×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Privacy Richter Scale

samzenpus posted more than 2 years ago | from the crossing-the-scales dept.

Privacy 75

Hugh Pickens writes "Jay Cline writes that not all privacy issues are created equal and proposes a privacy Richter scale to rank the bad things that could happen to our privacy. A privacy Richter 1 or 2 event is a temporary bad turn for you or a handful of people, but nothing systemic, posing no lasting harm to individuals or society as a whole. Examples include receiving someone else's mail, having someone expose something embarrassing about you to co-workers or friends, or losing your wallet or purse. Privacy events measuring 4 to 7 on the scale are risks that can cause real and lasting damage to a lot of people and include stolen laptops containing thousands of Social Security numbers and credit-card numbers that would allow identity thieves to make fraudulent transactions that could impact credit scores for years. Finally events topping 8 are points of no return for large numbers of people and society as a whole. DARPA's Total Information Awareness program, proposed in 2002 and defunded by Congress in 2003, would have topped the scale. 'The massive collection of data about U.S. citizens could have created a perpetual bureaucracy that put at risk our right of due process and protection against unlawful search and seizure.' So where does Google's plan to consolidate its 60 privacy policies into a single approach rank? 'The current change ranks at a 3,' writes Cline. 'Larry Page's company will weather this change. I don't see irreparable or lasting harm or loss of liberty. If you don't like Google, use Bing. Don't watch weird things on YouTube. You shouldn't be sending confidential things through Gmail in the first place.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

75 comments

If you like privacy... (0, Funny)

Anonymous Coward | more than 2 years ago | (#39285733)

Don't leave your house
Don't use the internet
Don't make phone calls
Wear a tin foil hat

Re:If you like privacy... (5, Funny)

BurstElement (1332791) | more than 2 years ago | (#39285763)

Don't leave your house

Then they still know where you live... :p

Re:If you like privacy... (0)

Anonymous Coward | more than 2 years ago | (#39287311)

Depends how far out you are. I've seen places where people basically go to disappear. Caught a glimpse of some of their houses but not to people. Not sure I'd want to either; I have a feeling they weren't joking when they put up signs saying "trespassers will be shot." They don't even get mail.

Re:If you like privacy... (4, Insightful)

hcs_$reboot (1536101) | more than 2 years ago | (#39285787)

There is a difference between having a reputation in a town, or even in newspapers, that is heard and repeated, that evolves with time, and having many things about your life written forever that can be search, retrieved, crossed with other data within seconds. Whatever the progress changes you realize throughout your life, this one thing you did 10 years ago you forgot and hope everyone else forgot will remain as the main thing you did in your life.
Knowing everything about everyone is certainly the direction we are taking the medium term ; but the society is not ready to cope with that, yet.

Re:If you like privacy... (3, Insightful)

SuricouRaven (1897204) | more than 2 years ago | (#39285997)

It's also a way political correctness may be enforced in future. Never say anything offensive or contriversial to or about anyone anywhere under your real name or anything that can be linked to your real name... ten years down the line a potential employer might find it while googling you, judge you a potential liability or source of workplace discord and throw your application in the bin.

Re:If you like privacy... (5, Insightful)

mlush (620447) | more than 2 years ago | (#39286133)

It's also a way political correctness may be enforced in future. Never say anything offensive or contriversial to or about anyone anywhere under your real name or anything that can be linked to your real name... ten years down the line a potential employer might find it while googling you, judge you a potential liability or source of workplace discord and throw your application in the bin.

Hmm gets worse than that.... in 10 years time whats "politically correct" may have shifted and all those 'Gingers have no soul' posts may come back to roost.

Re:If you like privacy... (1)

Ihmhi (1206036) | more than 2 years ago | (#39288999)

Hmm gets worse than that.... in 10 years time whats "politically correct" may have shifted and all those 'Gingers have no soul'
posts may come back to roost.

Well, if that ever comes up you can take comfort in the truth being the ultimate defense.

Re:If you like privacy... (1)

Anonymous Coward | more than 2 years ago | (#39286159)

I've always said that it should be a matter of solidarity that everyone should say and do at least one thing outrageous to society, i.e. say something which people consider abhorrent and break some minor law. Then no amount of recording of words or deeds (e.g. criminal records) puts anyone at a disadvantage.

For example - and this one requires coordination - in the UK it's illegal to draw a picture of a minor doing something sexual. In response to this item [slashdot.org] , an appropriate exercise in civil disobedience would be for at least, say, ten thousand people to download one such drawing and report themselves.

Duke LaCrosse players (4, Insightful)

Anonymous Coward | more than 2 years ago | (#39286027)

Remember a few years ago when those Duke LaCrosse players were being prosected for rape?

On 60 Minutes, that Lelie Stahl said something to the effect of , 'why are you parents fighting so hard? Make a deal.'

The parents responded, 'because in this day and age of Google and the internet, their names will be forever tied to this People will dearch their names and this will come up. They will never get a job or they will be tarnished for the rest of their lives - unless we get every single charge dismissed.'

Stahl, 'Oooh, I didn't think of that.'

And as for potetic justice, the prodecutor, Nifong, has been dibarred [cnn.com]

I just wish every prosecutor who tried to "make an example" to boost his political career would be disbarred.

Re:If you like privacy... (0)

Anonymous Coward | more than 2 years ago | (#39286155)

but the society is not ready to cope with that, yet.

