Zero Privacy: Thoughts on McNealy and Zuckerberg and “privacy statements”

In some of my recent posts about privacy, occasioned by Facebook founder Mark Zuckerberg's apparently dismissive attitude to privacy concerns, I referenced the "infamous" privacy comment that Scott McNealy made in 1999.

At that time, McNealy was the CEO of Sun Microsystems, and Sun was hot. Java was cooking, so to speak. Anyway, McNealy was reported to have said, to a group of reporters, something like: “You already have zero privacy anyway, so get over it.” The rest of this post is what I wrote on this subject in my 2002 book on privacy (which you can always download, for free, if you feel like reading more) followed by a few fresh thoughts.
Light Down Under
When Scott McNealy addressed the National Press Club of Australia in September 2000 he explained what he meant by that zero privacy remark. Here is a verbatim transcript:
“If you get hit by a truck, you want somebody to have your medical records. If you cannot tell them the combination to your safe or where your medical records are kept, you have a problem. In effect you want your medical records to be available online out over the Internet. You want every ambulance driver to be able to unlock it. So that is a little risk you take. Every ambulance driver might be able to tap into your medical records. Get over it. That is better than getting hit by a truck and dying.”
That's not quite the same as simply saying: "You have zero privacy, get over it."

Various versions of the quote—and Mr. McNealy’s last name—rapidly populated articles and presentations about privacy, most of which made no mention of the original context. That context was frustration at announcing a new product, JINI, then having to field questions about the one thing it can’t do—guarantee absolute privacy of personal data—rather than the many things it can do, such as make vital data instantly available across a wide range of hardware, software, and networks.

A lot of people in business can relate to Mr. McNealy’s frustration with those who have turned privacy into an absolute. While the potential to abuse information technology such as Web sites and email is a genuine cause for concern, foolishly equating privacy with anonymity—somehow forgetting that you cannot participate in society unless you share information about yourself—does nobody any good. As I said in Chapter 1, the reason that privacy on the Web is such a big challenge is that nobody yet understands exactly what privacy means in the context of today’s highly interconnected, heavily computerized, data-dependent world. About the best we can say is that privacy in the information age is a work in progress.

Of course, if you are the sort of person who thinks corporate America is only out to steal people’s wallets and ruin their lives, you are unlikely to be swayed by my assertion that most businesses actually want to respect the privacy of their customers, particularly if that is what their customers want. The problem is that we, as a society, simply haven’t finished our homework on this one. In other words, we are not yet at the point where a significant percentage of consumers have articulated specific Web and email privacy demands that businesses have chosen to reject.

As Rob Leathern, a Jupiter Research privacy analyst recently observed, “Neither consumers nor businesses effectively address online privacy issues.” He was reflecting on a Jupiter Media Metrix report that found more than 80 percent of U.S. consumers would give out personal information in exchange for small rewards, while at the same time nearly 70 percent said they were concerned about their privacy online. They might be concerned, but 60 percent admitted that they did not read privacy statements before handing over personal information to Web sites (not helped by the fact that a lot more than half of consumers surveyed found online privacy statements difficult to understand).

Notes from 6/26/2010: A lot has changed since 1999, but a lot remains the same. As Facebook and Twitter attest, digital privacy is still very much a work in progress. And some things never change: CEOs do not have "freedom of speech" any more than their employees. A bank clerk can be fired for mouthing off about the company. A CEO can put his or her job in jeopardy by saying the wrong things in the wrong place, like in email that lives forever or in the presence of a reporter's microphone. What may be new is the extent to which we are all more closely watched, surveilled if you will, which adds a level of transparency to our society, the implications of which we don't yet fully grasp.]

No comments:

Post a Comment