Slashdot Mirror
How to Convince Non-IT Friends that Privacy Matters?
mmtux writes:
"As technology becomes more advanced, I am increasingly worried about privacy in all aspects of my life. Unfortunately, whenever I attempt to discuss the matter with my friends, they show little understanding and write me off as a hyper-neurotic IT student. They say they simply don't care that the data they share on social networks may be accessible by others, that some laws passed by governments today might be privacy-infringing and dangerous, or that they shouldn't use on-line banking without a virus scanner and a firewall. Have you ever attempted to discuss data security and privacy concerns with a friend who isn't tech-savvy? How do you convince the average modern user that they should think about their privacy and the privacy of others when turning on their computer?"
Delete his/her desktop shortcuts, so they will think a virus ate them.
Showing him his bank balance might work...
rj
You may be conflating too many issues. There's a huge difference between warning people about info-stealing malware and saying "zomg ur real name is online!" Remember that most people still have the attitude that they have nothing to hide and so nothing to fear.
I say focus on the most critical issues, like not clicking stupid links, using IE, or falling prey to phishers. Nobody wants his bank account emptied.
Btw, don't forget to post the links to us.
You are not entitled to your opinion. You are entitled to your informed opinion. -- Harlan Ellison
Seriously... Google them. Or somebody else at random. Show them how much information about them is already out there, and how easy it is to find. That'll convince them pretty quickly that they need to safeguard their information.
If you believe everything you read, you'd better not read. - Japanese proverb
A lot of people are pretty self-righteous and tend to remark snidely "Why do you need privacy if you've got nothing to hide?" What are you supposed to say to someone that seems pretty opposed to privacy... they don't even care about your privacy much less their own. Now that 'terrorism' is a buzzword, people are even demonizing those who even bring up privacy as a concern.
Twinstiq, game news
for most people all you will do is alienate them from you if you lecture them.
it's like warning a girl that her new boyfriend is an @sshole.
tell her once, but after that she just has to learn on her own.
most people just don't care until it bites them.
i find that after a person is a victim of identity theft, they are far more likely to take privacy seriously.
As a true friend, the best thing you can do to encourage friends to take privacy seriously is steal their credit card info, buy yourself lots of nice things, steal some deeds and sell their house and cars. Sell their personal info to advertising companies, and send any material that documents your friends doing some suspicious or potentially illegal activity to the local authorities.
a few years later when they get out of jail and get their financial life back together, they won't take privacy for granted ever again.
Of course, there is no reason to let your friends know that it was you, who so lovingly taught them this valuable life lesson.
-I only code in BASIC.-
Email. Everyone uses it. Or some variation of it, such as SMS for the younger crowd.
Point out to your non-IT friends that sending an "email" is NOT like sending a "letter". It is like sending a "postcard". Any number of people you might not know can see the entire contents of your message along the way -- plus they can keep a copy of each and every one of those messages forever.
To take the analogy further, if they really want their "email" to be in an "envelope", use encryption!
@HbFyo0$k8 tH!$
I try to convince them that they should be pushing to have this data made open to everyone rather than allowing the data to be kept as a private resource for the use of a few. And I try to make them understand that the Trusted Computing threat, which is all about remote censorship, is a real danger to them that can't really be effectively fought while the illusion of privacy maintained by obscurity is allowed to continue to exist.
And to Captain Splendid and his friends, who will surely once more come along asking why I don't publish my home address and phone number here so he can come stare at me, it's because in the presence of rampant hypocracy that thrives untroubled by the transparency I hope to see one day, singling myself out makes me vulnerable in a way that systematic transparency would not. There is a difference between negotiating a unilateral disarming, which is how I view this effort, and throwing down your guns first and getting shot in the head, which is what you're suggesting I should do.
-1 Uncomfortable Truth
Don't be helpful, be available.
If your friends want your expertise they will come to you and ask. If you offer it unasked-for, they will probably never ask and will go to someone else.
Probably better to talk to them about your other mutual interests. That way you get to keep your friends...
I generally remind them that privacy is not just from the government, but is a matter of having some control over who knows what about your life. You may not be ashamed about your partying, for example, but that doesn't mean that you want employers or parents to know too much about it -- definitely not to find out about it without you having the excuse to explain that you're careful and responsible. Political beliefs are also important, whether to avoid arguments with family members who disagree, or to avoid reprisals from a boss whose political persuasions are opposite yours ("If he has enough money to donate to that campaign, clearly he doesn't need a raise!"), or even from a government whose views you oppose.
And there are lots of personal details we're not ashamed of that we nevertheless would like to not be public. Vacation plans ought to be private from stalkers, ex-girlfriends, that really annoying friend from college who lives one town over from the hotel, etc. My sex life is nothing to be ashamed of, but nobody but my partner has any right to know about it.
