- The problem would still be here.

    145:

    A union whose bashing is warranted because their members apparently want better on-the-job training and the enforcement of health and safety regulations on the handling, transport, and delivery of multi-ton quantities of inflammable and explosive liquids in built-up areas.

    There is a cautionary tale for Cameron in US history. It concerns a group of Black soldiers during World War II who were not adequately trained in handling munitions. The end result was a very large explosion.

    146:

    And I'd argue that most people aren't aware of just how revealing data-mining can be

    It's also worth noting that most companies have a massively overinflated idea of how useful data-mining can be, but that's because the idea is sold to them by other companies that sell data-mining software.

    Not that relying on other's stupidity to keep you safe is a good idea.

    147:

    As I've related here before, I witnessed one example of what can happen if the transport for large quantities of high explosive is not properly maintained, inspected, and operated. Several thousand 250-pound bombs exploded as the result of an overheated brake bearing on a railroad car.

    148:

    Update on the app in question: ‘Girls Around Me’ Developer Defends App After Foursquare Dismissal in Wall Street Journal.

    No mention I can see of FourSquare or other social networks chaning privacy policies.

    149:

    I'm just finishing Kahneman's "Thinking, Fast and Slow" in which he points out that "framing effects" can skew all sorts of policy outcomes - if donating organs on death is an opt-in on drivers licenses, almost no one signs up; if the default is opt-out, almost everyone agrees.

    Educating the masses is a fine idea, but probably not very effective in changing the outcome. If Andy @123 works for FB, he could suggest that their default privacy setting be changed to no one instead of everybody. Report back here on the response you get Andy. I hope you just get ignored, and not fired.

    Since we're discussing social media, forcing cooperation by threats to one's reputation could have an impact. Autarch @148 reports that the "Girls" app has been withdrawn. Can we have an impact on FB and other media? I haven't been following what's happening on Google very closely, but re Charlies' comment @126 on aggregation across social media, I recently had gmail ask me if I wanted to import all my verizon correspondents! I've gone out of my way not to mix the accounts. How do you deal with this?

    Since some issues have to do with cell phones and location, another line to explore is what could be done to turn off GPS like heteromeles @80, or create a proxy that runs on the phone. That might protect Syrian/Iranian/Korean dissidents as well as girls on the town. But expect pushback from western intelligence/police. Tne NY Times today reports that even local police are buying tracking and taps from cell phone companies. http://www.nytimes.com/2012/04/01/us/police-tracking-of-cellphones-raises-privacy-fears.html?nl=todaysheadlines&emc=edit_th_20120401

    150:

    Having an app withdrawn on Apple is not as big a deal, given that most smartphones are now Android.

    151:

    iOS is still pretty much the single biggest platform due to fragmentation of Android (between vendors, form factors, and Android releases) and due to iOS customers buying more apps. More to the point, if it's the only platform you develop for, having your app shitcanned is a big deal.

    But this is a remarkably off-topic sub-thread so I'm going to kill it now. Okay?

    152:

    "The problem is educating the masses."

    Vicki, I 87.65% disagree with this. But I understand that this seems common-sensical, intuitively obvious, and a no-brainer (which makes it all the more unfortunate). (Oh, and do please realize that other 12.35% of agreement though.)

    VERY long story short (and if you want the long story I will happily give it): in the security community "educate the user" almost always translates to "blame the user" -- an unfortunately common mentality. Ala, "Oh, if only we didn't have those dumb users, we would live in an information security utopia" (not true any way you slice it, by the way).

    We (the security community) should blame ourselves.

    The only way to really solve the problems noted in this thread: change the organizational culture to foster security. Most consider that a very hard problem. I consider it feasible, so long as the impetus comes from the top-down.

    I won't hold my breath.

    To give just one example as to why educating users doesn't work, consider that horrible and nearly ubiquitous security mechanism, passwords. We have probably done more to educate users on passwords than any other topic. It hasn't worked. Why they hell would it work? Passwords stink as mechanisms ("Select a very hard to remember string, don't write it down, make it unique from the dozens/hundreds of other sites where you use passwords, and, oh yeah, change it often").

    I think passwords should work as the poster-child for failed user education. I don't blame the users at all for this. I blame the creators of the systems themselves.

    --Steve

    153:

    Strictly speaking, Pinkerton is more than one century old and less than two centuries old. Thus, "centuries old" isn't accurate.

    Then again, few American businesses are more than one century old.

    Interestingly, I was aware of Pinkerton agency doing guard work for gold shipments on trains, but wasn't aware of their other deeds in the mid- and late-1800s.

    154:

    "Oh, that's a great piece, Charlie, and deserves a wide audience." Seconded!

    155:

    Other wish it were an April fools joke include the news that the Tory government is wanting the security 'services' to be able to scan the phone records and online browsing and searching habits of the entire nation.
    What a brilliant idea. I'm sure they'll just easily quintuple the staff to sieve the data waterfall or maybe they'll use search algorithms which won't have any holes in them at all.

    156:

    well said!

    one thing struck me as being not quite correct, the phrase "if you're not paying for the product, you are the product."

    add to that: "Even if you are paying, you're probably still the product".

