SAN FRANCISCO -- A growing number of people think Facebook, other social networks, connected device makers--and potentially the entire internet of things market itself--are (or soon will be) too invasive into personal data privacy for their own good. This topic was one of many on everybody's minds at this week's RSA Security 2017 conference at Moscone Center.
Here is one example: Recently in my own Facebook News Feed, the social network sent me a note that asked: "Were you at Portola Valley Theatre Conservatory? Answering this will not post anything to your site."
Whoa, wait just a minute. What is the point of wanting to know where I was yesterday? Yes, I've given Facebook permission to know my location, but I don't remember telling anybody that it was okay to track me from yesterday. By the way, I don't want Facebook to know where I'm going tomorrow, either. Is that coming next, using some predictive algorithm?
Facebook Verifying Location Algorithms
Before we go any further: Yes, I had given Facebook permission to know where I am, as I have with Google and others. The tradeoffs seemed okay with me, as they are for millions of other folks. So I'm aware that my location information was being used in various ways. I was just surprised, to say the least, at this use case.
Before I turned off my location option, I asked Facebook to explain why it did this.
"We're always looking for ways to give people a more relevant experience on Facebook based on where they are. For people who have location history enabled, we may ask for help to verify places where we think they've visited. People can see or manage their location history in their activity log," a spokesperson from the social network told me.
I mentioned this concern to an expert in security and data privacy.
"Looks like they wanted you to validate their algorithm, so they can creep on you better in the future," Darin Andersen told eWEEK, tongue only slightly in cheek.
Ever-Encroaching Technology on Personal Information
Andersen is founder and CEO of Authenticated Reality and Chairman of CyberTECH Network, a national advocacy group for cyber-security innovation that includes the federal and state governments, the military, the startup community, venture capital companies and established security vendors. CyberTECH Network is affiliated with Cyber Maryland, a major Washington, D.C. cyber-security advocacy group. In his spare time, Andersen also runs two startup incubators, CyberHive and iHive, in San Diego.
Andersen is concerned, as most people are, of the ever-encroaching way in which IT--in all its forms--is pushing aside personal data privacy. In fact, it is quite possible that there is no such thing as personal data privacy anymore--especially when it comes to video. Cameras are so cheap and being made so tiny, and networks are becoming so pervasive, that they can be bought and placed anywhere and operated at little cost. Video streams? Plenty of room in the cloud for all that content.
"We've moved from an age of surveillance to unfiltered footage of each of our lives," Andersen said. "It's like 'The Truman Story,' but we know that we're in the story, which is different from Truman. But everybody else is monitoring us, and we're monitoring them. This is not Orwellian, because in my view, if I read (George) Orwell right--the idea that Big Brother is watching--that idea applies itself nicely to China. The watchers are watching the watchers. This is not Orwellian, it's something else. It's equally creepy, but not in an Orwellian way."