And I don't see why it should, just cos some advertisers want to horde our info forever.

Re:If you like privacy... (1)

gl4ss (559668) | more than 2 years ago | (#39286879)

this one thing you did 10 years ago you forgot and hope everyone else forgot will remain as the main thing you did in your life.

that's only if that's the ONLY thing you ever did. the obvious thing is to just do something that pales in comparison. and then something else.

Re:If you like privacy... (2)

outsider007 (115534) | more than 2 years ago | (#39285821)

Actually you need a tin foil hat big enough for your house, otherwise google earth will find you. Oh wait.. too late.

this is what pisses me off (5, Interesting)

Anonymous Coward | more than 2 years ago | (#39285761)

"You shouldn't be sending confidential things through Gmail in the first place.'"

I'm not saying this is bad advice. But the fact that it is not bad advice, REALLY PISSES ME OFF. Not because I even use gmail- as I was hosting a squirrelmail server for my older brother and family before gmail existed, and don't store any quantity of my email on a corporate server for any length of time. But because gmail is what _everyone else_ is using for their email (to the extent that the younguns who won't get off my gedanken lawn use email at all, vs facebook). But enough about my lawn... my point is, that as a 36 year old computer engineer, who literally came of age in college during the deployment of the internet to the masses, then a decade later saw the T.I.A. etc... It's just so, so, sad. Maybe I was naive, but it really felt like people used to have an _expectation of privacy_, for things as basic as person to person long distance communication. E.g. snail mail and phone calls back in the days. These days, I honestly suspect that even when my cell phone appears to be off, that the government and other organized criminals, can and do listen into to my home. I.e. "the walls literally do have ears". But even setting asside that paranoia, and returning to the mundane level of paranoia/common-sense in the quote I'm taking issue with (don't use gmail for confidential communication), I just can't express how sad and disappointed with society I am, even with that level of paranoia now being accepted as common sense. I mean- people need to have an expectation of privacy. They need to feel like they can talk about confidential, personal, private things with their friends and family a hundred or a thousand miles away. And it really just isn't feasible. You still have to practically be one of the 1% tech illuminati to use encryption and actually feel like that even matters. Honestly, I'm the computer engineer, that perhaps a clinically paranoid schizophrenic, has just given up. I figure just using browsers and visiting sites requiring closed source browser plugins (read: the internet), probably makes my entire system insecure to the point that using encryption is pointless, even if the gubernment can't already crack that at will (or will be able to crack the recorded logs a few years down the line when either quantum computing works better, or they just find an obscure flaw or weakness combined with more brute force and the current systems). I dunno man... It's just sad. I had this vision of the internet actually allowing long distance communication of confidential things. Like minority political and philisophical discussion. But no, the world turned out to the point where people just deal with the fact that even though the tech is there, because of attitudes and government surveillance, we just shouldn't try to have confidential exchanges of communication except in person. Sigh... I hate america. And it may be the best of the lot. sad, so sad.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39285795)

I'd mod this up if I had mod points. The major issue I see with this rant is the last statements. "I hate america. (not the part I see being the issues) And it may be the best of the lot." I can see this post getting modded down just for saying that the US is the best of the lot.

Re:this is what pisses me off (1)

cornjones (33009) | more than 2 years ago | (#39285827)

This is a good post. mod it up.
i do think much of the problem could be solved w/ a little more applied crytpography. see effs https everywhere campaign. if we encyrpt 95% of the traffic going across the wire, sniffing the remain becomes close to pointless.

Re:this is what pisses me off (2)

SuricouRaven (1897204) | more than 2 years ago | (#39286029)

That might work if this was just about sniffing, but the situation is more complex than that. It's also about the rise of corporate surveilance rather than government - they don't care overly if you are just being subversive, but they'd love to go through all your emails and browsing history to determine how best to flog you crap you don't need. It's about the use of search to make available to the masses the type of background checking that once would have been available only to governments and those willing to hire a PI - and so your friends, family and employer being able to dig up every tiny speck of dirt from your past, including that time a few years ago you joked that if fundamentalist-religious-types believe they are going to heaven we really should just kill them all. Encrypting all conversations is a requirement for restoring some semblence of privacy, but it is far from a complete solution. Really, the big problem is that most people just don't *care* about privacy.

Re:this is what pisses me off (1)

datavirtue (1104259) | more than 2 years ago | (#39289603)

Corporate surveillance is the same or worse the government surveillance. ANY business will hand over your data when the government comes knocking. You give much more of yourself to businesses than you do to government and they know this. Google is getting slapped around about "privacy" and "monopolistic practices" because they are not playing nice with the establishment. Facebook has way more fucking personal data than Google will ever have and they get a free pass?

Re:this is what pisses me off (2)

AdrianKemp (1988748) | more than 2 years ago | (#39286591)

Sorry but until HTTPS is done correctly it will do exactly squat in actual privacy. What you say about sniffing is true, but it just redirects the problem it doesn't solve it.

The fact that my bank gets all of the security certificates from a third party makes the actual security of the system non-existent (as demonstrated by countless authorities getting screwed).

When people start doing it right, and issuing self-signed certificates with credentials we'll be getting somewhere. Once my bank gives me a certificate from them at the time that I create my online account with them there will be an actual chain of trust.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39288127)

Once my bank gives me a certificate from them at the time that I create my online account with them there will be an actual chain of trust.