    157:

    Steven J. Greenwald said the "secure composition problem": taking two or more "secure" systems under different policies, and hooking them up together in simple ways.

    The local plod have recently discovered this. The combination of a tracking tool for international shipping and an API to let shipping companies track stuff through ports meant that smugglers could see when one of their containers was selected for extra attention and then whether it passed. If one failed they just abandoned it, making the whole "police wait to arrest whoever picks it up" not work.

    http://www.theage.com.au/it-pro/government-it/crime-syndicates-can-track-container-searches-20120328-1vyth.html

    158:

    Money Piero...people will care if it makes them money or they are going to lose it.

    Sad but true. I'm at the coal face of this with parents as a Cyber Safety Advocate. Trying to teach them firstly not to post private things on Facebook, then learn what Facebook is doing, and how to set the privacy settings so you have a fighting chance.

    It's really tough work. It's like a dirty secret, people don't want to know its bad for them. Like a drug that makes them feel so good, but don't tell me the downside. Some take their privacy seriously and do make changes, but its by far the minority. And usually only after someone in their family has had a bad experience, usually their child.

    Getting parents to show up to school arranged talks I give? Might as well tell them they are going to sit an algebra test....they just seriously don't want to know. Why because they know they will have to learn about it, discipline their kids over it and they don't want to, and because mostly they don't even know there's a danger or don't believe anything will happen to them. It's typical head in the sand stuff. "Oh it happened to those people over there...won't happen to us".

    This app, and the publicity it has gotten will be written off by most as something that will never happen to them or their kids. "wasn't it Russian or something?" And anyway didn't they shut the app down? good...all done and dusted.

    I'm dealing with denial and ignorance out there, and downright fury from some sections of the media, and IT who call me alarmist and a scare mongerer, and anyway what does a woman know about these things.

    A leading Australian Financial Review journalist called me an alarmist on twitter last week, because I'm trying to warn parents about putting pictures of their kids on Facebook. She said there's only a problem if you put the name of the child of the photograph....a journalist...what hope do we have. This morning she will no doubt be justifying her opinion, and telling all this app is a one off case, and anyway didn't target children... and means nothing.

    I notice that many folks that are holding seminars on how to use social media to make money, and are doing very well, and as a social media consultant, I occasionally think I should educate people in via that route, but honestly I believe they would walk out. It's the drug they love, and don't tell them anything bad about it.

    Yup I know privacy settings on Facebook is an oxymoron...but you can lock it up so that you can use it relatively safely and as we all know.... don't post anything you don't want misused on the internets...

    159:

    Even apart from evil intent by assorted corporations, the usual mechanism for controlling who sees what, the "access control list", is not usable by most people. Research we've been doing (see https://www.cs.columbia.edu/~smb/papers/fb-violations-sesoc.pdf we also have other, as yet unpublished results) shows this quite clearly: 100% of our subjects had at least one error in their permission settings.

    160:

    "'educate the user' almost always translates to "blame the user."" I'm a domain expert in a team of programmers, and can second Steven about computer folk in general. (also with backup stories)

    The bigger point though, is that none of us are as rational as we like to think. The rationalist "let the buyer beware" approach is 1.self delusional and 2.easily exploited. (I mentioned Kahneman above @149 as a really accessible guide to producing and correcting cognitive errors) Where the desire to associate and share kicks in, is one of the places where rational thinking is often ignored. There are lots of problems embedded in this thread (eg aggregating individually "secure" data elements) but "nudging" companies like FB to set default sharing to the minimum instead of the maximum is one place to start.

    161:

    Well said, think I'm about to toss it all in...

    162:

    Charlie:

    Great article. As you say, FB and Google are both data aggregators in the marketing business. They need information, by whatever means.

    But what happens when FB and/or Google get into bed with ChoicePoint or Axxiom? ChoicePoint and Axxiom are also data aggregators, and the public has ABSOLUTELY NO IDEA what data they possess, nor even whether that data is correct.

    This idea that data aggregation is "just a business" - like building cars or running a bank - is simple-minded and dangerous. It won't happen, but all of these businesses need independent regulation.

    mbg

    163:

    Well, I showed this to the wife last night (she's an enthusiastic FB user, with a 13-year-old daughter much the same, only stupider - and I won't touch anything even remotely like social networking in any form for any reason), and right on cue she stopped reading part way through, completely mis-understood the entire point, and pooh-poohed the whole thing.

    Now, my wife isn't an idiot (she did in fact later on search herself, and discover an old myspace account that she had thought was closed down but in fact was still active and almost entirely open); but when it comes to social networking she just has this huge, and quite obviously wilful, blind spot. And this is with me (who works in and knows a bit about IT) giving real examples of the horrors that happen.

    So, imagine how hard it is for the average person who sees a computer (or phone) as just a box with lights to comprehend this stuff.

    I think that people have a built-in limit to what they can understand, imagine, and deal with. Beyond that, and without some serious effort, when getting into real complexity they just can't cope with, or see the relevance to them of, things that are non-obvious, or emergent. And most people don't have the capacity, for any number of reasons, for that serious effort. Complexity is just beyond the average person.

