Computers, Privacy & the Constitution

View   r7  >  r6  ...
AndreiVoinigescuSecondPaper 7 - 25 Jun 2009 - Main.EbenMoglen
Line: 1 to 1
Changed:
<
<
META TOPICPARENT name="WebNotify"
>
>
META TOPICPARENT name="SecondPaper"
 

Search Engines and Technological Privacy Solutions

Changed:
<
<
Few of us share all of our intimate thoughts, anxieties and desires with even the closest of friends. Yet we have no similar qualms about dutifully recording each of our fleeting thoughts in the query field of a search engine. The AOL search data fiasco amply demonstrates just how much information can be gleamed about a person even from 'anonymous' search logs. True, the New York Times did most of its sleuthing the old fashioned way, with reporters pouring over the logs—but there's no reason to think the same degree of profiling can't be achieved in automated fashion—and applied to all search engine users—as data mining techniques matures. Nor are government agencies ignorant of what can be learned from search logs.
>
>
Few of us share all of our intimate thoughts, anxieties and desires with even the closest of friends. Yet we have no similar qualms about dutifully recording each of our fleeting thoughts in the query field of a search engine. The AOL search data fiasco amply demonstrates just how much information can be gleaned about a person even from 'anonymous' search logs. True, the New York Times did most of its sleuthing the old fashioned way, with reporters pouring over the logs—but there's no reason to think the same degree of profiling can't be achieved in automated fashion—and applied to all search engine users—as data mining techniques matures. Nor are government agencies ignorant of what can be learned from search logs.
 But even the privacy-conscious tend to balk at the thought of search-engine abstinence. There have been calls for search engines to limit what data they retain and how long they store it for. Such proposals go hand in hand with calls for new legislation and government oversight. As Eben has suggested, however, many privacy concerns can be alleviated by general adoption of freedom-enabling software. Can we rely on hacks to blunt search engine profiling?
Line: 58 to 58
 Like any patronage system though, this setup gives the patron considerable influence in the strategy of the project. Google's donations, for instance, are probably among the reasons why AdBlock? is not bundled in Firefox. Perhaps some sort of government fund to support FOSS projects (especially infrastructure ones like operating systems and browsers) would help.

-- AndreiVoinigescu - 24 May 2009

Added:
>
>
  • In my view, the wall-wart was a distraction for you. You want to call upon a simple proposition from Philippe Aigrain's proposed taxonomy of services: there are those that can be forced to the edge through decomposition and those that cannot be downscaled, like search. Once you've done that, the server side is no longer of interest: you are talking about a question which is actually a species in the genus, "How can client software, by spoofing or otherwise, inhibit or devalue the surveillance conducted by servers?"

  • I agree with Dana that the wall-wart personal server you aren't really writing about won't take hold if its form factor is also its name. I think you made a mistake there. This is a personal server appliance that you buy and bring home, which hooks itself up automatically and smartly, lets you configure it through a wireless web interface that just appears in your apartment or house when you plug it in, allows you to import your existing social network profiles, email, etc., learns and protects your passwords, recognizes your personal authentication tokens etc., and then goes live. It becomes the safely stored system that feeds the world your information: tells your status, sends out feeds of your activities, manages your web presences including photos and video, gets your email, and so on. It arranges for safe, encrypted backup to the network, either destroys the logs of your conduct and your friends' activities there or puts them somewhere safe, and can move with you no more complexly than you would move your stereo to another apartment. If it breaks, you just plug in another one and do basic configuration, and it downloads the rest and becomes your identity manager again. It's your face to the network. Why not call it, for example, your Facebox?

  • Your suggestion that people proxy their interactions with search engines looks eminently feasible to me, but I probably am satisfied with a more rudimentary spoofing client. Even if the search engine is trying to normalize my stream, and I doubt they will bother unless events force them to pay far more computational attention to my stream than it can possibly be worth, their incentives remain all on the side of counting all my searches as valid, because they must perform the searches submitted and can only benefit by also serving the related advertisements. Analytically they are better off letting me masquerade as whatever my spoofer tries to make me than spending money to distinguish the actual me who consumes many fewer ads.

  • That argument implies that we may be able to satisfy ourselves with a slightly more comprehensive but essentially simple spoofing platform resembling TMN. You might want to give a little more analytical, game-theoretic attention to the relationship between a search engine selling advertising and a user spoofing a large number of excess searches to hide her own.

  • Jonathan's question should not have been answered by talking about how free software solutions become popular. He was really asking a question that applies also to Chrome and Opera: how can anyone achieve privacy in the use of the Web while operating an unfree browser, or at any rate a browser you as its operator can't absolutely trust? The answer is that the user is at the mercy of the untrusted browser, and that no browser can be trusted whose source code can't be read. People have begun to understand this about voting machines, but other technology that controls their lives is still given a pass.
 
 
<--/commentPlugin-->
\ No newline at end of file

Revision 7r7 - 25 Jun 2009 - 23:24:06 - EbenMoglen
Revision 6r6 - 24 May 2009 - 15:07:57 - AndreiVoinigescu
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM