Privacy in a Networked World, II

This is the second post about Privacy in a Networked World. The first post, about the conversation between Bruce Schneier and Edward Snowden, is here.

“Privacy in a Networked World,” John DeLong, Director of the Commercial Solutions Center, NSA

Other than the length and volume of applause, it’s difficult to measure an audience’s attitude toward a speaker. I’ll venture, though, that the audience of Privacy in a Networked World was generally pro-Snowden; the attitude toward John DeLong can perhaps be characterized as guarded open-mindedness laced with a healthy dose of skepticism.

DeLong’s talk was both forceful and defensive; he wanted to set the record straight about certain things, but he also knew that public opinion (in that room, at least) probably wasn’t in his favor. (He said repeatedly that he did not want to have an “Oxford-style debate,” though his talk wasn’t set up as a debate in the first place.) “Let’s not confuse the recipe with the cooking,” he said, in a somewhat belabored analogy where the NSA’s work was the cooking and the law was the recipe. (I cook a lot at home, and I’ll just say, I can usually tell when I’m looking at a bad recipe, and opt to adapt it or not make it at all.)

DeLong quoted at length from Geoffrey R. Stone’s “What I Told the NSA.” (Stone was a member of the President’s Review Group in fall 2013, after the Snowden revelations.) Stone’s conclusions were not altogether positive; he found that while the NSA “did its job,” many of its programs were “highly problematic and much in need of reform.” But it’s the Executive Branch, Congress, and FISA who authorized those programs and are responsible for reforming them. Stone added, “Of course, ‘I was only following orders’ is not always an excuse….To be clear, I am not saying that citizens should trust the NSA. They should not. Distrust is essential to effective democratic governance.”

DeLong said, “The idea that the NSA’s activities were unauthorized is wrong, wrong in a magnificent way.” He emphasized that the NSA is not a law enforcement agency, it’s an intelligence agency. He spoke in favor of people with different backgrounds and expertise – lawyers, engineers, mathematicians, privacy experts, etc. – coming together to work out solutions to problems, with respect for each others’ abilities. “Technology,” he said, “always comes back to how we as humans use it.” At present, “We do not have technologies that identify privacy risks….Privacy engineering could be one of the most important engineering feats of our time.”

DeLong talked about rebuilding the nation’s confidence in the NSA. “Confidence is the residue of promises kept,” he said. “More information does not necessarily equal more confidence.” (Someone on Twitter pointed out that much depends on the content of the information.) The talk was a good reminder not to villainize the entire NSA; part of DeLong’s forcefulness was undoubtedly on behalf of his co-workers and staff whom he felt were unfairly maligned. And technology that could identify privacy risks, built by people who have different perspectives and backgrounds, would be excellent. But do we need technology that identifies privacy risks, or do we need stronger oversight and better common sense? Mass surveillance erodes trust in government and hasn’t been terribly effective; what more do we need to know to put a stop to it?

“Privacy and Irony in Digital Health Data,” John Wilbanks, Chief Commons Officer, Sage Bionetworks

John Wilbanks gave a fast-paced, interesting talk about health data. The “irony” in the title of his talk soon became clear when he gave the example of Facebook’s mood manipulation experiment compared to a study of Parkinson’s disease. The sample size for Facebook was many times larger, with a constant flow of information from “participants,” as opposed to a much smaller sample population who filled out a survey and answered questions by phone. “What does our society value?” Wilbanks asked. This question can be answered by another question: “What do we surveil?”

Wilbanks showed a graph representing cardiovascular disease and terrorism: there is 1 death every 33 seconds from cardiovascular disease – “That’s like 9/11 every day” – and yet there’s not nearly the same kind of “surveillance” for health that there is for terrorism. Participating in a research study, Wilbanks said, is like “volunteering for surveillance,” and usually the mechanisms for tracking aren’t as comprehensive as, say, Facebook’s. Of course, privacy laws affect health research, and informed consent protects people by siloing their data; once the study is concluded, other researchers can’t use that data, and there’s no “network effect.”