You mean, once I give you a certificate from me at the time that you create your online account with them on my website, will there be an actual chain of trust, and massive transfer of funds out of your account.

Re:this is what pisses me off (1)

aix tom (902140) | more than 2 years ago | (#39291689)

The idea being the certificate being transmitted through a really trusted channel. Like getting it on a CD or thumb drive or as a QR code or whatever from the person you open the bank account with in the actual bank office.

That would make it more secure than a purely online transaction where a hackable certificate authority is telling you that the hackable banking website is authentic.
They would have to physically "hack" a fake branch of the bank into existence in your town. Which is harder. (Although not completely impossible, like we see in the fake Apple Stores that seem to crop up in some countries)

Re:this is what pisses me off (1)

AdrianKemp (1988748) | more than 2 years ago | (#39300077)

Although true, I was intending (for banking purposes anyways) that they would physically provide you with the certificate, it isn't actually required.

Say for an account on WoW or the like, right now I'm trusting that the site is the right site based on VeriSign or something, which poses a problem because I don't have a trust relationship with them.

If on the other hand, WoW issues me a certificate at the same time as my credentials, I know who it's from. Yes it could be from a spoofer, but in that event they already have my credentials and the issue is moot.

What it does is bring the chain of trust for both parts into sync. I know that my credentials are exactly as safe as the certificate telling me I'm at the right place; I'm not trusting an invisible third party who I have little/no knowledge of.

Of course in order for that to work, sites would also have to adopt the correct method of payments - sending me to my bank and having me authorize the payment through my bank -

If that were followed, my credentials would never leave the domain where I originally created them and the chain of trust would be in tact. That's not saying it's safer necessarily (that is, by nature of the system), but it provides a proper chain of trust.

Again though, in a banking setting your credentials generally *are* provided in person for additional safety, so yes the certificate would be as well.

Re:this is what pisses me off (1)

AdrianKemp (1988748) | more than 2 years ago | (#39300003)

Although the other person who replied to you is in fact correct, it would be handed out much like PINs are now (either set in branch or sent via registered mail) I have to ask:

If you've got my credentials, why would you care about the certificate?

You're being stupid.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39285915)

Other side of the pond here and half a decade younger ... and you summarized pretty well what I am thinking. There was so much potential in the direct, unmediated, decentralized nature of the internet, and in the (turing) universality of even a personal computer/phone, but people just don't seem to care, and the universality in a way became the curse: an analog TV didn't allow the owner to re-purpose it much, but at least installing that new piece of equipment did not mean giving a centrally controlled robot packaged in an impenetrable shield unhindered access to your household while you were asleep.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39285951)

You raise some good points, and to some degree I feel about this the same way. But.. running your own mailserver isn't for everyone, and in that situation it doesn't really matter anymore anyway. You're always going to have your mail go through *some* third parties' mailserver and they can do pretty much anything they want with your e-mail without you ever knowing about it. The law prohibits them from doing anything really evil, and Google is under those same laws (and probably stands to lose a lot more if they breach them). Any privacy-damaging activities that don't fall under those laws can be done by anyone, google or not, and it should be the assumption that it is being done. This is where I think the 'don't use e-mail (or gmail) for confidentional things' advice makes sense for me, and I've pretty much accepted it..

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39298481)

Somehow I doubt this AC reply to an AC reply will make it to you, but... (parent poster here): I think that what we should aim for is- everyone on the planet with an ipv6 server, in both a wal-wart, and at least one mobile phone. Domain registration should be free, as each of these devices will be running a dns server and a mail server (and a web server). In such a system, there is no choke point of nefariousness like there is with gmail and similar centralized services. I.e. yes your mails will be subject to attack at various points in the network. But if an orwellian attacker like say, blackwater, or the chinese government, or some evil cadre of googlers, wanted vast control over a vast number of people, it would not be anywhere near as possible as it is today with the centralization of people's communication content in two very localized (even if they are dispersed among several datacenters) places, as they are with facebook and google.

And I really have _zero_ faith in those laws stopping nefarious groups, (esp the 3 examples I used), from doing bad things. I think those 3 groups are already doing very nasty things, very very outsight the reach of the protective laws you mention.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39286081)

Tell me, what is the big bad, evil Googles going to do for me for sending email through their server? Target me with ads? The ones that everyone of my generation as well the newer ones have learned to tune out since their first time on the internet and possibly even watching TV? Sell my information so the junk mail that I burn is slightly larger in size? Do they have some evil Death Star ready to destroy my home if I so much as say I hate Google even once? I understand the idea behind SOME privacy advocacy. We don't want the government to have unhindered access to all of our communication, at least not legally, but the whole "don't even use gmail u suck!" thing is just as ignorant as posting your CC info on a public forum. The privacy advocates have to tone it down to things people actually care about before they will get anywhere.

Re:this is what pisses me off (1)

joebagodonuts (561066) | more than 2 years ago | (#39286455)

Tell me, what is the big bad, evil Googles going to do for me for sending email through their server?

Provide that information (whether by court order, simple sale, or some other mechanism) to someone who can do other things besides "target you with ads".

Re:this is what pisses me off (2)

Bengie (1121981) | more than 2 years ago | (#39286833)

"The privacy advocates have to tone it down to things people actually care about before they will get anywhere."

This.
1) The internet is about copying. If you put your data out there, it's going to be copied all over.
2) If you don't want to pay for your page views through ads, then start giving out your CC #. It needs to get paid for some how.
3) Data collected by Google/etc isn't just for ads, that data also helps improve their searches.

