Data Privacy: the creepy vs. the terrifying

At the e-G8 summit yesterday, I got into a little spat over privacy. My point, in a panel discussion, was that there are two different classes of privacy concerns: those that make people feel creepy, and those that terrify them. As technologists and policymakers grapple with the issues, they should focus on the terrifying, I said. We'll get used to the creepy.

This brought a vigorous rebuttal from Mitchell Baker, chairperson of the Mozilla Foundation. She was upset that I appeared resigned to world full of "creepy" privacy invasions, and said that Mozilla, among others, was determined to take measures to help people manage and protect their data. Shouldn't that be the goal?

My point is that our data is already everywhere, much of it beyond our control. Many people find this creepy, but that's the modern life. We are increasingly surrounded by surveillance cameras, which will soon be supplemented by more sophisticated facial recognition software. Our credit cards spill the beans on our purchases. Our telephones describe our movements and social networks, not to mention the words we text and the pictures we send. Our cars are bristling with sensors and computers, and will be reporting on us in ever richer detail. Machinery at the airport sends images of our naked bodies through networks. I could go on and on--and in fact I did in The Numerati. So while it might be a good idea to add controls on Internet browsers or establish tighter norms for advertisers, this doesn't rescue our privacy.

I'll admit: most of the surveillance I describe above doesn't bother me much. Some, however, find it creepy. And this is where I'm likely to get into another argument. I would argue that certain privacy advocates raise these issues of advertiser and cell-phone tracking as fundamental threats to privacy. In doing this, they elevate the creepy to the terrifying. (Now it's true that the advertisers and media companies facilitate this by hiding their practices in unreadable privacy disclaimers.) And this risks distracting people from the most serious risks.

What are those? For me, the terrifying is related more to issues of life and freedom. That's where governments must defend us. Here are three scenarios:

1) The police, after going through your behavioral data, determine that you fit the profile of a terrorist. Your life becomes hell.

2) You're a teacher, and investigators analyze loads of your behavioral data and calculate that there's a 46% chance that you're a pedophile. Do they have a responsibility to share that conclusion with your boss? What then?

3) Insurers mine your data, determine that you have a high risk for a dreaded disease, and cut off your coverage.