The value of privacy
Alexander Railean
http://railean.net/
Privacy is a very important value, yet we routinely make decisions that undermine it. It is not just someone else doing it to us, we’re doing it to ourselves as well. How come? I will attempt to explain this through examples, analogies and thought-experiments.
Behavioural economics is a field that can offer some insights. One of its basic premises is that buyers are not behaving rationally, as a hypothetical “homo economicus” would, instead they’re subjected to a range of biases.
An engaging introduction to this mindset is Dan Ariely’s “Predictably irrational”, he provides a lot of clever examples that demonstrate how such biases can be exploited (whether you’re maximizing profits or the probability of getting a date).
When I was a child I found an unusual metallic artifact, I have never seen anything like it before, it had a strange elongated U-shape with a tail. I did not know what it was, but a classmate of mine knew, he told me that he’d explain that to me, with one condition – I give it to him after I learn the answer. Would you have accepted the deal? Take a moment to think about it.
Note: when I ask you to “think about …” it helps if you really think about it, instead of reading on right away.
No, really think about it.
I was intrigued! The information was valuable, while the object itself presented no value to me since I didn’t know how to use it. I agreed and within moments I learned it was a “tuning fork” – you have to strike it and it will produce a sound that allows you to calibrate a musical instrument.
The decision was not regretted afterwards, he took the “camerton” (as he called it in Romanian), while I “took” the information.
Would I have felt the same if I discovered this was “a key to unlock a safe with an unlimited supply of ice-cream”? Or a “teleportation device”? Or an “animal mind controller”? Not likely. I would also feel cheated and attempt to undo the transaction or at least decide not to deal with him in the future anymore.
Thinking about it today reminds me of a thought experiment from game theory – the ultimatum game.
Imagine that you and a friend walk in the street and there’s a 100$ bill on the ground; she is the first one to reach it. She declares – “I will suggest a split, if you accept it – we share the money as stated, if you don’t – we give it away to the first person we meet”.
Basically, if you don’t accept the deal – you both get 0$, and if you do – you’re getting the amount dictated by your friend. Would you accept? Think about it.
….
…
..
.
Rational agents who maximize profit will accept any split and earn X$, because rejecting it yields 0$.
A 50/50 split is fair and most people accept it. When it comes to outright unfriendly offers such as 10/90 or 1/99, people (i.e. irrational agents) choose to reject, despite the mathematically sound choice of accepting it. If you’re maximizing your own profit, all you need to do is think of it in terms of “Do I want something or nothing?”, leaving out the part about how much your friend earns (or the idea of punishing them for being unfair).
Let’s twist the scenario a bit. The setting is the same, but because of your blurry vision you don’t know exactly how much money was found, you only saw your friend picking up a greenish piece of paper. She suggests a split and you’re both getting 10$ each (“a fair outcome”, your inner voice says). Would you think the same if you knew that she actually picked up a 100$ bill?
When it comes to privacy, our data can be treated in a similar way – we agree to give it away in an informationally asymmetric context; our partner knows more than we do, so we cannot make an informed decision.
When you think about it, you’re indeed getting a favour – a site gives you free videos of cats, while another one is a free platform to interact with your acquaintances – seems fair. But is it?
If your social network site charged a fee for their service, far fewer people would use it. Think about how much you would be willing to pay for such a service.
Imagine the acceptable cost is 5$/month*. You agree to it because you find the service useful and affordable.
Scenario A (informationally asymmetric)
[Sign up] to stay in touch with your friends and family for only 5$/month.
Scenario B (informationally symmetric)
[Sign up] to stay in touch with your friends and family for only 5$/month (we’ll make 150$ off you by selling your data to our partners).
Scenario C (informationally symmetric)
[Sign up] to stay in touch with your friends and family for only 5$/month (our data analysts will learn your preferences and sell this information to third parties who will then use it to nudge you towards buying stuff they produce and you don’t really need).
Scenarios B and C are more balanced, because now you know more about what your partner is really up to. What seemed to be a sweet deal ends up leaving a bitter taste, it is akin to finding out that the “U-shaped object with a tail” I gave away as a kid was, in fact, a teleportation device.
One of the reasons people may erode their own privacy is because they’re unaware of the big picture. Information asymmetry plays an important role here, it enables large companies to play the game with us on a daily basis, consistently dictating unfair splits. They are getting away with it, while the users aren’t even thinking of getting them “punished”, being unaware of the disequilibrium.
This applies equally to other technologies that cause us to leave “informational footprints” all over the web: sensor data produced by “Internet of things” (IoT) devices, our search queries, the videos we watch, the Wikipedia articles we study, the music we listen to, or the books we read.
With the IoT, for example, your fitness tracker could allow someone to infer where you’ve been, at what time, how often you go there and who else was with you. The logs collected by a voice-controlled home assistant acting as a search engine interface could reveal you have a specific disease, or that you’re rushing to buy flight tickets. If a travel agency knew about your intentions and could identify you in their store – do you think they would offer cheaper or pricier tickets?
Such things perpetuate with our consent – we’re lured into these deals through a series of {next, I agree, continue, yes} clicks, which is why you cannot claim you were tricked.
Lawyer’s tip: though it is unrealistic to read all the agreements you “agree” with, you should at least save these documents to a file, you might need them later.
I shall end this story by encouraging you to read about ARPU – average revenue per user, a metric service providers use measure the monetary impact of each user account. This information is published in annual reports such as these, that are freely accessible to the public. Have a look and find out what your contribution is.