Many privacy advocates are just as bad as politicians. They don't know what they're talking about and their think everything works via magic. "Google, stop collecting any/all data and still give us relevant searches"... It's Magic!

There's a happy medium somewhere.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39298533)

re: (1): so you are basically saying- forget about the internet as a functional (and much better performing) alternative to snail mail? I.e. with snail mail, you have every expectation that just because you send a piece of it, there aren't going to be infinite copies in infinite hands.

I'm not saying it isn't good to consider your point, but please consider mine. There could have been an alternate history, where the forces of the US government in 2004ish decided that email should have every legal protection that snail mail has. They didn't, and my parent post was complaining about how the world we live in differs from the way things could have been in that alternate scenario. I agree, in all likelyhood there is no turning back. But I think that's sad. And expressing that, ranting about that, was my only real point.

(2) as with my re:(1), I'm just saying- it doesn't have to be this way. It is very possible to implement a decentralized system, like SMTP where thiere isn't a corporate choke point, and control over our data remains in the hands of our own personal general purpose computers that we have control over. But there are authoritarian, and corporate profit seeking forces, that really don't want to see that happen, because it lessens their power, at the expense of users regaining power over their communications.

(3) wait 20 years and see if you still believe that.

And here's the really twisted part... (0)

Anonymous Coward | more than 2 years ago | (#39286089)

It appears that if you are a private person, you look like you got something to hide. I'm afraid that wanting privacy will be a black mark. For example, is this day and age in the US, if you don't have a credit history with the credit burueas, good luck in getting a job, insurance, and traveling will be more of a hassle - they do a credit check to see if you are a threat.

I think it's going to be that way in the near future. No LinkedIN, FaceBook or some other online profile? Sorry, you're not employable because we can't verify your character.

Re:And here's the really twisted part... (1)

joebagodonuts (561066) | more than 2 years ago | (#39286685)

It appears that if you are a private person, you look like you got something to hide. I'm afraid that wanting privacy will be a black mark...

You don't need to be so afraid of what others think. There will be attempts by others to check you out. It's using technology to try and determine if you are in some way a threat.

If their check doesn't turn up anything, then "great". They will be just as overworked, rushed, and stupid as everyone else. The threat in this senario is more overarching laziness than anything else. No one is really interested in you. They are really interested in covering their asses if in fact you turn out to be a criminal (or in your example a bad employee)

BOSS: "How could you hire that AC? He was a terrible janitor! He looked at tentacle porn on company computers!"

HR SHLUB:"I ran the internet backgound checker. It isn't MY fault"

Over course, there are places in this world (fill-in-your-own-example-of-a-violently-represive-regime) where the check and any perceived threat discovered will be dealt with more harshly.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39286289)

You shouldn't be using email in general for anything private. The fact is that emails will rarely stay on the same server from sending them to delivery. And theoretically any of the servers in the middle could store a copy if they wished to.

In practice, that's rather unlikely as there are any number of servers through which the mail can go, but it is unencrypted data flying about the internet.

Re:this is what pisses me off (1)

evalhalla (581819) | more than 2 years ago | (#39286397)

Or you could encrypt your email with e.g. gnupg or one of its frontends, and send it through any server knowing that nobody below the big-country/big-mafia level could read it, and those who can are going to spend money doing so, and thus should only do it if they really need it.

Re:this is what pisses me off (2)

kermidge (2221646) | more than 2 years ago | (#39286477)

A little paranoid? Perhaps.

But the way things are now, if you're not a bit paranoid, something is wrong - with you and with the way things are. The very fact that this discussion exists shows that the way things are now is wrong. The fact that many don't understand this is even more wrong.

As for gmail, I thought about it over a couple of weeks and decided I was OK with a software robot using text in the body to serve me text ads - it's immaterial, and (supposedly - fool I, maybe, for taking their word on it) nobody looks at the crap or relates it to me as a human identity. That someone could, should they choose, make that connection is inexcusable - the capability and the choice both.

And the privacy "Richter scale" - yeah, I voted it "interesting" for it's discussion potential, but however well-intentioned or humorous it might be, it's lame at best.

Yeah, the Internet, another dream turns to dust. At my age, doing the same is beginning to look not unattractive.

"Mr. Gandhi, what do you think of civilisation?" The Mahatma: "I think it would be a good idea."

Re:this is what pisses me off (2)

ledow (319597) | more than 2 years ago | (#39286525)

Not being funny, but you can HAVE that level of privacy. Throw your smartphone (which didn't exist when you were a child) away. Disconnect your computer from the Internet (because my ZX Spectrum never had an Internet connection). Write letters (so that you hand them off to some several thousand minimum-wage workers who really have no personal incentive to ensure your letter reaches its destination at all, let alone unread). Use only your landline (which has ALWAYS been as simple to tap as putting a device in your phone, or a guy at the telecoms provider, or just clamping onto the analog cables running into the street - in the UK these are mainly aerial cables and nobody would notice a man in a hi-vis vest sticking something on the pole at all).

You *haven't* suddenly walked into a world of less privacy. You were in one already and then you CHOSE to use facilities which, by their very design, allow you to have some of that privacy taken away. And you're still there now. Email is NOT ENCRYPTED - even if it's sent from and arrives at a location you trust, you cannot trust the message without making provisions for this YOURSELF.