    Now, the real question is this - are those who feed off this human limitation doing so deliberately or not?

    164:

    In 61: "Furthermore, the fact that to survive, these social networks have to attract and retain users, means that there is a limit to how nasty they can be with your data."

    I think the network effects have defanged that contraint on Facebook, in particular. The value to users that this social networking site provides, is greater than the costs that continual privacy SNAFUs impose. Therefore, Facebook (perhaps not so much the other social networks) can now operate with near-impunity. Back in, say, 2006, about the time I opted in (I have since opted out), they were not yet in this powerful position. You can see echoes of this power during these privacy-related brouhahas: people get upset at FB and organize "against" the social network, but what venue do they choose? That's right, they start a Facebook page about it.

    165:

    @148 reports that the "Girls" app has been withdrawn. Can we have an impact on FB and other media?

    --

    There are tens of thousands of horny frat boys who WANT an app like that. I give it a few weeks before someone cobbles up a replacement, which will also highlight nearby nightclubs and drinking establishments, indexed by cover charge and drink prices... and you could implement it on Android, or by purchasing a block of single-use tokens to a web site, bypassing the whole "store" thing.

    166:

    I choose to believe that he was being sarcastic, brave and very funny.

    But I don't know the Persian sense of humour, so really I have no way to tell his intention.

    167:

    I'm sure others will have pointed this out. Cameron is doing this either because he needs to be St Meg of Grantham or because he needs to show his handlers that he is trying to be her.

    Unfortunately for Dave, Len is no Arthur.

    I hope that's cryptic enough for our foreign readers: my spell checker is doing Bad Things to surnames.

    168:

    Trying again. (my previous comment got eaten, for no reason I can see)

    Charlie, I hate to suggest it, but is it worth waving a flag, by posing a separate article here, over this ghastly proposal by the Civil Service erm current government to effectively re-intoduce all of the previous lots' snooping, caching of e-mails, logging data etc? I'm quite deliberately NOT including a link in this post, btw.

    IF it passes both Houses, which I don't think it will, since the stink is already very loud, (if you see what I mean) then how does one evade the snooping? I'm told "proxy servers" and PGP" are the way to go, but are these easy and cheap to implement, for the average domestic user?

    169:

    Bad news, guys - a surveillance state doesn't necessarly need any hi-tech systems to function "authoritatively", as this article by a colleague of mine indicates:

    Low-tech Surveillance and the Despotic State in Eritrea

    by David Bozzini

    Postdoctoral Researcher, African Studies Centre, University of Leiden, The Netherlands.

    Abstract

    Eritrea is one of the world’s newest countries and, proportionally to its population, one of the most militarised. Inheriting a socioeconomic situation devastated by 30 years of guerrilla warfare, the current government organised reconstruction efforts around the “Warsay Ykäạlo Development Campaign” including National Service conscription. Over the past decade, the Eritrean state has developed techniques of surveillance of conscripts through the production and distribution of documents (IDs, laissez-passer) thatmust be presented at hundreds of checkpoints deployed throughout the national territory. Since the duration of National Service has been extended to an unlimited period of time, these surveillance mechanisms have mainly focused on cracking down, identifying and preventing defection. Despite important limitations to its surveillance of conscripts, the Eritrean state successfully keep hundreds of thousand of conscripts working in the National Service for many years. I argue that the surveillance apparatus itself, in both its bureaucratic and its military formulations contributes almost on a daily basis to (re)producing various uncertainties, fears, beliefs and expectations that are the core of relative coercion in the National Service. Moreover, bureaucratic procedures and police interventions contribute to the perpetuation and actualisation of a despotic modality of governance, inducing in conscripts the perception of the existence of a highly authoritarian police state that is effectively omniscient despite their experiences of the low-tech surveillance.

    Keywords: Eritrea; conscription; suspicion; checkpoints; police state; despotism; complicity

    http://asmarino.com/articles/1315-low-tech-surveillance-and-the-despotic-state-in-eritrea

    170:

    Bad news, guys - a surveillance state doesn't necessarly need any hi-tech systems to function "authoritatively", as this article by a colleague of mine indicates:

    This isn't news, to anyone who's read "IBM and the Holocaust" (or a myriad of other sources on how authoritarian regimes have historically functioned -- the East German system probably represented the apotheosis of the pre-computerization model surveillance state).

    What's new is the ability to use cog. psych. techniques to co-opt our natural urge to socialize in order to populate large databases which can be put to this kind of application. What's new is the ability to automate the process, without needing a visible percentage of a nation's population working as informers or clerks. What's new is the ability of non-state actors (such as Google or Facebook) to build such systems.

    And we certainly don't know where it's all going to end. (Hint: what happens when we add face recognition based on uploaded photographs to the mix? Forget FB users manually tagging their friends as being in photographs -- what happens when FB's server farm can automatically identify people in the background of untagged photographs? Say, of crowds at Occupy demonstrations? Or in Tahrir Square?)

