What Shoshana Zuboff and Mark Zuckerberg both get wrong about privacy, and how you can fix it.

Predicting the Future of Privacy Ten practical perspectives that will help you understand how people will and do balance privacy in their lives Jason Voiovich

The debate over privacy rights has devolved into a polarized and unproductive shouting match between two opposing points of view. On one side is Silicon Valley, who believes that the benefits of innovation trump any quaint notions of “private” lives. Privacy rights get in our way! On the other is the New York elite – The New York Times Editorial Board and Shoshana Zuboff, who believe our very lives are being threatened in an act of corporate violation. We are here to save you!

Both perspectives are wrong. They’re not wrong because they don’t have valid arguments; they are wrong because they both forgot to ask consumers, citizens, patients, and employees what they think about their own private lives. To put it simply: Zuckerberg and Zuboff think they know better than you do about how you should think about your own privacy. That’s why the so-called “debate” over privacy will never result in meaningful progress.

It’s long-past time for a new approach. To do that, we’ll turn the question of privacy on its head and explore the roots of the complex set of tradeoffs everyday people make when they device whether or not to share private information. When we’re done, we will have a framework that will not only help you make better decisions, but also a way to predict how others might make similar choices.

.   .   .

How did privacy become not about people?

Privacy concerns? Uber completes over 40 million rides per month in the United States.

Who would have predicted 10 years ago that we would, routinely, get into a stranger’s car and trust that we would arrive safely?

Privacy concerns? Amazon has sold 100 million Alexa-enabled devices.

Would anyone have known 10 years ago that we would, routinely, allow a listening device into our homes so that we could order pizzas and play music?

Privacy concerns? The Mayo Clinic’s Biobank has over 50,000 participants.

Was it reasonable to guess that 10 years ago that we would, routinely, share our health information with a private massive database?

Ten years ago, each of these statements would have seemed ridiculous. Sure, people may be willing to share what they had for dinner on Facebook, but they would never submit to such blatant intrusions of their privacy.

And yet, here we are.

That’s not to say that the privacy situation has not become the subject of intense debate. The New York Times has been publishing articles throughout 2019 in an ongoing series titled “The Privacy Project”. Surveillance Capitalism was one of the top non-fiction books of the past year. Security expert Norton reported that in 2019 alone, 4 billion records were breached.

What does that all mean? We can no longer argue that we aren’t aware of these intrusions, nor can we argue that we don’t know the risks.

And yet, here we are.

The best-selling devices worldwide included Echo Dot, Fire TV Stick with Alexa Voice Remote and Echo Show 5. (Amazon Press Release, Holiday Shopping Season, 2019)

In fact, over two years of intense and overwhelmingly negative media coverage hasn’t made a dent in the growth of the personal information economy – the so-called “internet of all of us”. If that’s true, then business owners, organizational leaders, healthcare experts, and politicians who see consumer, employee, or patient data as critical to their business models must ask themselves a difficult question:

Why is it that people are aware of data gathering, and understand its risks, do they keep clicking “accept”? Will they stop? What happens if they do?

Are people privacy lions or are they privacy sheep?

If we ask the New York Times, they might argue that consumers are only just understanding the true costs, and that once they do, they’ll push back hard. Perhaps they’re right.

If we ask Silicon Valley, they might argue that consumers say they’ll do all sorts of things, but they know better. If consumers want it, they’ll take the risk. Perhaps they’re right.

When I began my research, I saw privacy the same way Shoshana Zuboff and Mark Zuckerberg see it – as a simple paradox born of the personal data economy. The problem was that this simplistic approach didn’t work. It failed again and again to explain the decisions people made when it came to their private lives.

Simple narratives may make good stories, and they may sell books, but they clearly weren’t the truth.

The privacy debate couldn’t lead me to the insights that would help me answer critical business questions. I needed a more practical approach.

  • Will employees consent to listening devices if those devices can prevent harassment and abuse?
  • Are customers likely to adopt a freemium software offering if it aggregates and remarkets their data?
  • Should patients accept a lower cost health plan option if it requires ongoing monitoring?

To get there, I spent the past three years working to understand how individual privacy and the data economy interact. And today, I intend to share with you what I’ve learned. As I do, I’ll ask you to confront the same questions I did during my exploration. And finally, I’ll show you how that broader perspective will pay off for both your personal life, as well as your business.

But before we begin, a warning: You may not like everything you hear, and the questions won’t be easy. And when we’re finished, you won’t have better answers, but you will be able to ask better questions.

Let’s get started.

.  .  .

Perspective #1: Deep History

Private Lives in The World Until Yesterday - What Can We Learn from Traditional Societies?

