Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

New York September 2008 Ignite, Sam Lessin on Privacy


Published on

sam lessin's presentation on privacy at Ignite NYC in September 2008

Published in: Technology, News & Politics
  • Be the first to comment

New York September 2008 Ignite, Sam Lessin on Privacy

  1. 1. a very brief history of privacy in our data deluged world, Sam Lessin @
  2. 2. Voice Over (1/2): 1. hi, my name is sam lessin, and I am going to be speaking a bit about digital privacy - something i spend most of my days working on in one way or another 2. for starters, what is privacy. people pre-pend the word in phrases like private thoughts, a private journal, private bedroom exploits, or private plans to take over the world - but there are precious few good definitions of what the term actually means 3. The best way to describe privacy is as the limited transmission of information over time and/or between people. It is about moving information from a trusted point A to a trusted point B without exposure. 4. why do we care about privacy? isn't it dead? -- we care because in all sorts of scenarios the value of information is inversely related to how public it is. from corporate secrets, to gambling and the stock market, to even personal intimacy 5. fundamentally you are only as private as your weakest communicative link. the model for a private exchange is a one to one discussion in the middle of nowhere. Output directly to Input. But the reality is that as we have made communication more efficient we tend to rely on more intermediaries to communicate. 6. as with many things, one of the most interesting testing grounds for privacy is WAR. during war private information is extremely valuable to all sides.... and you frequently have to use untrustworthy links in the communicative chain. The solution that evolved quickly was 'security' 7. all security is breakable - it functions by changing the cost structure of information. You pay a cost to secure your information(which is less expensive than the info transmitted is valuable)... the key is to make it expensive enough for the enemy to break your security that it isn't worth it. 8. the reality is that outside of war, until very very recently most information was harmless/ mostly valueless on a mass scale- so people were not very concerned about privacy. There simply was little to 'steal' from you information wise, so you didn't have to incur much cost to protect your information. 9. three little familiar concepts, however, changed all that. the cost of and therefore volume of communication, information storage, and compute power have changed the equation by making useless data useful and by making privacy measures much more expensive on a relative basis. 10. these cost changes have drastically changed the amount of communication, the amount of communication that is saved, and the ability to access that information. this is a HUGE deal
  3. 3. Voice Over (2/2): 11. people have been freaking out about this for a long time. Max Weber wrote about all these concepts and their impact with regards to 'bureaucracy' and people have been updating the concepts all the way through Foucault's Power-Knowledge in quot;Discipline and Punishquot; 12. interestingly, all this information and organization did allow for a new mechanism of non-secure 'privacy'. Simply trust your privacy to them and the law. it is a felony to open mail 13. this worked relatively well, because even up through very recent history, little information was valuable and few people were in a position to break trust. 14. Internet changes all that - all of a sudden lots of information was valuable at scale, and lots of people could touch it 15. institutions break down - laws don't work if you can't enforce them -- and with data flowing beyond boards and no transparency into who has what = no enforcement 16. go military style? doesn't work - because security only works on cost differentials. Security isn't getting cheaper faster than breaking security, information is getting more valuable for the bad guys and the good guys. 17. in fact, we are worse off than military information - value of which is very perishable - our data lasts forever - so if you can't break today break tomorrow 18. this really really sucks for your kids - because 'public key' security is going to crumble with quantum computing - so traditional security will melt. 19. so what should we do - future of privacy is about unwinding - decentralize, de-tag, destroy... you are also going to end up with less 'privacy' - which is good, because you can sell your privacy for great stuff online 20. recap -
  4. 4. WTF is privacy?
  5. 5. the limited transmission of info… between people over time
  6. 6. So What?
  7. 7. Only as private as your least trusted link… IO I(OI)O I(OI)(OI)(OI)(OI)O I(OI)(OI)(OI)(OI)(OI)(OI)(OI)(OI)O I(OI)(OI)(OI)(OI) (OI)(OI)(OI)(OI)(OI)(OI)(OI)(OI)O
  8. 8. OH CRAP, better use a code
  9. 9. Vi(1) – Cs(1) Vi(2) – Cs(2) > Security is based on Relative Values and Relative Costs
  10. 10. Ye’ old info = “mostly harmless”
  11. 11. Communication Storage Compute
  12. 12. All of Human History volume Network Internet Cuil Computer Telephone Googlie Morse code Dog Pile Modern Bureaucracy LOC type writer Widner Calculus Printing Press Dewey Decimal Counting Writing Vatican Language Crazy Monks Alexandria ~years
  13. 13. Freaking out, moderate old school
  14. 14. OH CRAP (new school peacetime)
  15. 15. OH CRAP (1980s peacetime)
  16. 16. …then the intertubes value of your crap all your crap is valuable*! ~years
  17. 17. Institutions can’t save you I(OI)(OI)(OI)(OI)(OI)(OI)(OI)(OI)O ?
  18. 18. go military style? = fail Vi(1) – Cs(1) Vi(2) – Cs(2) >
  19. 19. Suckers
  20. 20. really sucks for your kids…
  21. 21. Future History: Back to Black 1. decentralize 2. de-tag 3. destroy 4. (give up)
  22. 22. DON’T PANIC, just be conscious 1. Privacy = limited transmission of info 2. Security = method for maintaining privacy across un-trusted IO 3. Digital makes worthless crap valuable 4. Chill out, tread lightly http: // twitter @lessin