Informed consent, while a good idea in theory, often leads to incomprehensible documents (much like Terms of Service). These documents are written by doctors, reviewed by lawyers, and edited by committee. Furthermore, said Wilbanks, people in health care don’t usually understand issues of power and data. So, he asked, how do we run studies at internet scale and make them recombinant? How do we scale privacy alongside the ability to do research? Wilbanks demonstrated some ideas to improve on traditional informed consent, which could also allow research subjects to get a copy of their own data and see which researchers are using data from the research in which they participated.

Obviously there are risks to individuals who share their personal health data, but there can be advantages too: more scientists having access to more data and doing more research can lead to more breakthroughs and improvements in the field of medicine.

Last year, Wilbanks talked about privacy and health data on NPR; you can listen to the segment here.

Still to come: Microsoft, Google, Pew, and a panel on “What Privacy Does Society Demand Now and How Much is New?” 

Privacy in a Networked World

This is the first post about Privacy in a Networked World, the Fourth Annual Symposium on the Future of Computation in Science and Engineering, at Harvard on Friday, January 23.

A Conversation between Bruce Schneier and Edward Snowden (video chat)

Bruce Schneier is a fellow at the Berkman Center for Internet & Society, and the author of Data and Goliath. Edward Snowden was a sysadmin at the NSA who revealed the extent of the government’s mass surveillance. The conversation was recorded (no joke) and is available on YouTube.

I have to say it was an incredibly cool feeling when Snowden popped up on the giant screen and was there in the room with us. There was sustained applause when he first appeared and also at the end of the conversation, when he was waving goodbye. Schneier started by asking Snowden about cryptography: What can and can’t be done? Snowden replied, “Encryption…is one of the few things that we can rely on.” When implemented properly, “encryption does work.” Poor cryptography, either through bad implementation or a weak algorithm, means weak security. End points are also weak spots, even if the data in transit is protected; it’s easier for an attacker to get around crypto than to break it.

Snowden pointed out a shift in the NSA’s focus over the last ten years from defense to offense. He encouraged us to ask Why? Is this proper? Appropriate? Does it benefit or serve the public?

The explosion in “passive” mass surveillance (collecting everything in case it’s needed later) is partly because it’s easy, cheap, and simple. If more data is encrypted, it becomes harder to sweep up, and hackers (including the NSA) who use more “active” techniques run a higher risk of exposure. This “hunger for risk has greatly increased” during the War on Terror era. Their targets are “crazy, unjustified….If they were truly risk averse they wouldn’t be doing this…it’s unlawful.”

Snowden said that the NSA “is completely free from any meaningful judicial oversight…in this environment, a culture of impunity develops.” Schneier said there were two kinds of oversight: tactical oversight within the organization (“did we follow the rules?”) and oversight from outside of the organization (“are these the right rules?”). He asked, “What is moral in our society?”

Snowden asked if the potential intelligence that we gain was worth the potential cost. He stated that reducing trust in the American infrastructure is a costly move; the information sector is crucial to our economy. The decrease in trust, he said, has already cost us more than the NSA’s budget. “They are not representing our interests.”

Schneier, using his NSA voice, said, “Corporations are spying on the whole internet, let’s get ourselves a copy!” (This was much re-tweeted.) “Personal information,” he said, “is the currency by which we buy our internet.” (Remember, if you can’t tell what the product is, you’re the product.) It’s “always amusing,” he said, when Google complains about the government spying on their users, because “it’s our job to spy on our users!” However, Schneier thinks that the attitudes of tech companies and standards bodies are changing.

These silos of information were too rich and interesting for governments to ignore, said Snowden, and there was no cost to scooping up the data because until 2013, “people didn’t realize how badly they were being sold up the river.” Schneier said that research into privacy-preserving technologies might increase now that there is more interest. Can we build a more privacy-preserving network, with less metadata?

“We’ve seen that the arguments for mass surveillance” haven’t really held up; there is little evidence that it has stopped many terrorist attacks. Schneier cited an article from the January 26, 2015 edition of The New Yorker, “The Whole Haystack,” in which author Mattathias Schwartz lists several recent terrorist attacks, and concludes, “In each of these cases, the authorities were not wanting for data. What they failed to do was appreciate the significance of the data they already had.”

Unlike during the Cold War, now “we all use the same stuff”: we can’t attack their networks and defend our networks, because it’s all the same thing. Schneier said, “Every time we hoard a zero-day opportunity [knowing about a security flaw], we’re leaving ourselves vulnerable to attack.”

