The Electronic Freedom Foundation has released its 2013 “Who Has Your Back?” report. They evaluate tech companies on “which companies help protect your data from the government” – whether the company fights for users’ privacy rights in legislation and in court, whether users are told about government data requests, whether they require a warrant for content, etc etc. Not surprisingly, AT&T and Verizon do horribly (one star between them out of a possible 6 each) while Dropbox and Google pull five each and Twitter gets all six. Nicely done…
…but it kind of misses the point.
There is a sort of neo-libertarian ethos in Silicon Valley that says that the government is ultimately your enemy, that only private innovation can save us all. You need to be safe from the prying eyes of Uncle Sam. As for the prying eyes of Mark Zuckerberg, or Scott McNealy (who famously said “you have no privacy. Get over it”) or the Beast of Mountain View…well, that’s something else entirely, isn’t it?
Not really. As a test, I’ve been using the new Google Now function for iOS with my dummy Google account. It doesn’t have any calendar data, I don’t get email there, and I rarely if ever log in for search (anywhere), but it does have location data turned on. So far, all I get is an occasional weather update (of varying accuracy), location-specific transit timetables (which are actually right handy at a glance) and a constant slew of Zagat cards for local dining establishments – which would probably be more useful if I was anywhere but work and home this week. Maybe this weekend I can see how it looks.
But that’s the thing: the new Silicon Valley Web 3.0 lifestyle requires that you entrust private companies with your data. None more than Google and Facebook, whose entire current business models fall apart without your constant contribution of personalized information. I don’t know offhand of any EFF report on which companies protect your data from the depredations of the private sector, but right now, I suspect a lot of companies would have a lot of explaining to do. For instance, after their latest bout of WTFery, I dumped Path. Not because they did something awful – it seems like this latest stink about spamming was a result of poorly-chosen defaults, user cluelessness, slow networks and the oddity of texting landlines in the UK. But coupled with their automatic harvesting of the address book last year or so, it suggests a company that is at best careless about their use of your data.
This valley needs a good solid industry-wide policy about what companies can do with your data. Whether they can share it internally between products (is it OK for Google to go through your email and find flight data to remind you about?) or sell it along to other companies (looking at you, Facebook) or keep it seemingly in perpetuity (back at you, Google). Look at that EFF list again: Amazon got two stars and Apple only one, but they’re also the only companies on the list whose business is based primarily on selling you actual things. The others are either selling you an OS (Microsoft), selling you access to the network (AT&T, Verizon, Sonic.net), or – this is the important bit – providing you with some sort of service that’s free at the point of use. If they’re not making money by selling something to you, they need to sell something to somebody to make their money.
This is another place where William Gibson had it right: in the long run, corporate dystopia is far more likely than government dystopia. Right now, the feds have a lot more limits on what they can do with your data than Google does. Uncle Sam needs a warrant; Google can just point to your login and say “you consent to a worldwide irrevocable license to harvest your organs and sell the contents of your brain.” The Bill of Rights lacks ambiguity. The EULA lives by it. It’s past time for a tech sector that scorns lawyerly jargon and obtuse legislation to live by its own ranting.