    171:

    I find it interesting that the original article (and most of the discussion) focuses on privacy as security, the Orwellian model of big secrets that need to be protected.

    In reality, the situation is much more a problem of aggregation and integrity of context; much closer to the Kafkaesque model (as in The Trial) in which separate, individually not particularly secret or even sensitive pieces of information are shorn of context, aggregated and then used to draw totally opaque, possibly quite problematic conclusions.

    After all, a photo of someone a public beach is not in itself private — it was taken in a public place! It's only when taken out of the "summer holiday" context that it becomes at all problematic. Similarly for the other information; none of it is in itself sensitive, it's the proposed use that's problematic (or, as xkcd #300 put it, "mildly sleazy").

    Of course, aggregation and integrity of context are quite different problems to security of secrets, and ones that the FB privacy controls ignore altogether.

    172:

    One thing that needs to be pointed out.

    You actually stand to gain a lot from other people using your data in an ethical and appropriate way.

    I realize this may be akin to admitting recreational puppy burning for some people here. But I'm currently trying to get work in the SEO field.

    And I'm wanting to do that in as ethical a way as possible, without spamming the internet full of links (on an unrelated note, go check out my website :-p), or using dodgy fake link building.

    The way to do that is to produce good content and then help the people that actually want that content, find that content. This is a process that drives everything that's cool about the internet.

    Right now I feel that search is sick (and poor quality black hat SEO is absolutely part of that), the current link-focused search algorithm model is the source of the problem, and I'm becoming more and more convinced that user focused, personal info driven search is the solution.

    That's what I feel Google is aiming at with its new privacy policy, that's why I think AI driven search is about to turn search on its head, which could very easily be a good thing for everyone.

    The reason it probably won't be a good thing is that, as always, the unethical shitheads have an inherent advantage. This is an area that needs regulation, and a lot of people in industry will happily admit that.

    The reason that the ethical parts of the industry aren't asking for regulation, is that the regulation needs to be by people that know what the fuck they are doing, and here we get back to the usual problem.

    173:

    What's also new is the speed with which correlations can be discovered in very large datasets. When everything is on paper and must be analyzed by human beings the security apparatus runs behind, sometimes far behind, the actions of the people being surveilled, as long as they're careful not to do anything that by itself will set off alarms. With computer analysis of automatically gathered information, correlation and recognition of complex combinations of events can occur in close to real time. The effect of true positives in recognizing disloyal behavior is troublesome in that the operators of the systems can maintain a very oppressive regime in large societies using a small number of agents. The effect of false positives is that even in relatively liberal regimes those systems have a chilling effect on free speech and dissent. In both cases the effect is to create a public image of the security apparatus as nearly omniscient and impossible to overthrow, and this can be done even without installing a universal panopticon based on video cameras.

    What will also be new, when they get around to realizing it, is that given sufficient computing power and savvy enough programmers1 these systems can be used for prediction of future behavior; we don't need no stinkin' precogs to create a Minority Report world.

  • I'm hoping that programming and software development management will a weakness that keeps such systems from being built or at least from working usefully. The fate of the FBI's Data Integration and Visualization System (DIVS) over the next year or two, as it gets used by a large percentage of non-early-adopters and is used in more and more real cases will test that hope.
  • 174:

    If you demand privacy regulations, the govt will be only too happy to oblige. Be careful what you wish for.

    175:

    Hmm, I think you're mostly right, broadly speaking.

    Underlying the whole debate, however, are some unquestioned assumptions. These include:

    a) Advertising is socially neutral or good (rather than malignant)

    b) Funding content provision on the internet by selling advertising eyeballs is therefore acceptable

    c) Most people just want to consume content the way they used to consume TV or movies, and it's socially acceptable to orient the internet around this model (call it the broadcasting fallacy)

    d) We can be trusted; it's Big Government/Big Corporations/Foreign Governments/Weird Religious Nutters/Those crazy guys with the opposite politics to me who can't be trusted.

    Reality check: all advertising tends towards the status of spam (which is merely free-as-in-dirt-cheap and unregulated advertising), funding content via ad sales makes our public arts a hostage to a boom/bust bubble economy, the idea that "most people only want to consume" is profoundly enabling for abusive "producers" who tend towards the state of rent-seeking (see the MPAA for a worked example), and nobody can be trusted.

    176:

    What is the best tool that I can use to check my social network privacy settings, and those of friends and family? I need:

    (a) it should list potential security problems in a way that can be understood by anyone (b) the points in this list should link to instructions that tell you exactly what to do to fix the problem, in words of one sylable, including all the steps involved.

    177:

    Taking your points

    A) Individual cases in advertising can absolutely be good. The ideal situation for any marketer involves taking a product and bringing it to the attention of someone who will genuinely benefit from it.

    The problem is that marketers do not get to pick clients, who may not actually have a product that many others will benefit from, and in that case the marketer has to weigh their actions against their ethical duty to a client, and a more practical need to remain employed.

    For example -

    I have a website. It’s a site that I have spent a considerable amount of work on, that is intended to help other people, and which I receive no income from. The absolute worst possible outcome from my promotion of the site to some else is that I have wasted someone’s time, and I hope that’s not the case because I’d be wasting my time too.