PrivacyNetworkedWorld

Snowden was a tough act to follow, especially for John DeLong, Director of the Commercial Solutions Center for the NSA, but that’s exactly who spoke next. Stay tuned.

 

Manual for the Future of Librarianship

libraryandMy librarian friend Brita, who knows about everything before I do, recently wrote a blog post about her submissions to the Manual for the Future of Librarianship project (under the auspices of the ALA Center for the Future of Libraries, inspired by the Long Now Foundation’s Manual for Civilization). She inspired me to do the same, and I’m sharing my submissions here as well.

1. It’s Complicated: The Social Lives of Networked Teens by danah boyd
itscomplicatedIt’s Complicated is a must-read for teachers, parents, librarians, and anyone who disparages Millennials or “kids these days.” Researcher boyd unpicks the mindset that kids don’t care about privacy and shows how much of online life is “public by default, private through effort” instead of the other way around, making privacy difficult to obtain for those using social media. She makes the case that adults can best protect kids and teens by educating them about risks. boyd also addresses inequality and information literacy.

2. Little Brother by Cory Doctorow
littlebrotherLittle Brother is a young adult novel, but adults can learn a lot from it too: it’s a fast-paced story set in San Francisco before, during, and after a terrorist attack blows up the Bay Bridge. Seventeen-year-old high school student and hacker Marcus Yallow (a.k.a. w1n5t0n) and his friends are swept up by the Department of Homeland Security as the DHS cracks down on the city, and Marcus’ new mission is to expose their abuse of power. Marcus is more tech-savvy than most people, but Doctorow explains everything in a way that is interesting (and paranoia-inducing). It’s easy to imagine this scenario coming to life, and it leads readers to consider the relationship between privacy, security, and freedom. The follow-up novel, Homeland, is also worth reading.

3. “Why Our Future Depends on Libraries, Reading, and Daydreaming” by Neil Gaiman

Neil Gaiman in October 2013. Photo by Robin Mayes.

Neil Gaiman in October 2013. Photo by Robin Mayes.

British author Neil Gaiman writes across genres and for all ages, and he’s a passionate advocate for libraries. In October 2013, he gave a particularly strong and articulate lecture on the importance of fostering literacy through teaching children to read and making sure they have access to books they enjoy. He also spoke about the positive correlation between fiction and empathy, which has now been shown in a number of studies, and the importance of libraries: “libraries are about freedom. Freedom to read, freedom of ideas, freedom of communication…Libraries really are the gates to the future.” [I wrote about this same speech at length soon after it was published online by The Guardian.]

Julia Glass at the Weston Public Library

On a night that introduced me to the concept of “ice mist” (I think that’s what it was), there was a packed house at the Weston Public Library to see Julia Glass read from her newest novel, And the Dark Sacred Night. I’d seen Glass speak once before, in conversation with her editor at the McNally Jackson bookstore in Soho in 2009, and thanks to a major tidying effort, I turned up my notes from that event just a few weeks ago. At the time, Glass said:

“All serious fiction is emotionally autobiographical.”

“If you choose fiction, you distort.”

“There are always mysteries and things we will never know [about the people we’re closest to]….You cannot know everything about the people you love the most.”

Her words, and especially the concept of emotional truth in fiction, stayed with me, enough to get me out of the house on an ice-misty night. (What is that, Massachusetts? Seriously.)

Hardcover book jacket

Hardcover book jacket

In Weston, Glass started by observing the difference between a hardcover tour and a paperback tour: during a hardcover tour, the material is fresher in the author’s mind, but most audience members haven’t had a chance to read the book yet. With a paperback tour, on the other hand, the author may have forgotten details about the book, but the audience is more likely to have read it.

She spoke about her local connection, having grown up in Lincoln, MA and worked in the library there: “I really regard that library as my third parent.” Glass also talked about how she begins her books. Writers approach stories in different ways, but Glass comes to her stories through character. Malachy Burns’s mother Lucinda, a secondary character in Three Junes, was inspired in a unique way: Glass and her partner were stuck in traffic*, and the bumper sticker on the car in front of them read “Life: What a Beautiful Choice.”  That, Glass realized, encapsulated Lucinda’s Catholic outlook.

