Privacy concerns in the age of utility computing

In the second part of his book, Carr identifies several potential negative effects that may arise from wider acceptance of utility computing. One of his concern is the loss of privacy. Although other posters mentioned privacy implications involving the internet being directly connected to our brain, I believe that even if such technology does not get developed in the future, utility computing has the potential for significantly eroding our privacy in the future. 

Acceleration of loss of privacy. I agree with Carr that utility computing will probably greatly accelerate the loss of our privacy. Even now, a substantial amount of our personal and behavioral information is already being stored and analyzed by businesses and governments. For example, analyzing clickstream information has become a common business practice for websites.  Online retailers use our purchasing history to recommend new products.  Information about our physical movement is being recorded by governmental agencies as we fly on an airplane or go through a toll booth. Rapidly and constantly decreasing storage and computing costs has made it easier for organizations to store vast amount of information and use it for various purposes. Furthermore, it has becoming more easier to aggregate information from different sources and store them in a centralized database. 

The research and development trend suggests that there will be even greater erosion of our privacy in the future.  For example, the consumer electronics industry has been putting substantial amount of effort in commercializing sophisticated home networking solutions. Although some number of homes already have a primitive form of home networking by sharing internet connection amongst multiple computers through routers and hubs, the next generation of home networking will include more sophisticated features such as monitoring the contents in your refrigerator and generating your grocery list based on your cooking habits or even automatically ordering items through an online grocery, to monitoring individual preferences for temperature and humidity and adjusting according. Most of these function will require some sort of a system that will record and analyze our behaviors.  However, very little thought has been put into where this information will be stored and who will have access to this information.   

One of the emerging field in computer science has been the field of sensor networks.  The goal of this research is to create an autonomous and robust network of thousands and thousands of sensors communicating with each other in order to monitor and collect vast amount of information.  Although a sensor network has been typically used in military and industrial settings, such as for battlefield surveillance and inventory management, it could used to monitor and control individuals. For example, a company could track the physical location of its employees through the employee’s identification card for security purposes (e.g., prevent unauthorized access of sensitive locations). Furthermore, there has been a significant amount of development in biometric sensors.  In addition to fingerprint and retina sensors which have been around for some time, there are also sensors to monitor your blood pressure, body temperature and stress level through a hidden sensor in a cell phone or a keyboard.  Again, there has been little discussion as to who will have access to such information. 

Societal acceptance of loss of privacy. In addition to acceleration of loss of privacy through utility computing, this problem is exacerbated by public’s acceptance of erosion of our privacy, independent of technological advances. For example, we subject ourselves to increasingly intrusive search when we board on an airplane without consideration of effectiveness of the search.  A police officer may search your car without reasonable suspicion as long as it is incident to an arrest.  Although there might be reasonable public policy behind those intrusions, I do not believe there has been sufficient public discussion on whether the cost of these intrusions outweigh the benefits. It appears that the public is rather indifferent as to the loss of the privacy. Instead, the public appears to enjoy disclosing their private information to the public. People freely post their information about their private lives on website such as facebook and myspace. Some people feel that a relationship isn’t real unless the relationship is posted and announced on such websites.  Again, very few people seem to care about the implications of disclosing private information to a wide audience or as to who owns and accesses such information.   

Differences in nature of loss of privacy. The effect of utility computing on our privacy is even more alarming because of the differences in the nature of the loss. Until recently, companies collected information mainly for marketing purposes. It did not matter for the companies to actually know who you are but rather needed know in the aggregate what public wanted and behaved.  However, with increased storage and computational power, it is now possible to market directly to you as an individual.  Furthermore, we ourselves are providing identifiable information to companies. The loss of privacy that will arise out of utility computing is not merely loss of something that is of trivial value to us, such as our address, but our actual identity, something that has tremendous subjective value to us. 

Where to go from here. So what should we do about the loss of privacy?  Should we try to restrict the development of utility computing? I don’t think we have to go to that extreme. There are significant benefits that we will enjoy from greater adoption of utility computing. However, I feel there is a need for additional public discussion on privacy. I also feel that we would need some sort of additional regulation along the lines of HIPAA to restrict companies and governmental agencies from disclosing private information without our consent.  Furthermore, similar to moral rights for artists, I feel that we need recognize moral right to our identity.  People should not be able to aggregate information without our explicit consent.  It should not be enough that we clicked on some EULA.  It should not be sufficient that we posted some information on a website.  I believe that absent showing of some greater public need (e.g., public’s right to know for significant events), people should be prevented from utilizing any of my private information.