Ultimately, privacy is not about secrecy, it's about personal sovereignty: who gets to say what people have what information about my life?
You ask a good question...
No one really wants to be 'that guy' in the circle of friends. You know, the one that's always soapboxing about some sort of social injustice, evil corporations, or whatever. However, that's more or less what you need to do, because people MUST understand what is at stake when our rights to privacy are taken away.
Now, you can help your friends understand how their privacy is seriously at risk without being an asshole. It just takes time, and perseverance. I have alot of friends who have very uninformed political opinions. It's rude to just lecture them every time the subject comes up, but there's nothing wrong with speaking the truth to your friends in a palatable, positive way.
The more you mention issues of privacy, and the more well-informed YOU are about the issue, the more it will create top of mind awareness for them. In time, they will see your point. They will encounter a loss of privacy in their own lives, and because you were such a well informed friend, they will have the ability to make the mental connection. You really are doing them a favor.
Thank you Dave Raggett
You're a complete asshole who is missing the point, yet some idiot mod will see your low userID number and automatically mod you up.
We'd have that real anonynimity still, if people gave a damn about it and valued it instead of pissing it away for the sake of convenience. And no, this is not how humans have always lived. For most of human history, it used to be that knowing very much about somebody was a difficult and expensive undertaking, as you would have had to actually physically observe them and follow them around and investigate them. It was something you did not do without a reason. Electronic transactions plus modern databases mean that this has become far easier and therefore more widespread. A few companies have more market control and a few governments have more power, but the average individual has nothing good to show for this. That is the problem, and you are in denial.
No, because in the case of privacy, people are constantly trying to pry into each other's business. Speaking personally, I have had it confirmed at least once that an email sent to me had been maliciously faked in order to manipulate me, and I have had some circumstantial evidence that someone was reading email conversations I had with someone else. I've been approached by people who know that I am a programmer, and want to know if I could "hack into" someone else' email account so that they could read through it. This stuff isn't about the boogeyman government, it is about ordinary people who actually do have no respect for the privacy of others.
Here's another angle to consider: sometimes, a message is easily misinterpreted when read by an uninformed party. When I was in Junior High School, I was once accused of plotting to blow up the school because of a note I had written to a friend, which had been misread by a teacher who found it after class. It isn't so uncommon. There are a dozen different situations like this, where some message is ambiguous and should only be read by someone who is fully informed on the context.
Palm trees and 8
In this case we are talking about 2-3 different things:
First, the problem of formerly private information that your friends have willingly made public, either because of convienience (information given to a website that they use for shopping) or on a social networking website.
Second, the private information that they are unwittingly making public, or leaving themselves at risk of making it public.
Third, that governments may be helping themselves to information thought to be private.
The first is a cultural difference, the third is out of your control, and the second is the really important one. You aren't going to win the debate on the first one. We've seen this debate before, on anonymity for BBS users, later on the rise of cookies. On one side were the forces of good, arguing that these changes were very real invasions of privacy and made your computer do things you didn't know it was doing and wouldn't want it to do if you did know. On the other side was convenience. It sucks to have to log in to slashdot every time I open a new browser window. It's kind of nice that Amazon can make recommendations to me. Cookies let that happen and the public debate, for what it was worth was won pretty handily. Now, that doesn't mean that companies started using cookies as an outgrowth of the democratic will of internet users. It just means that the level of outrage was muted over cookies enough for image conscious companies to get by with using them.
the same thing is going on w/ facebook/myspace/etc. The tables may turn on them (and will probably turn on facebook soonish), but for now we like the fact that others can see our name/face/job/school more than we dislike that these things are no longer private. Part of that outlook comes from the fact that we are limited in imagination. We see facebook one screen at a time. We can't look at people who aren't in our group (I think, haven't used it in a while). It takes a non-trivial amount of time to look through information. Consequently, we see that as the ONLY way to grab data from facebook. We don't connect (or at least the non-IT ppl) the fact that someone broke down anon/aggregate survey data from aol and netflix to get private information automatically. We don't think about scraping programs that read sites like myspace/facebook and correlate names and zipcodes with other sources of inoformation on the web.
The last part of this failure of imagination is that there is a cost to privacy. If I want my personal information to be private wholly from facebook, I can't be on facebook. Relatively speaking, that is a large cost. There is no 'maximum privacy' level for facebook where you can post pics of you and your friends and make comments and it won't be recorded somewhere. That product doesn't exist.
Ok. I won't touch on the third point because that is a flame war waiting to happen. Needless to say, it is out of your direct control.
The second point. My advice is be direct when the situation calls for it, but don't bother when it doesn't. If you are out at a baseball game, don't strike up a conversation like "Gee bob, I noticed that your password for your computer is 1 2 3 4 5 and that you sure do have an awful lot of sensitive info on there. Don't you think that you ought to change that?".