    If I don’t spend time promoting the site, then it might be the best site in the world, but as the internet works now then no would come and look at it, and no one could possibly benefit at all. How exactly is that unerringly immoral?

    If I was recouping my costs, and I was outsourcing that work to someone with the relevant skills, then how does that inevitably change the picture?

    Sure, you could argue that the marketer has a duty not to take on crappy clients, but that kinda ignores that they might not have a choice if they want to stay in business.

    It’s a weird thing, but as someone who takes morality seriously I actually like marketing because there is an inherent clarity to it. In my experience you can’t get away from crappy ethical situations in the workplace, but in marketing you are implicitly declaring your affiliation. You watch a TV ad and it should be absolutely clear to you that the guy who made that ad is being paid to do it by the guy that makes the deodorant :-p

    b) Funding through advertising is preferable to no funding. I think kickstarter is awesome, I don't think it's going to pay for the whole internet any time soon.

    c) I don't think this is the kind of thing that you get a choice about, you have to work in the environment you are in. I’d love to see it change.

    d) Well yeah, you have to be able to trust your government, but I think we can over obsess about trusting prospective legislators, because it's irrelevant.

    The problem with a lot of slippery slope arguments, is that the ability of bad people to do bad things is seldom limited by the previous legislative framework, “When they came for X I didn’t speak up” is that it ignores that once they start rounding people up, it’s usually too late, you speak up, you go too. And this happens because too many other people in your society are OK with that.

    I've work very briefly at the UK border agency, and I've had opportunities to see the wider civil service at work. I’d certainly worry about their competence in a given situation (especially when computers are involved) I also don’t doubt that, right now, they are genuinely trying to make decisions in the interests of the people that they serve, and getting a lot of stick for good decisions that sound bad when distilled to two column inches. If that changes, we have bigger problems than the laws they created before things go rotten.

    I realize that not everyone here is likely to feel that they can still trust their government to at least try and do the right thing, but if that’s the case they need to worry about changing that first, while they can still vote.

    178:

    Already being done; there's a Facebook "suggest friends" feature that will auto-tag people according to facial recognition results. It needs a human to approve the tags currently - which has the nice side effect of giving feedback to improve the recognizer. There's a setting to prevent suggestions being given, but no setting preventing one's photos being run through the facial recognition software.

    179:

    I've a friend and colleague who teaches ethics issues in social sciences (a compulsory first year course): of the students he has noticed that some, like nurses, are strongly interested in the subject, while others like business studies and economics majors really do not want to know about it. Not just dislike the course, but, it seems, treat it as hazardous to their career.

    Where I work there is a department that is essentially concerned with raising money from generous people and getting on the right side of big business. There is another one that tries to recruit new students by advertising. Quite often they propose doing things that the IT department sees as essentially spam, or as an abuse of privacy. There really have been conversations that go like: "we want to sent this ad to all our ex students still under the age of 50 and to every one of the half million people we have email addresses for on this CD we bought from some company in Florida" IT department: "No, we can't do that, this isn't what we keep our student data for, and we don't know who the other people are". Marketing department: "What do you mean "can't"? There is a bloke in Manchester who will do it for us for less than a grand!" (I exagerrate, but only slightly)

    180:

    After all, a serial rapist (not that there are all that many) doesn't need Facebook to find girls. It's not exactly a challenging group to locate.

    Is it just me, or is this easily the scariest thing anyone has written on this thread? And for about half a dozen reasons?

    181:

    Someone needs to develop a Creeps Around Me app, showing you who around you has recently used Girls Around Me, or to look up the FB profile of the guy who just bought you a drink.

    182:

    Don't think you're talking about 'The Quantum Thief' by Hannu Rajaniemi (with recommendation from OGH on the front cover) but that book does go into a bit of detail about how the whole thing might work.

    183:

    Well FWIW. I took it on face value. That is, someone with such malevolent intentions doesn't need an ap to locate potential victims.

    But it's nonsense to say an app like this won't aid the generally creepy and or predatory individuals of society.

    184:

    Well the former must be technically possible. The developpers could somewhat unscrupulously charge for premium version, that shows you profiles and locale of other users who've recently activated that app in your vercinity.

    And the latter, depends how good face recognition gets...

    185:

    Advertising? Hmmm. Someone who worked as a copy-writer, before she became a successful full-time novelist, Dorothy L. Sayers. defined advertising as: "Telling plausible lies in public for money" (From "Murder must Advertise")

    186:

    After I posted my last comment I thought about it for awhile, and realized that it's based on my concern over the last couple of decades about misuse of government and large corporate databases. And then I realized that I've been missing an important change in the landscape as regards (ab)use of large datasets.

    In the era of Google, Facebook, and other data aggregators who provide public APIs to their data, it's no longer true that only large organizations have access to large datasets. Now everybody has access, and the only thing limiting their use is their ability to write clever apps that mine and correlate that data. It's down to individuals now to use the data, which is available essentially for free. Where previously the users of the data were constrained by cost and development time and by the rigidity of the programs that massaged the data, now the data is available as soon as it is stored, and developing an app to extract useful (or for that matter, useless) deductions from the data is a matter of hours or days. This changes the nature of the threat considerably.