You chose to buy a satnav with a 3G connection because IT HELPS YOU. There were satnavs without it. There still are. But most people I know have satnavs with 3G capability.

You chose to buy a mobile phone that, by it's very principle of operation, requires the telecoms provider to know your rough location. Then you chose to buy one that has a GPS receiver built-in. Then one that tells your friends on Facebook that you just walked into the restaurant.

At any time, you can go back to the previous era, but it means ditching technology that you didn't have back then. Some people do. I have JUST bought my first smartphone. Not because I'm a privacy nut, but because I never wanted to have to manage another computer alongside all the ones I do professionally. Up until 4 days ago, I literally had a GSM phone with NO features. Was still trackable, though, by it's very design. My satnav DOESN'T have 3G connections - I get traffic over the one-way radio RDS-TMC system. It's not as good as live updates but it doesn't subvert my privacy or (more importantly) cost me anything to run.

I *don't* post when I'm going on holiday to Facebook. I don't post which restaurant I'm sitting in. I don't trust anything that comes in an email to not be overhead (i.e. I've never sent my credit card details by email).

You can do all these things already, and preserve your privacy. But privacy problems are not a result of changing attitudes towards privacy. They are the result of convenient technologies that have the side-effect of some lost privacy. And *everyone* who's used one has chosen to exchange that privacy for that feature. They would have 50 years ago, too. This is how 1984 was written - first published in 1949! - someone sat down and said "What if we had the technology to do X?" and followed through the natural progression of human response to that, even imagining a "future" of only 28 years ago (when I was a toddler).

You haven't "lost" privacy. You've been given more options of trade-off against it. And almost everyone, of any age and generation, is willing to take that trade-off even with prior warning. Because, on the whole, in Western society, your privacy isn't worth much to you at all. It doesn't make you a higher-class or give you cheaper taxes. When I *MUST* give away my name and address to public record in any court, when I *MUST* give my details to the electoral register even if I don't vote, when I *MUST* fill out a load of forms and take them to a random Post Office employee who passes them off to a dozen random government employees in order to get the document to legally travel to another country - the privacy of a text message to a friend isn't actually worth that much at all.

You chose to trade-off. If you own a mobile phone, or a GPS device that talks to central servers, or have a Facebook account, or don't use PGP for *EVERY* email you send, or even download *ANYTHING* online, then you've made a conscious decision to forgo some amount of privacy to perform that action successfully. You really have.

We're no worse off than we ever were. And at least we're more aware of things as being a potential problem now (does your Granny hide her passport under her floorboards? Then she was aware), but we've chosen to choose convenience and modern living over privacy. It's one of the sacrifices we've made to live in the modern world. We didn't have to (in the same way that people don't have to have a TV), but we chose to, and continue to choose to, and would always continue to choose to as a race.

That's not to say we should just give up and let the governments do what they want, but we aren't doing that anyway. All it means it, it's a natural progression, and a decision that almost EVERYONE has undertaken simultaneously. Do you tell your boss your mobile number? I don't. They could phone me out of hours and I don't do that. That was a decision of privacy over convenience. That's what happens every day to millions of people, and they choose to sacrifice it.

And, you know what, it's hard to live in a world where you sacrifice NO privacy at all. I'd say almost impossible, actually.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39287827)

This is why the Amish shun high technology. Dependency, leads to loss of freedom.

Re:this is what pisses me off (0)

Anonymous Coward | more than 2 years ago | (#39287919)

Sigh... I hate america.

BAH! America is a putz! Nothing but muscle. The brain is still in the UK (where middle east policy is set), or in some remote Bavarian castle...

Re:this is what pisses me off (1)

tburkhol (121842) | more than 2 years ago | (#39288845)

Maybe I was naive, but it really felt like people used to have an _expectation of privacy_, for things as basic as person to person long distance communication. E.g. snail mail and phone calls back in the days.

Back in the day, long distance communication was mostly done through government-regulated monopolies: UPSP, Ma Bell... The idea of the government reading your mail, or listening in on your conversations is pretty abhorrent.

Along come ISPs. They aren't really government-regulated monopolies - in fact companies like ATT carefully segregate their government-oversight subsidiaries from their ISP subsidiary. Now it's not The Government reading your mail, it's just some company with whom you've contracted. Your contract specifically allows them to "read" your mail, or they can't transfer it to the destination. First, there's a secondary market for certain kinds of summary data from that mail, now a secondary market for extremely detailed, personal data from that mail. Still, a lot of people don't care, because it's not The Government, but just Time-Warner, the good people who bring me my TV.

My point is: we enforced privacy on Olde Tyme communication methods because they were government structures; we willingly abandon our privacy to a company in exchange for 25-cents off milk.

idea fail (4, Insightful)

Tim4444 (1122173) | more than 2 years ago | (#39285791)

Wow! Hijacking a well known metric for a completely unrelated application just to draw a weak metaphor between the original phenomena being measured and this other unrelated event. Who could have ever thought up something so clever? Maybe next he'll invent a "jump to conclusions mat"! After that maybe he'll propose "dollars" as a new term meaning "lines of code" so that when he's introducing himself to unsuspecting women on the bus he can talk about how much "money" he has made.

FAIL

It leaves me cold... (1)

AliasMarlowe (1042386) | more than 2 years ago | (#39285855)

Wow! Hijacking a well known metric for a completely unrelated application just to draw a weak metaphor between the original phenomena being measured and this other unrelated event.