And then just tell them to get a mac. If they aren't security conscious enough to get a virus scanner while running windows then they really should be using an OS that does everything for them.
Attacking your friend's accounts is a good way to lose your friends. Most people don't take very kindly to that sort of practical demonstration without first giving their permission.
Palm trees and 8
Perhaps you should reserve this opening statement for something less preposterously moronic than "For most of human history, it used to be that knowing very much about somebody was a difficult and expensive undertaking, as you would have had to actually physically observe them and follow them around and investigate them."
Before the rise of large cities and mass transportation, it was an expensive luxury to live in a way where you *didn't* know the intimate details of your neighbors' lives. You didn't have to follow them around -- there was no place for them to go!
What I'm listening to now on Pandora...
Start by explaining a real-world current personal problem. (I do not crack so showing his bank balance is not possible.)
A friend loves his wireless laptop. We encrypted router communication at both homes. Explaining why encryption is needed led to an explanation of the dangers of handling financial transactions while wandering NYC -- that any open router could record everything including passwords and perform man-in-the-middle attacks to bypass SSL. Anybody willing to capture his information could; expecting those people not to use the information maliciously seems silly.
Once those dangers were understood, my friend was eager to hear about more insidious problems such as government policies (telecommunication recording), other insecure devices (iPhone), and deliberately open websites (Facebook).
I spend my life entertaining my brain.
Talk to a dentist. You'll hear a whole lot about how important it is to floss your teeth for 15 minutes a day. A fitness nut will tell you how you need to exercise an hour and a half a day. The house painter told me I should wash the house once every 3 months to preserve the paint. A mechanic friend told me to check my car's oil every week. etc etc.
Most people just don't have the time/energy to do everything they're told so they ignore most advise.
Engineering is the art of compromise.
Sometimes it's not even "for the sake of convenience" - many of us, especially prolific bloggers, enjoy sharing our ideas, identity, and intimate details of our lives as a form of self-expression. Not only are we not trying to obscure information, we're broadcasting things to the world that would cause previous generations to blush, and are eager to continue to push those boundaries. The type of strong privacy some people advocate is an alien concept to us.
Knowing where I am, who I'm with, what I'm doing, what I think about that, etc. is something that I don't mind the general public knowing most of the time. Being contactable for all that time via IM/phone/whatever is generally kosher too (although of course I'd rather not be contacted by marketers for any of this - would like advertisements and marketing banned).
I realise that not everyone is part of this new "open subculture", and that the deep privacy advocates certainly exist in fair numbers, but I'm not alone.
For every problem, there is at least one solution that is simple, neat, and wrong.
~~~
There was a brief window of history between urbanization and computerization when real anonymity existed; that's closed and we're returning to the way humans have always lived.
Not to quibble, but before censuses and technology humans were generally anonymous up until the 1870s (varying country by country). Sure you knew your neighbors, but it wasn't quite hard to move to another town and change your name or publish works anonymously without a good way to track you. Many great works were actually published anonymously over the centuries that were often critiques of the powers that be or society in times when their life or limb was threatened.
The internet has provided some persons a way to speak out since anonymity has been repressed by the powers that being during the 20th century in many totalitarian governments.
Secondly, it isn't far fetched that someone given what you buy at a grocery store could target you in someway or another. They wouldn't do it on an individual basis but imagine if a "pro-dolphin" group saw that you were buying tuna from a questionable company and then targeted you by exposing you name on a list on their website.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
Your comment conjured up a little mind movie: 2 techie guys driving around the neighborhood on a Sunday afternoon, wearing their dark slacks, white shirts and ties. They ring the doorbell. "Hi - would you happen to have a few minutes to talk about the importance of information security and privacy?"
Dark Reflection
I'm often floored at how much information people post on Facebook, Myspace, etc. I'm one of those weirdos that uses a screen name for everything and only a few people in the world know who I really am from my screen name.
I use decent passwords, and keep info that could be used to harm me to a minimum. I don't put a message up on Facebook saying how excited I am to have just bought a $750,000 new house and $37,500 new car or and here is my address and the key is under the doormat.
This was my boss's and her children's attitude prior to my employment. I'm the IT guy so of course I ended up fixing their PC when it got riddled with spyware/virii/worms/etc. When they asked me what those programs did I put the fear of God into them. I had them so scared they were on the phone changing bank passwords, switching from using "1132" as a password to something 16 digits long, deleting more private info off of places like Facebook etc.
Yes I stretched the truth about the dangers of the apps they had managed to be infected with but they are a hell of a lot better now. They shred mail and those fracking "you've been pre-approved!" credit offers.
They didn't get burned but I made them think like they narrowly dodged a bullet and they are better for it.