    I would argue that the threat of data abuse is now at the level that Charlie described for the proliferation of nukes in Iron Sunrise, available to any individual with moderate amounts of cash and determination, as opposed to the requirement for billions of dollars to obtain the fissile material and develop the triggering devices required today.

    187:

    What happens after someone writes "Agents of the State Around Me"?

    188:

    There seems to be another implicit assumption at work here - that advertising actually works when used as directed.

    Is this really true? And if so, is the trend towards or away from being very effective?

    I can speak only as one data point, but unlike those trillions of nebbishes embedded in FB, I must be incredibly resistant to advertising. Or maybe that's just what I'm supposed to think . . . at any rate, I can't think of anything I've bought in at least the last five years based solely an unsolicited advertisement. Is anyone here that much different in their buying patterns?

    189:

    Steve,

    The link you gave to your paper didn't work. Could you check it for us?

    For those of you that don't know: you should consider Steve Bellovin one of the top researchers (and certainly one of the most respected) in the field of computer/information/cyber/whatever-we-call-it-at-the-moment security. You should listen to him.

    Steve, while I haven't read your paper yet, the results you mentioned do not surprise me. Access control lists have an administrative benefit in terms of time-savings (for the people that think they know how to use them) but otherwise complicate things (as opposed to, say, capabilities based systems). So why would we expect ordinary users to know how to use them properly? I don't even want to get into the issue of heterogeneously administered domains.

    --Steve

    190:

    Charlie Stross wrote:

    "Bad news, guys - a surveillance state doesn't necessarly need any hi-tech systems to function "authoritatively", as this article by a colleague of mine indicates:

    "This isn't news, to anyone who's read 'IBM and the Holocaust' (or a myriad of other sources on how authoritarian regimes have historically functioned -- the East German system probably represented the apotheosis of the pre-computerization model surveillance state)."

    The seminal paper on this: ACM's Annals of the History of Computing, titled, "Tabulating the Victim" which details how Nazi Germany used punch card systems to do astonishingly evil things.

    I feel quite shocked that some people think a police state needs computers. I guess I show my age, but even so, perception of state power among the victims works as the most important factor for compliance in a police state (go watch the hysterically funny movie, "Juan of the Dead" to see a fictional example of this in present day Cuba where people still use typewriters and dial telephones). And so many people feel so willing to substitute "Evil Corporation X" for "police state" that is scares me (I don't believe in a conspiracy, but if I ran a police state I'd positively love that because it would make my job so much easier).

    Look at what Eichmann created in a zealously amoral bureaucratic fit of genius. We can't even consider him an anti-Semite because he certainly did not care about that. He just wanted to make the system (any system!) more efficient! Does that sound familiar? And we have so many of those types around. Why do we literally create systems that faciliate these morally crippled bureaucratic OCD suffers and allows them to run riot?

    I argue that we have failed to take into account the social consequences of our systems. Most people in the security field don't even consider that a part of the system and I have heard the most incredible set of rationalizations you can imagine. Astonishing, given the evidence and history of our field. No, we don't act rationally, but why did you think we would?

    So, having given up on the existing systems, I instead worry about the systems to come. Why don't we have strong incentives to try to get it right while we have the chance? During the last, oh, 50 years we have lost so many opportunities. So how come we don't have a culture that values security & privacy to such an extent that the next great invention/idea/system that emerges into influential viability and transforms the world will automatically get designed from the ground up with security & privacy in mind? Why don't we have a cultural bias towards security & privacy? Does that have no survival value? Does some evil conspiracy exist (I don't believe that for a second)? Do weird emergent system effects take hold? Et cetera.

    So these systems devolve and we sort of blunder along, and horrible things happen at an accelerating pace. So far, the human race has survived, but with horribly severe consequences. So why don't we learn and change, from a strictly cultural survival standpoint perspective (not some mythical "rational actor")?

    --Steve

    191:

    I don't believe there is any quantitative evidence that advertising works well enough to justify the enormous amounts of money spent on it. Certainly advertisers haven't produced any convincing numbers, and when they address the issue they usually just make unsubstantiated claims or look knowingly at the questioner and go "Booga Booga, we can control your mind with our deep psychological understanding of your innermost desires." But having convinced several generations of corporate executives that advertising is both all powerful and absolutely essential, everyone working in the industries that use or create advertising must support that zeitgeist or they will be considered incompetent and lose their jobs.

    192:

    For what value of "unsolicited advert"? If I buy a magazine relating to $hobby, does that mean that any adverts for $hobby products that it's carrying are solicited?

    193:

    Oh come on, everyone. The "Modern" police state was invented, needless to say, by a christian theocrat, Jean Calvin. Consider this quote: In Geneva, however, in accordance with Calvin’s religious philosophy, every human being was primarily and perpetually inclined to evil rather than to good, was a priori suspect as a sinner, so everyone must put up with supervision. After Calvin’s return to Geneva, it was as if the doors of the houses had suddenly been thrown open and as if the walls had been transformed into glass. From moment to moment, by day and by night, there might come a knocking at the entry, and a number of the “spiritual police” announce a “visitation” without the concerned citizen’s being able to offer resistance.