Not to worry, they'll probably combine it with other bastardized metrics and consign the lot to oblivion. How about a Beaufort scale for phishing and 419 scams, or a Fujita scale for antisocial behaviors (on the internet, of course).

Perhaps what's really needed is a Kelvin scale for relevance. The suggested "Privacy Richter" scale is pretty cold.

Re:idea fail (1)

rossdee (243626) | more than 2 years ago | (#39286857)

"Hijacking a well known metric"

This is America - we don't use metrics.

Anyway I heard that the scale they use for earthquakes is no longer the Richter scale, (but something similar in magnitude for all but the largest quakes. And how many people are familiar with the magnitude of earthquakes anyway. (unless you live in CA (or some other place that does have tremors - I was born and raised in NZ and have felt magnitude 5 and 6 quakes.

Plate tectonics are like cars ... (3, Insightful)

Anonymous Coward | more than 2 years ago | (#39285843)

... they make for bad analogies.

Well, more seriously, I think there really is a problem with a widely accepted premise that the fragility of the systems that our privacy depends on is deity-given, and that thus we have to somehow cope with "privacy incidents", much like we have to deal with earth quakes instead of getting rid of plate tectonics.

The problem is not so much that from time to time some database containing SSNs is publicly compromised, but that there are SSNs (with all those different functions they serve) in the first place. The object of interest should be the complete lack of any effective protection, which essentially means that large bodies of data are easily available at any time to anyone willing to commit some crimes, while those supposed "incidents" are just the few occasions where it has been publicised, often because some (more-or-less) white-hat did some demonstration.

Assigning privacy ranks (5, Insightful)

HBI (604924) | more than 2 years ago | (#39285893)

1) This means we've already lost, if we're quantifying the lack of privacy rights and the trampling thereof.
2) This seems as useful as color-coding terrorist threat levels ala Homeland Security.

Re:Assigning privacy ranks (0)

Anonymous Coward | more than 2 years ago | (#39288501)

This seems as useful as color-coding terrorist threat levels ala Homeland Security.

Yeah, but it's a little less gay [ebaumsworld.com]

encrypted gmail (1)

Dr. Tom (23206) | more than 2 years ago | (#39286061)

So if Google implements encrypted mail, would that be a -3 event?

Re:encrypted gmail (2)

evalhalla (581819) | more than 2 years ago | (#39286441)

If you use https to write from the gmail web interface to another gmail account (read via https and the web interface) the email is already encrypted, and you can be sure that nobody except for google (and some governments) can read it. Even if google started to encrypt email sent to other providers you couldn't trust them not to read your email before encryption (and forward it to said governments, of course).

Re:encrypted gmail (1)

hobarrera (2008506) | more than 2 years ago | (#39291069)

If no-one man-in-the-middles the recipient's connection, or something similar, and if no-one at google get their hands on this.

Re:encrypted gmail (1)

awyeah (70462) | more than 2 years ago | (#39293247)

The only encryption that occurs is the actual connection between you and Google. The e-mail may or may not be encrypted when it's sitting on their servers.

Not to mention the fact that there's zero guarantee of the e-mail being encrypted when it's passing between mail servers.

Not really realistic (2)

ubrgeek (679399) | more than 2 years ago | (#39286119)

Like someone once said when referring to earthquakes, "for you, the _big one_ is the one that results in a brick falling off of a building, hitting you on the head, and killing you." So with the example of a 1 or 2, if what's revealed results in a lost job, etc. that's pretty big to you (albeit it possibly just a source of mirth for other people.)

Risk importance is relative - not absolute (4, Insightful)

petes_PoV (912422) | more than 2 years ago | (#39286177)

Different privacy "issues" affect people in different ways. Consequently there is no sensible way to assign a numerical score to a particular event (such as having your bank account number leaked) in absolute terms.

For example, if someone reveals an unwelcome fact about you on FB, the impact of that "outing" will depend of whether it affects your employability, whether you are interested in being employable (never forget: not everyone is a 20-something american. Some people are retired and don't care that pictures of them being arrested could fall into the hands of an HR person), whether a potential partner may see it - or it may even depend on the values and morals of the viewer. There are no absolutes.

Even having your credit card number taken is not necessarily a big deal, depending where you live. A lot of countries take a view that bank fraud is absorbed by the bank, not by an individual who blamelessly had their account targeted.

So, assigning numbers to event without taking into account the context, the situation of the people involved or the place where they live is largely meaningless. And once you do start to account for all these extra circumstances, any numerical evaluation becomes so specific that you can't generalise a level of threat or seriousness to a particular sort of privacy loss.

i call bullshit (0)

Anonymous Coward | more than 2 years ago | (#39286189)

google's new privacy policy, coupled with their extensive data gathering and tracking network, which includes millions and millions of web sites using their ad networks or web stats, google voice, google search, google products, youtube, books, docs, calendar, groups, google wallet (checkout), plus, gmail, search, chrome, android, moto mobile, and more..... added to the ease at which they bend over for authorities and big business..... added to their rumored never-delete policy...... and it's an 8, easy. no way in hell is all that just a 3 on this so-called privacy scale.

Why Richter? (0)

Anonymous Coward | more than 2 years ago | (#39286303)

It looks to me more like a Mercalli scale (or a Beaufort one).