I assume you also get an hour of exercise per day, eat no more than X grams of saturated fats every day, don't eat any trans fat or HFCS, eat a good 25g of fiber every day, floss your teeth twice a day and go to the dentist every few months, rotate your mattress on time, etc etc etc? If not, maybe you should stop to admire how pretty your glass house is before you pick up that rock...
Warning: Apple/Nintendo fangirl. Likes her electronics cute & cuddly. May be rabid.
Google around for the Slashdot story on the FBI using the purchase of falafel as an indicator of terrorist intent. There was a serious proposal put forth by law enforcement to datamine for people who bought falafel (and presumably no pork and no alcohol :) at the Wrong Sorts Of Grocery Stores, and to feed that list into some other datamining operation, presumably because people with those dietary choices are more likely to be terrorists than us beer-and-bratwurst types.
Ask the descendants of Japanese WW2 internees. Both Japanese immigrants and American citizens, whose only crime was being "of Japanese descent" were rounded up, sent to camps in the middle of nowhere, and their homes and fishing boats were sold at sub-foreclosure prices. The data used to figure out whom to round up came from the Census.
The only thing that separates those two programmes is the whim of a Congressman and the stroke of a pen.
Those who do not remember the past are condemned to repeat it.
Speaking of which, there are still a few old fogies from Europe who never had trouble remembering the past, because they had funny numeric tattoos that remind them of it. Most of them lived like you did -- freely practising their religion (and buying wine, but not pork), proudly sleeping around with whoever they liked, being active in some of the new political movements of their day, and it's not Godwinning the thread when you're pointing out that the "open culture" of which you speak made it a lot easier, once the Weimar Republic fell, for its replacement government to figure out who should get a yellow star, a pink triangle, or a red triangle to wear.
Does privacy matter? The poster presumes it does, but somehow is unable to think of any reasons. If privacy REALLY mattered to him, he could think of reasons why it mattered and then tell them.
What I think is that the poster is one of those people who latch onto an idea without ever fully realising why. Instead of just flapping out that privacy is important and then wondering why nobody seems to "get it" is useless. First ask yourselve why YOUR privacy is so damned important, then you will have the answer you can tell to others.
But don't just take a position and then look for arguments to convince others. That works for a debating club where you are given a topic, not for persuading people to do something you care about.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
I would interpret that to mean that you need to choose your advice carefully. The best thing my dental hygienist ever said to me was, 'Floss while you're watching TV.' It was a perfectly simple and eminently practical piece of advice, and made me a flosser for the first time in my life.
<obShamelessSelfPromotion>I've been writing a series of columns about the issue of online privacy in a local weekly newspaper. Living as I do in a developing nation, I need to put things as simply as possible. Here are the last three:
Crumb's Corollary: Never bring a knife to a bun fight.
Oh, btw I've also been using the same passwords for 16 years.
Engineering is the art of compromise.
While I agree in general, there's more to be considered than just "we're IT, so we care more." Privacy doesn't exist solely in the IT world; for most people, the majority of the privacy that they get isn't from their IT policies, it's from their home's walls, the blinds on their windows and the door on the bathroom. Likewise, most identity theft comes from dumpster diving and other traditional means, with online identity theft actually going down. If you use that as a metric of privacy (the important data not getting into the wrong hands), then that would indicate that IT privacy is actually getting better than other areas.
What this actually means is that people are more used to dealing with privacy than other areas. Everyone in the world cares about privacy to one extent or another, and it's practically (if not literally) an instinct since we're taught it from birth, which puts advocates of online privacy in a better position than a fitness nut or a dentist. We can draw real, direct analogies between facebook's policies and brick and mortar company's policies. If my credit card offers me double rewards at a coffee house, should that coffee house get my address, full name, mother's maiden name and social security number just for having that relationship with my card company? Should the guy who sets up a chess game in a cafe get all the personal information of the people they play against?
Privacy isn't new, and it's problems aren't unique to IT. All we need to do is put the issues in plain terms and let people make their own decisions.
Daniel Solove, an associate professor of law at George Washington University Law School, has a good paper on this subject titled, "I've Got Nothing To Hide" and other Misunderstandings of Privacy (http://www.scribd.com/doc/187371/-Ive-Got-Nothing-To-Hide-and-other-Misunderstandings-of-Privacy).
Thing is though that they are paranoid for all the wrong reasons. Mostly fearmongering out of various news outlets about THE DANGERS!!! OF THE INTARWEB!!! (okay okay... exaggerated but hey).
Fact remains that they might be paranoid about privacy on facebook and so on, but due to their misdirected paranoia, they're also the sheep that will gladly vote for a bill to just monitor everyone and make sure that their precious offspring won't lose their privacy, conveniently forgetting that big brother watching you equates to the same thing.
But at least seemingly Big Brother has a nice hat, so that makes it okay...
There is no sig...