Navigate 2008 Day Two Tidbits

Day 2 tidbits from Navigate ’08 by the IAPP and team: JZ told us that Mrs. Beasley, his fabulous and famous dog, has two tracking devices: a RFID chip and a GPS device. Why? They serve distinct purposes. The RFID chip is for if she gets lost and shows up at a vet’s office, in which case they can scan her and find the wayward owner (here, JZ). The GPS device gives JZ Mrs B’s whereabouts at any time. It’s turned out to be useful twice.

On the substance of the sessions, I was surprised by what amounts to another tidbit: this high-level crew of participants — including leaders from private sector, public sector, academia, and from around the world — seemed to think that greater alignment of privacy rules is desirable and possibly feasible. The consensus was not in favor of perfect “harmonization,” but rather forms of alignment that respect cultural differences, help consumers, and enable commerce to thrive. Easier said than done, to be sure, but I was surprised at the degree of consensus. The two keywords that seemed to resonate most: “alignment” and “interoperability.”

(There were specific caveats: 1) not enough public awareness and not enough pain by businesses to get this done; 2) need to scrap the bilateral approaches in a world of cloud computing; 3) enforcement challenges will abound.)

Tidbits from Navigate 2008 Day One

It’s Day One at Navigate 2008. Trevor Hughes and his crack team at the IAPP have established a space for thinking not about what’s urgeny, but about what’s important when it comes to privacy. The key for the event is to think big about privacy. The goal is to contribute to the global dialogue. (For me, kids, technology, and the future are on the brain because of Born Digital coming out, so the frame I bring to it is the future systems that we are building to protect our children and grandchildren.)


Meta tidbit: Going meta, briefly, on the emerging art of conference blogging. I’ve been wondering: What’s the optimal amount of blogging of a conference, in terms of frequency, length, and topic? JZ says the goal should not be coverage, but to exposure worthy tidbits. That’s to say, as many as a few posts a day if there are worthy things to say, or no posts if the conference totally stinks. (JZ is blogging a key aspect of Hal Abelson’s provocation so we can see what he means by a “tidbit” when that’s up.)

Process/experimentation tidbit: there are three breakout groups, each using MindManager in the breakout rooms. From a mission-control, a few of us have a view across the three MindMaps through a networking tool called MindJet. It works great for viewing all the conversations as they emerge in real-time. It also lets one intervene from the center — but that is not necessarily welcome, it seems, as the MindManager scribes have enough to do to keep track of the conversation, and chatting with the curators doesn’t seem to help their focus much. It’s cool to be able to intervene and to ask clarifying questions, but not necessarily productive to the whole, it seems. It’s great to be trying this out in real-time, though.

Substantive tidbit: from the first session, part of MIT prof Hal Abelson’s provocation. In the end, the way to go is to build accountable information systems, says Hal. He cited a letter he (and many of us) got from Bank of America which said that data about some customers had escaped from a third-party location and that B of A is tracking our accounts to see if anything is going wrong as a result. Hal says that this may be lawful, but it’s not accountable. He wants to know more: who had the data, why they had it, what it was, what happened in the breach, what risks he is running as a result, and so forth. He also says not to worry so much about the collection or mining of the data, but rather about decisions made about you based on these data. (I have a sense already that this is not a consensus view among other attendees — to be tested out!)

A final Bostonian’s tidbit, off to the side: In the command-central room for IAPP, there’s a side conversation about the MBTA’s Charlie Tickets v. Charlie Cards. These are the cards you buy to go on the Boston-area subway system. If you use an Charlie Ticket, rather than a Charlie Card, you pay more per ride, but there’s little chance your movements could be tracked, so one way to see it is that there’s a explicit premium per ride for your privacy. Richard Stallman has an alternate approach, apparently: swapping zero-value CharlieCards to frustrate any user tracking while not having to pay the privacy premium.

Navigating Privacy

Jonathan Zittrain and I are headed up to seacoast New Hampshire to be the “curators” of the IAPP’s new executive forum, Navigate, for the first few days of the week. It’s a beautifully organized program and a terrific line-up. It promises to be provocative and a lot of fun.

Privacy turned out to be a major part of our research into how young people use new technologies differently from their parents and grandparents. In our book, Born Digital (coming out in the next few weeks; and now the book’s website from the publisher is up), we started with a single chapter on Privacy and ended up with three: Identity, Dossiers, and Privacy. (Berkman summer intern Kanu Tewari made a video rendition of our Dossiers chapter; and the project’s wiki has a section on Privacy.) I look forward to testing those ideas with a bunch of privacy pros who will no doubt help to refine them.

As a special bonus: They’ve partnered with the MindJet people — makers of MindManager, which I love — to document the event and to extract key themes in an organized digital format. I’m looking forward to learning some MindManager tricks.