*Glass’s advice for couples stuck in traffic is: Don’t talk! It will only lead to fighting over whose fault it is that you’re stuck in traffic. She believes that the declining divorce rate is due at least in part to the rise of GPS devices.

Unlike some authors with ideas spilling out of their heads and onto scraps of paper everywhere, Glass says she doesn’t have lots of ideas for books. “Every time I’m coming to the end of one book, I’m terrified it’s the last one.”

“All of my books stand alone…but I do seem to be in the habit of bringing characters back.”

Paperback cover

Paperback cover

Glass’s books are all set in the semi-recent past. Does she rely on her memory to fill in details appropriate to the decade or year? She laughed at the idea of relying entirely on memory, but said that “personal stories that people tell me make their way into fiction,” and her books are usually set on “familiar turf” (New York, New England). But “research is important for every book…I always want to give myself a challenge…What’s something I really want to know about?” Fiction writers, Glass said, “are the people who want to be everything,” and researching for books is a great way to learn more about other topics and vocations. “There are so many ways of being and living in this world. The ‘what-if’ questions drive us.” Glass is particularly interested not just in what people choose to do, but in how that vocation in turn shapes them.

But research, for Glass, comes after writing. “I bluff my way through writing first, and research later.” For her books, she has interviewed oncologists; doctors familiar with HIV/AIDS treatment in the early days of the disease; classical cellists; and professional bakers of wedding cakes. She has also explored YouTube, especially when seeking particular pieces of music, and has learned to look at the number of page views to find the best quality videos. “YouTube is very dangerous.”

She writes her books from beginning to end, not allowing herself to skip over difficult scenes. Her manuscripts tend to be much longer than the final published versions of her books. Glass’ editor Deb Garrison told her, “You have a wonderful sense of responsibility to your readers…[but] they don’t have to know everything.” This revelation led Glass to cut an entire section from Daphne’s point of view from And the Dark Sacred Night.

After Glass read two scenes from the novel (one from Kit Noonan’s perspective, one from Walter’s), an audience member asked if she could talk more about her third book, I See You Everywhere. “You could see it as a novel, perhaps,” Glass said, but it’s really a collection of linked stories, all of which stand on their own; in fact, one of the stories won the Chicago Tribune Nelson Algren award, which was, Glass said, one of the best moments of her life. I See You Everywhere is her most autobiographical novel, which she published once she decided she did not want to write a memoir; “I just wanted to write about a certain kind of sibling relationship.”

I haven’t read And the Dark Sacred Night yet, but I plan to read it soon, and I can definitely recommend Three Junes, The Whole World Over, I See You Everywhere, and The Widower’s Tale. Thanks to the Weston Public Library for hosting, and to Julia Glass for a lovely and inspiring evening.

Incidentally, the ice mist has now turned to snow.

The Official TBR Challenge

2015tbrbutton

I have officially entered the Official 2015 TBR Pile Challenge. I’ve tagged fourteen of the titles on my TBR shelf (plus two books I don’t own but have been meaning to read, The Art of Fielding by Chad Harbach and Graceling by Kristin Cashore) with “2015-TBR” in LibraryThing. Thanks to Linda at Three Good Rats for the nudge to join the official challenge.

2015-TBR2015-TBR2

I hope to read even more books from my TBR shelf this year, but this challenge is a good start. I do like checking things off a list…not that books should ever be reduced to mere list items.

The TBR shelf

At the end of 2013, I reorganized my books, shelved all the books I owned but hadn’t read yet together, and declared that I would read them all in 2014.

This plan failed.

In terms of quantity, it wasn’t an ambitious goal. (I ended up reading 147 books last year, and that’s if you count conservatively.) However, as noted previously, I’m much better at reading books with due dates (either from the library or borrowed from friends) than books without them.

Of the 26 books on that top To-Be-Read (TBR) shelf (pictured here), I actually read only three: Life After Life, The Welsh Girl, and Above All Things. Incidentally, they were really good and I’m definitely glad I got around to them. I tried reading White Tiger, both in print and as an audiobook, and decided not to finish it; I also set aside Archetype partway through. There were eight others I decided I wasn’t ever going to read, and I got rid of them.