    Describes it perfectly, does it not?

    194:

    Sounds like advertising is working fine for the advertising industry, then.

    What is advertising if not "convinc[ing] several generations of corporate executives that advertising is [...] absolutely essential" ?

    195:

    unlike those trillions of nebbishes embedded in FB, I must be incredibly resistant to advertising. Or maybe that's just what I'm supposed to think . . .

    Speak for yourself; you're participating here, aren't you?

    And as I've said before, this blog is an advert for my writing.

    (Mind you, I should maybe equivocate a little on that point. I tend to be voluble and communicative and need an outlet for pub debate that isn't a pub, less my live explode; knowing that my blog is a legitimate marketing activity allows me to guiltlessly natter away on it during working hours. So who's the mug here ...?)

    196:

    I'd say that this is more of a marketting activity than an actual advert. Compare it with, say, Jasper Fforde's website if you want an example of a site that's primarily an advert IMO.

    197:

    a) Steven Bellovin's link includes a trailing semicolon; remove that and you're sorted. [[ Moderator: link now repaired ]] b) Several nails, head, etc. I've contended elsewhere that we need to start thinking of the second-order effects of what we build - hell, thinking of the non-sought for first order effects would be an improvement. To my interested-amateur eyes there's some interesting work in security economics being done by Ross Anderson and co. in Cambridge, which should be more widely known (also, the Security & Human Behaviour Conference he and Schneier are involved in).

    198:

    Linking to the blog of that research group might have been sensible...

    199:

    "Note that a huge multinational detective and guard company like AB Securitas (which is very present in the UK already, go look a their Web site) is not in the business of wish-fulfillment for right wing politicians.

    They're in this for steady profits."

    Yes, it's not like the military-industrial complex has piles and piles of money :)

    200:

    After all, a serial rapist (not that there are all that many) doesn't need Facebook to find girls. It's not exactly a challenging group to locate.

    Why make the rapist's or the stalker's work easier?

    201:

    Charlie @78: "(I have a gut feeling that "Girls Around Me" might actually be in breach of the Data Protection Act (1990) or at least of the various data protection guidelines issued by the commissioner, and is probably a violation of various EU privacy directives"

    The information the app uses was voluntarily provided by its owners and posted on a public site, specifically for the purpose of making that information available to anyone who wanted to make use of it... and in particular, for the purpose of identifying and locating people based on that information.

    Any privacy regulations that would put a crimp on that might have some unintended consequences for... say, places like this weblog.

    202:
    Any privacy regulations that would put a crimp on that might have some unintended consequences for... say, places like this weblog.

    That depends, of course, on whether said regulations take a simplistic "public/private dichotomy" view of privacy or whether they use something more sophisticated like "integrity of context". Because the app certainly violates the latter even while it strictly obeys the former — while this blog honours both.

    Putting people's public photos in a context where the article quotes a reasonable person asking whether they're prostitutes certainly fails to preserve integrity of the original context.

    203:

    By what definition of "reasonable"? I'm quite certain that people other than ladies of negotiable affections post pictures of themselves in their FriendFace public profiles.

    204:

    Yeah, but it wasn't the FriendFace public profile that elicited the question about prostitutes — it was specifically the app. To quote the article:

    “Wait… what? Are these girls prostitutes?” one of my friends asked, which given the Matrix-like silhouettes posing on the splash screen was a pretty good question.

    The problem lies in the fact that the app takes various pieces of public, not particularly sensitive data, takes them out of context, aggregates them, then places them in an entirely different, almost comically tacky and sleazy context. It frames the people it finds as "girls" (it's right there in the app name) and as sex objects.

    (As for "reasonable person", I believe that's already a term of art in the legal arena, so we don't have to worry about that. Or, at least, not specifically for this.)

    205:

    See, I wouldn't necessarily make the base assumption that "a friend of a journalist who is writing a disapproving piece" qualifies as "a reasonable person", and certainly not if they're making a judgement about the information content of a piece of software from its splash screen.

    I'm not defending the app writers, but I am questioning the piece you're quoting as a source of informed and evenhanded writing.

    206:

    Take a look at what the reasonable person was seeing: image here. Without context, what would your assumption be?

    207:

    But I do have context; I know that my friend is a journalist, and is therefore likely to be trying to provoke a reaction from me.

    208:

    I take it that people here don't actually have or use Foursquare, which is the source of the location data.

    With a series of taps, I was able to locate a bar 2 miles from my house, where one Kristen has checked in on Foursquare. Without leaving the app (or making any unauthorized API calls) I was able to browse her Facebook page, see that her hobbies include drinking, meeting new people, and reading, and then discover that, alas, she doesn't seem to read science fiction. Though she does like Heroes.

    Also, she likes puppies.

    The offending App simply streamlined about four clicks on Foursquare. That's hardly a gross infringement on privacy.

