about   |   writing   |   archives

Practices Around Privacy

Tehran: murals

Finding the right balance between working for and being rewarded by a large corporation and respectfully engaging / disengaging with people and communities is a challenging one – whether it’s because of the inherent power imbalance, practical time constraints of working at a corporate pace, privacy issues, informed data consent, acknowledging people’s intellectual property or because we need to understand behaviours that are on the edges of legality – be they ‘online piracy’, street hacks, or fakes. Doing the right thing by our study participants is something we take seriously and requires an even more nuanced understanding as things become increasingly connected. (If you work in this space and this isn’t a challenge then you’re either short changing your clients or you’re short changing the study participants).

Over the years I’ve documented and shared a lot of what we’ve learned on Future Perfect, through a steady stream of presentations and an ongoing dialog with various communities. This site is written on my own time and paid for by my own dime – but credit also goes to my employer for providing a relatively free reign in putting the research out there.

Earlier this week this article on network monitoring in Iran appeared in the Wall Street Journal, and given the current election related interest in that country it is no surprise the article has been widely disseminated. Nokia Siemens Networks (NSN) was mentioned in the article and their official response is posted here. It’s worth noting that NSN providse a forum for comments from a range of perspectives (with the practical constraint of them needing to be written in English).

The passion with which English speaking world is engaging with the #iranelection is encouraging – and puts many of the critical comments on the NSN blog into perspective. It’s obvious that tools like Twitter have enabled people to feel directly and personally connected to events on the ground in Iran, although it’s worth noting they are largely connecting with people posting in English.

Having followed some of the recent debate around technology use you might be interested in these 10 insights drawn from studies of mainstream users around the world:

  • &#187 People who don’t trust their government wherever they live in the world, tend to not to have much trust in the networks that carry their communication. But just because they don’t trust it doesn’t mean they don’t use it – in particular the ease of connecting to the people that matter often trumps the risk of perceived breaches to their privacy, security.
  • &#187 Even if people are able to rationalise why they shouldn’t use the network e.g. the risk of being arrested, events can take over. They may feel that as part of a large crowd they won’t stand out; they may be caught up in the heat of the moment and turn to the tools they know; or simply at that moment in time the network is the least worst option.
  • &#187 People have very fuzzy mental models of how the network functions – for example not understanding where data is stored, or the implications of different types of storage. It doesn’t take much imagination to understand the implications of using online backup services like MobileMe or Ovi Share in situations where, rightly or wrongly, people percieve the network to be compromised.
  • &#187 Mobile phone’s don’t need the network to be useful: they often include cameras and video cameras, in many urban centers adult penetration is ~100%, they are carried everywhere putting them in a prime position to capture and later share experiences – the Neda video is a good example.
  • &#187 In some countries side loading media is common – be it via cable, memory card, or Bluetooth. The practice of BluetoothMe – flirting and sharing files via Bluetooth is reasonably common amongst the youth in the Middle East and to some extent Iran with sensitive material being transferred from phone to phone in this way. It’s not particularly practical except in contexts where people know each other and where people and devices are likely to remain in range with one another – the lecture theatre, the bus, the subway. Keep an eye on what’s happening with micro-USB for data transfer going forward.
  • &#187 For all the discussion around sophisticated network tracking – interception often boils down to the man with the uniform and the truncheon checking your camera, your phone’s inbox, your call log. Those photos of your mate throwing a gas canister? It puts you in a time and place.
  • &#187 The more there is at stake the more people will strive to understand the trade-offs in connecting to the system or network. And vice versa – if you’ve grown up around a good network access and, say location positioning then that’s just how life is – there is less reason to question. Ditto censorship.
  • &#187 Increasingly the choice of whether to adopt, or opt-in to a technology is one of whether to opt-out of society.
  • &#187 People tend to adopt strategies to separate very private communication from the merely private, but in a world of cookies and call logs it’s increasingly difficult to keep the two apart. If you have the time take a peek at the features that support very private communication (typically extra-marital affairs) on some Japanese mobile phones.
  • &#187 In any country where tracking is considered widespread – be careful about gifts from strangers. You never know where that mobile phone or SIM card has been and whether it makes you a target.

David Mery added: “Another guide to how to communicate anonymously is here.”

“Re understanding the trade-offs in connecting to the system or network. In some countries it is now expected that you carry a switched on mobile phone. Not doing so becomes an element of guilt. I wrote about it here.

“An interesting discussion of the unauthorised use of the LEA access feature of a phone network is the Athens affair here.”

Patrick Meier wrote: “Here is a comprehensive post on ‘How to Communicate Securely in Repressive Environments‘”