I still intend to read (or start reading and definitively give up on) twelve of my 2013 TBR books:

Birds of Paradise

Equal of the Sun

Wild Girls (this is my book club pick for January, so I know I’ll read it)

Good Harbor

The Waterproof Bible

American Ghost

Kitchen Confidential

Quiet

The Te of Piglet

The Gospel According to Jesus (my dad sent me this, and I don’t read enough of the books he sends)

Some Girls, Some Hats, and Hitler

My Heart is an Idiot

From the lower shelf in the photo, I still intend to read God’s Hotel (sent to me by my oldest friend – oldest in terms of time we’ve known each other, not in terms of her calendar age) and Far From the Tree.

I have decided that A Passion for Books is more of a reference book than a cover-to-cover book, therefore I feel no guilt about keeping it, even though I don’t necessarily plan to read it this year.

Over the course of 2014, even as I got rid of some books I finally accepted I wasn’t going to read (or if I did, I’d get them from the library), I added more books to the shelf. So in addition to the titles mentioned above, I plan to read the following:

Invisibility

Nora Webster

The Starboard Sea

City of Women

We Are Called to Rise

The History of Us

Between Shades of Gray

So that’s 21 altogether, which – if I were to read nothing else but these until I had finished them all – should take about three months (Far From the Tree is 976 pages). Make that 22, because I set Our Band Could Be Your Life aside after the third chapter last January and have been meaning to finish it ever since. That’s a year now, if anyone’s counting.

The 2014 TBR shelf, featuring many titles from the 2013 TBR shelf.

The 2014 TBR shelf, featuring many titles from the 2013 TBR shelf.

This is doable. Possibly I can sneak a few more of these in as book group choices, but either way, I’ll either read them or get rid of them “this morning. By noon. By noon or one. By 1:37 exactly!”

Gold star and a Mark Knopfler soundtrack to you if you recognized the Empire Records quote there. But seriously, I’m planning to read these by the end of June. Or by 12/31/15 exactly. Wish me luck, and let me know if I should bump any of them to the top of the list, or off of it.

 

2014 Year-End Reading Wrap-Up

The beginning of January: the traditional time to collect statistics on the previous year’s reading. At least, this is the tradition on librarian blogs. See: Jessamyn West, Meredith Farkas, and my co-worker Linda.

Last year I read 154 books; here’s the complete wrap-up from 2013. In 2014 I re-discovered picture books in a big way, so I’ve got an inflated-looking number (281!) as well as a more comparable one (147).

Number of books read in 2014: 281

Books per month average: 23.4

Total page count: 54,111 (most picture books are 32 pages, most audiobooks are “unpaged”)

Fiction/Nonfiction split: 244 fiction/37 nonfiction

Books read minus 6 partially-read books: 275

And minus 128 picture books: 147

Books per month average minus partially-read books and picture books: 12.25

Audiobooks: 20, including a few re-reads (Will Grayson, Will Grayson; My Sister Lives on the Mantelpiece; Landline; Every Day), not including one I didn’t finish (White Tiger)

The male/female author split in my library (read, currently reading, and to-read)

Figure 1: The male/female author split in my library (read, currently reading, and to-read)

Female/male authors: roughly 50/50 if this year is consistent with my library as a whole (see Fig. 1)

5-star ratings: 18 books (though two of them were The Very Hungry Caterpillar, one in English and one in Spanish).

And as Linda wrote, “I stand by my 5-star ratings, but when I look at what I read this year, there are many other books that really jump out at me, that when I see them on the list I think ‘That one was really good.'” It’s hard to tell, when you finish a book you really liked or loved, if it will stick in your mind or not. Some fade quickly, and others continue to grow in your memory until they’re firmly lodged there; these are the ones you end up recommending to others for years, even if they weren’t the ones you raved about the instant you finished reading the last page.

For the Robbins librarians’ collaborative blog post about our favorite books of 2014, in which we  particularly focused on books with 2013-2014 pub dates, I chose to write about The Bone Clocks, Station Eleven, All the Light We Cannot See, Men Explain Things to Me, and Far Far Away. I also strongly second many of the other librarians’ choices, including The Magician’s Land, Landline, Thunderstruck and Other Stories, Say What You Will, and I’ll Give You the Sun.

As for reading resolutions, stay tuned. Or if you’re looking to make a reading resolution of your own, check out Linda’s blog post about reading challenges, or mine on bookish resolutions.