    Two questions: Why did Kristen make all this information available? And why did all the women folk at the reporter's party -- but none of his male friends -- recoil strongly?

    I suspect that the answer lies in Kristen's desire to meet people, or -- and here I'm admittedly guessing -- in specific, men. I do suspect that the potential serial killers out there aren't waiting for a woman who likes Charles Stross and Keynesian economics to pop up on their phone before striking. Those of us who are looking for a relationship of some sort may be more picky, and in advertising her availability, along with some of her interests, Kristen is increasing her pool of potential suitors. I certainly never planned to go to the bar -- which I didn't even know existed -- to pursue hookups. But if Foursquare told me that someone who fits my eccentricities was out there drinking, I might consider it.

    If it benefits Kristen to advertise her availability to a pool larger than strangers in a bar, it equally threatens the reporters girlfriend, and all the other women at the party. They have exited the dating pool, and they do not want their significant others reentering it.

    209:

    On the other hand, Facebook deliberately cripples its APIs to avoid creeping out its users/customers/products.

    I can manually click on all of my friends, then click on all of their friends, and see which of my friends-of-friends like Charles Stross. I can even do that to the third level -- in most cases, friendship relationships are public.

    What I cannot do (at least as of two years ago, when I looked into this last) is run the equivalent of SELECT FRIENDS OF FRIENDS WHERE LIKES INCLUDE "CHARLES STROSS" AND SEX="FEMALE" AND "STATUS != MARRIED".

    I have, though, toyed with writing a spider to do the work for me, though the risk of violating the TOS gives me pause. Also, CPAN is no longer the source of cutting edge spider tools that it was in years past.

    210:

    Sure, that's a question of fact to be determined in any particular case (ultimately, by a jury). It doesn't change the principle of integrity of context.

    211:

    Further on #205, 206, 207 and 210 - I'm using Occam's razor and saying that it's more likely that someone has developed an app that shows a "sechsy" splash screen and, say "name and thumbnail of all women who are on FriendFace, carrying GPS enabled mobiles with numbers also on FriendFace, and are presently within $distance of me" than that someone would actually produce an app specifically to enable me to locate "working girls".

    212:

    "Facebook ... assumes that human beings possess but a single identity (which can be harvested by Facebook, needless to say). Ask any teacher whether they want to share their private life and relations with their students!"

    It assumes this if you assume that a single Facebook login corresponds exactly to a single human being. I don't know if that's in their TOS, but every semi- or fully-public figure I know has at least 2 different Facebook identities.

    "G+ at least comes with the concept of circles, which is an improvement;"

    That sounds much worse, to me: it suggests that you're supposed to have one account (no pseudonyms!) and trust Google to keep them mostly separate, and trust yourself to keep things in the right "circle".

    213:

    Add onto Facebook information the availability of Ancestry.com and you have Hitler's dream. I was just glad to read that somebody else might be thinking about the harm that can come from this... it makes me feel paranoid that nobody else seems to comprehend the dangers.

    214:

    Every time we invent something these days especially in IT the risk profile to civilization rises

    The issue in play is not so much one ap or another or one bad guy or another but synergy and teamwork

    Sure some thug may be too busy keeping well thuggish to be good with technology but nothing stops him from having friends who are and can covertly maximize his their mutual benefit from them .

    When I think of some of the cruder things that could be done I am reminded of the Slamhound from Gibson's Count Zero

    "They set a slamhound on Turner's trail in New Delhi, slotted it to his pheromones and the color of his hair."

    In this case with apologies to the original author

    They set a dropable microdrone on Turner's trail in New York City configured with facial recognition and social media data from a lightly modded ap It launched as he passed down 7th street and came scrambling for his rented BMW overhead . Its core was a kilogram of binary explosives and ball bearings ...

    This kind of tech is possible for a decently smart person or small group or at least will be quite soon.

    Something I wrote on Global Guerillas

    its entirely possible that these technologies will be used for systemic genocide either in far off locals or right at home.

    Technological convergence makes oppression simpler.

    As an example some one acts out in a society (say an illegal protest, having the wrong opinion, rioting, crime, drug use) and the system automatically locks them and their family out of commerce and controlled areas. Instant Starvation Orders

    and yes we do things like that (no food aid for drug convictions in the US)

    With violence enforced by killing machines instead of fallible troops who might not obey the powerful can sit back and enjoy the suffering.

    If anyone thinks the elite aren't capable of this, they need to think again. I think they dream about it frankly and as things get worse they'll work harder to that end.

    These technologies offer a staggering danger especially to socially unstable heterogeneous societies like the US.

    Really I don't want a technology that's meant to catapult communications to end up forcing everyone in to resilient communities. neo-tribalism and a new Dark age backed with Stealth Nukes or something -- its not pleasant

    215:

    I smell opportunity!!

    Specials

    Merchandise

    About this Entry

    This page contains a single entry by Charlie Stross published on March 31, 2012 12:48 PM.

    Buy the tee shirt! was the previous entry in this blog.

    The inadmissible assumptions is the next entry in this blog.

    Find recent content on the main index or look in the archives to find all content.

    Search this blog

    Propaganda