Maybe interesting... recent law in Bosnia (4, Interesting)

dragisha (788) | more than 2 years ago | (#39286309)

In Bosnia and Herzegowina we have national id cards. We had them also in former Yugoslavia, so - nothing new here. Except these new ones are barcoded so it is easy to register us on border checkpoints and like. Every time I cross border, they put my id card in scanner and register passage...
But, we also have long established practice of copying our id card for lots of procedures/applications at banks, telecoms and such. You come to open bank account (like I did just today) and they get your id card and copy both sides... What is interesting, today my friend witnessed this, and he works for another company copying id cards a lot... He was surprised when he saw bank clerk copying id card because at his company they spent friday-sunday destroying all copied id cards because of recent law forbiding this id card data collection. At least somebody came to his senses...
Imagine that, tons of identities in hundreds of binders in tens of companies... Looks like Fukushima to me :).

The Privacy WHO Scale? (0)

Anonymous Coward | more than 2 years ago | (#39286313)

I don't think Charles Richter had anything to do with Internet privacy.

WHY ? (1)

LaRainette (1739938) | more than 2 years ago | (#39286363)

From OP : "You shouldn't be sending confidential things through Gmail in the first place"

  Why ? Why shouldn't I ? what should I do to send those ? use real mail ? Gmail is an email service, it's not supposed to search through you correspondance, and it shouldn't be allowed to.

  I'm sick and tired of assholes trying to defend privacy invading policies with illconceived arguments. Gmail is a service, a service that you PAY FOR through advertising, and there is ABSOLUTELY NO REASON why google should take the right to search through your mail, the same way there is no reason for USPS to search through your mails...

  And I'm not an anti-google troll, I have an Android Phone, and I use Gmail and even G+, and they are good products, but all the more reason for us to protect the quality of these services by preventing Google from abusing its position of power regarding its users and invading their privacy.

Re:WHY ? (1)

JoeMerchant (803320) | more than 2 years ago | (#39286589)

From OP : "You shouldn't be sending confidential things through Gmail in the first place"

  Why ? Why shouldn't I ? what should I do to send those ? use real mail ? Gmail is an email service, it's not supposed to search through you correspondance, and it shouldn't be allowed to.

  I'm sick and tired of assholes trying to defend privacy invading policies with illconceived arguments. Gmail is a service, a service that you PAY FOR through advertising, and there is ABSOLUTELY NO REASON why google should take the right to search through your mail, the same way there is no reason for USPS to search through your mails...

  And I'm not an anti-google troll, I have an Android Phone, and I use Gmail and even G+, and they are good products, but all the more reason for us to protect the quality of these services by preventing Google from abusing its position of power regarding its users and invading their privacy.

Ummm... have you ever noticed the targeted advertising right next to your e-mail, you know, ads for what the e-mail is talking about? And, how are they going to do that without searching your mail? Gmail has always done this, even in the early days, it's part of the bargain, like ads on broadcast TV & radio - they target you by the channel you tune to and when you listen. Your bargain for the "free" Gmail service is that they get to sift through the content of your correspondence to serve up their ads - and of course they're going to keep a personal history of what they've seen in your e-mail, so they can serve you better [amazon.com] .

Re:WHY ? (0)

Anonymous Coward | more than 2 years ago | (#39287721)

I don't see any ads in my gmail IMAP box.

heh. (1)

Johann Lau (1040920) | more than 2 years ago | (#39294717)

Gmail has always done this, even in the early days, it's part of the bargain, like ads on broadcast TV & radio - they target you by the channel you tune to and when you listen

Uhmmm.... then let advertisers target Gmail users by the fact they use Gmail. There, done, and now the analogy isn't completely broken either.

Re:heh. (1)

JoeMerchant (803320) | more than 2 years ago | (#39299611)

Gmail has always done this, even in the early days, it's part of the bargain, like ads on broadcast TV & radio - they target you by the channel you tune to and when you listen

Uhmmm.... then let advertisers target Gmail users by the fact they use Gmail. There, done, and now the analogy isn't completely broken either.

Google ads are, in part, successful due to their targeting features - the group "all Gmail users" is less specific than a radio station. Maybe you would like a subscription based Gmail where you pay for the service instead of the advertisers? I know some real-estate ads get upwards of $1 per click.

Re:heh. (1)

Johann Lau (1040920) | more than 2 years ago | (#39300977)

the group "all Gmail users" is less specific than a radio station

Yeah, and growing a tree takes more time than killing your neighbour and taking his. What's your point?

Maybe you would like a subscription based Gmail where you pay for the service instead of the advertisers?

It's called "email". Most decent webhosts offer it out of the box. So yeah, sure. I mean, I have that anyway, but it would be nice for the general public to not be so cheap. I mean, having a phone (and making calls) costs like a hundred times more than getting a decent email you actually own. So it could be argued it really doesn't take more than people waking up, or even just rolling around in their sleep, for Gmail to either go the decent route or cease existing. But that could be said for a lot of things, and I'm generally not holding my breath for it ^^

Re:heh. (1)

JoeMerchant (803320) | more than 2 years ago | (#39301139)

I use Gmail as my primary personal e-mail service because:

1) I don't care that they or anybody else reads my daily drivel, the "nothing to hide" syndrome, I'm not so bold as to put it out there on a Facebook wall like a lot of people, but if you really want to dive in my dumpster, knock yourself out.