When you met your colleague or friend this morning, was the first thing you talked about the color, odor, and volume of your last urination? (I hope not.) But tribespeople in New Guinea do. And it makes sense. If you relied on the person next to you for your life and safety, you would be very interested in their elimination habits. It’s probably the best indication we have of overall health absent modern measurement techniques.

It is only since the industrial revolution that we substituted processes, infrastructure, and technology instead of other people for our survival. Privacy is a very recent invention.

But no system can address all of our needs. We continue to rely on our family, friends, and neighbors to help us navigate the uncertainty and scariness of daily life.

Nextdoor user interface

Nextdoor is a good modern example of this tradeoff. Yes, you could call it a “system”, but it is more accurate to think of it as a way for busy neighbors to help each other figure out what’s happening near them. To share in this way requires releasing some level of personal anonymity for the feedback other people can provide – much like a modern version of a tribe.

But let’s not be theoretical, let’s get personal. My first question for you relates to the deep historical perspective I’ve just described:

Would you rather rely on other people for your personal well-being or would you rather rely on systems, infrastructure, and technology?

Privacy question 1: Would you rather rely on other people for your personal well-being or would you rather rely on systems, infrastructure, and technology?

Make a mark on the continuum between those two extremes where you personally fall. There is no right or wrong answer. And don’t overthink it. Your first impression is what your unconscious brain is telling you is right for you.

Now, let’s go. We have nine more to go!

.  .  .

Perspective #2: Global Privacy Law

Our second perspective is one that many of us is familiar with – the legal and regulatory approach. Critics may argue that privacy law simply hasn’t caught up with technology and marketing, and that government is always bumbling and slow. But I’m not so sure that’s fair.

Specifically, the new California Consumer Privacy Act went from idea to implementation in 18 months. That’s pretty fast. If we hop a plane to the European Union, we see the ongoing implementation of GDPR – the first large-scale attempt to address data privacy and the rights of individuals. Leave Paris and land in Beijing, and you have privacy rights – unless the entity who wants to know sf the government, in which the public need outweighs your personal right. More on that later.

Global data privacy laws

My intent isn’t to debate the specifics of any legal or regulatory framework, but rather to show that privacy “rights” depend entirely on where you are.

More than that, all laws have consequences. Here are just a few examples:

  • Can your credit card company still offer effective fraud protection when criminals can hide behind data anonymity?
  • Will hackers in another country care that you live in California?
  • Should abusers on social media be able to hide behind aliases?

There aren’t easy answers. This complexity leads to the second question I will ask you to consider:

Is it better for the law to define privacy for you, or is it better to guarantee transparency and allow people to decide for themselves what they share or do not share?

Is it better for the law to define privacy for you, or is it better to guarantee transparency and allow people to decide for themselves what they share or do not share?

Mark your spot on the continuum.

.  .  .

Perspective #3: Free

New laws aren’t emerging for no reason. The fastest-growing category of new products, services, and business models rely on information about you as the primary “product”.

To understand how we got here, we need to put ourselves back in the early days of the internet. Business leaders aren’t dumb. They learned from the experience of my hometown university – the University of Minnesota – who, in 1993, decided to charge a small fee for the implementation of its Gopher protocol. Remember Gopher? Most people don’t. We all use HTTP now for a simple reason: It was free.

It’s easy to see why: Who would pay for something that hadn’t really proved much tangible value beyond the military and academic communities? It had to be free to get people to adopt it.

The Gopher server interface

But once people get a taste of “free” it’s hard to get them to pay anything else. Marketing people (like me) understand that better than most. Someone had to pay the bill, and advertisers were the only ones who would.

In fact, “Free” is Google’s entire business model. Facebook’s too. Even Netflix – the poster child for getting people to pay for content – is considering an ad-supported model to compete with new streaming services on price (no matter what executives say they’re not considering). For many business, not-for-profit, and healthcare organizations, “freemium” is (or will be) part of the business model.

But just because it has been that way, doesn’t mean it needs to stay that way. You may feel that pandoras box has already been opened, but I’ll remind you that no one thought that free Google would take off in 1998. We all survived “free, ad-supported” television. There is no reason to think paid Google won’t work in 2020.

The age of ad-supported television

Here’s your question:

Is it better to pay for services so that you can restrict the use of data, or is it better to use free services and accept the release of your data for advertising and other data mining purposes?

Is it better to pay for services so that you can restrict the use of data, or is it better to use free services and accept the release of your data for advertising and other data mining purposes

Go ahead and put yourself on the continuum.

.  .  .

Perspective #4: Safety & Security

Let’s stick with Google for a moment. Last month in Milwaukee, Wisconsin, Google complied with a request from federal law enforcement for any device using Google services within a 30,000 square meter geofence. They were looking to solve a spate of arsons in 2018 and 2019.