2) they provide a more convenient and useful e-mail service (better "experience") than any alternative I have tried, paid or free. I used paid Eudora for quite awhile, but that's not even an option anymore.

If I've got something to say that I wouldn't want dug up and repeated later, it doesn't go in an e-mail at all, I might trust e-mail if my recipient knew how to use strong decryption and erase the messages after reading, but I don't know anyone like that whom I have anything confidential to say to.

Re:heh. (1)

Johann Lau (1040920) | more than 2 years ago | (#39301285)

If I've got something to say that I wouldn't want dug up and repeated later

I post that stuff on slashdot under my real name, just to be safe :D Safe from giving in to snoops and useless people, that is. Anything that could be "digged up" is embarrassing for the person digging it up, not for me.

Re:WHY ? (0)

Anonymous Coward | more than 2 years ago | (#39288617)

You could send them an email. Y'know, using SMTP; maybe you could run your own MTA? If not, find one that doesn't SAY right in the user agreement that they're going to read all your email. Doesn't matter whether that's a reasonable demand, it's a demand that they have made and that you agree to in order to register a bloody account, so you definitely shouldn't be sending confidential things through them and then looking perplexed that they read them just like they said they would.

Re:WHY ? (1)

awyeah (70462) | more than 2 years ago | (#39293279)

The problem is not Gmail specifically, it's e-mail in general.

While the traffic between your computer and Gmail is encrypted via HTTPS, the messages may or may not be encrypted on their servers (hopefully they are), and they also may or may not be encrypted between Gmail and the mail servers being used by the people you're corresponding with.

I would be more worried about sniffing of packets between e-mail servers than I would be about Google employees reading your e-mail.

bimtch (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#39286405)

vioLate3. In the

Consequences and ramifications (0)

Anonymous Coward | more than 2 years ago | (#39286553)

The chief problem with the plate-tectonics analogy is that privacy isn't a matter of "incidents", but a cultural issue that evolves over a long time.

Generally speaking, an earthquake just happens -- there's an enormous rumble, things fall over, and then it's all over.

That analogy holds up reasonably well when compared to a lost laptop. But it's actively misleading when it's compared to a systemic, persistent factor like long-term data collection.

The problem with Google's policy (as a minor example) or the government's domestic spying (as a major one) is that they will lead to the collection of enormous data corpuses, and -- worse still -- to the institutionalised belief that collecting that data is OK. And thence to the historically-inevitable risk that that data will eventually fall into the hands of an amoral company or a corrupt government.

Richter scale: fairly good for discourse about earthquakes. Not so useful when deciding whether we as a society want to live in an earthquake zone.

Re:Consequences and ramifications (1)

rossdee (243626) | more than 2 years ago | (#39287021)

"The chief problem with the plate-tectonics analogy is that privacy isn't a matter of "incidents", but a cultural issue that evolves over a long time."

Sorry to disillusion you, but plate tectonics is also over a very long time - hundreds of millions of years - which is why some of the "Creationists" don't believe in it.

"Generally speaking, an earthquake just happens -- there's an enormous rumble, things fall over, and then it's all over."

In a major eathquake there are often aftershocks - sometimes only1 magnitude less than the original event - which can topple the already damaged buildings.

Privacy Doomsday clock (1)

gmuslera (3436) | more than 2 years ago | (#39288451)

That would be a better measurement. And we are a few minutes before midnight.

So mad, then, a great point! (1)

Kamiza Ikioi (893310) | more than 2 years ago | (#39289261)

FTA: "So how serious is the Google policy change? By the sound of the running commentary, this is the worst thing for privacy that's happened so far this year."

It's the same privacy policy. Unlike having 60 policies, there is one. It's easy to read.

And since when has anyone had a chance to opt-out of any privacy change, be it at your bank, Facebook, or your job?

Could you opt out of the original 60 policies? No.
Great point is at the end.

FTA: "What's the worst-case scenario here? Google amasses a detailed profile about each one of us who continues to use its mostly free products"

They already have that detailed profile, dumbasses!

FTA: "Potentially, that information later on gets breached, sold or subpoenaed by the federal government."

THEY ALREADY HAVE, @#%@#%! They aren't collecting new data. They already have the data. It could be asked for by the government at any time prior to the privacy policy change. Courts give 2 shits about privacy policies when they request data with a warrant or subpoena.

I better stop now, I'm going to blow a fucking gasket at the idiocy of the author of this piece of garbage. On to the great point:

FTA: "If you don't like Google, use Bing."

Thank you. 'Nuff said.

We do have a choice! (3)

Edrick (590522) | more than 2 years ago | (#39289875)

There's a simple solution to this --- just say no! If someone asks you to do something you aren't comfortable with, then get up and leave and go somewhere else. If enough people have the guts to do this, then these practices will change. If people in general follow them quietly, then they'll become an accepted part of our society and that'll be that! People are always too quick to forget that they do, in fact, have a choice in nearly everything they do!

Must be a Californian (1)

SeanBlader (1354199) | more than 2 years ago | (#39293265)

The author is definitely from California, having chosen Richter as his example scale. Since Charles Richter probably isn't the best example, and since these kinds of things are usually named after their authors, and since Jay was obviously modest enough to not propose naming it after himself, I suggest it be called the Cline scale. Certainly, it might not be better than having Jefferies Tubes named after you, but it's better than the john. Congratulations Jay, something will be named after you. Someone make a wikipedia entry.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...