Knowing that most people (including, presumably, the criminals) carry smartphones, and that most of those smartphones use some Google service, and that those devices track time stamps and geo-locations, police could then ask for more detail on those accounts that match specific areas and times of interest.

Anonymized Google Data

But it’s funny, if you search for “Milwaukee Geofence” on Google, this is what you get: A new feature built into costly Milwaukee brand power tools to help owners track them down when they’re stolen. Power tools, as anyone in construction knows, are both expensive and portable (for obvious reasons) and also makes them easy and profitable targets for thieves.

Milwaukee OneKey

Neither instance is as simple as it appears.

In the first case, most people get a little uncomfortable about the idea of a “dragnet”, but police are only asking for additional data on specific devices at the scene of a crime … and with a judge’s consent. If they get through that hurdle, defense attorneys could challenge the admissibility of that evidence in US court.

The second case seems more straightforward. The power tools are simply a matter of tracking property. However, let’s say this drill is in the worker’s toolbox and he puts that toolbox in his trunk. Could his employer use that information to track that employee on his way to a marijuana dispensary? Wouldn’t that tracking be warranted because of the safety risk of using marijuana on the job?

What’s more important: Protecting privacy or preventing harm?

I’ll bet we could spend the better part of a day arguing the details, but I won’t give you that kind of time. Here’s your question:

It is better to allow law enforcement complete access into our lives in order to protect us, or should law enforcement only respond after a crime has been committed?

Struggling with that one? This isn’t going to get easier.

It is better to allow law enforcement complete access into our lives in order to protect us, or should law enforcement only respond after a crime has been committed?

Mark your spot.

.  .  .

Perspective #5: Privacy Technology

Speaking of not getting easier, now let’s have a discussion of large semi-prime number factorization. I’m kidding, we won’t. Just suffice to say that the biggest security issue today isn’t quantum computers breaking RSA encryption, it’s us. We are the problem.

According to PC Magazine, 35% of people never change their passwords. That’s closer to 80% for so-called IoT devices. We respond to phishing emails. We write passwords on Post-It notes. We toss our health records in the recycler. Security is a cat and mouse game, and unlike Tom and Jerry cartoons, the cat usually wins.

PC Magazine 35 percent of people never change their passwords

We can try two-factor authentication. Our phones can incorporate biometrics. Online banking can insist on redundancy. We lock ourselves in faraday cages for goodness sake. But convenience is a more powerful motivator than any of them. We want one-click purchasing and instant answers. That’s the real reason no security system is foolproof. We won’t stand for it.

One click versus two clicks

From a technical perspective, privacy requires constant vigilance. And that is the essence of my next question for you:

Is privacy more important than convenience?

Is privacy more important than convenience?

Go ahead. What answer comes to mind?

.  .  .

Perspective #6: Media & Information Flow

Now is a good time to circle back with the New York Times. I’d recommend reading the entire opinion series on the Privacy Project, but be warned. This series falls victim to the oldest truth in media: If it bleeds, it leads.

I pulled out some keywords and phrases from a long piece from December 19, right before the Holiday last year. You can see them below. To be fair, the authors are describing what they believe is a serious problem, but I want you to notice something about the words: They are universally negative – there is no discussion of the positive side of data sharing, no balanced perspective.

New York Times Privacy Project Dec 19 2019 word cloud

This is not to say that the matter isn’t serious, but this perspective hints at a powerful dilemma in a modern society – exemplified by the founders of the internet, Wikileaks, and paradoxically, the New York Times itself.

It is that the free flow of information is critical for the functioning of society. Without it, we cannot hold people and systems accountable. The paradox is obvious: In a world where the most important information is about you, it’s hard to have it both ways.

information wants to be free

Where do you stand?

Should information be free, or should information be restricted?

Should information be free, or should information be restricted?

Wow. This is starting to get uncomfortable, isn’t it? You ain’t seen nothing yet. Let’s talk about religion.

.  .  .

Perspective #7: Faith

All major religious traditions address privacy in one way or another. And while I am not – nor do I claim to be – a scholar on comparative religions, it’s not difficult to find an opinion from all the world’s major faiths:

  • Judaism addresses the twin issues of consent and modesty, while stepping back from the perspective that privacy is a right.
  • Islam takes a stronger view regarding the inviolability of the private life.
  • Hindu scholars hold a more nuanced view – privacy exists, but they recognize that the concept is difficult to pin down.
  • Confucian and Taoist traditions seem to favor a different view – that family and society play a stronger role than individual self-determination.

Map of World Religions

But perhaps no religious tradition addresses the polarity of privacy more than Christianity. To see that, we only need look at two passages from the Gospel of Matthew. I could have picked many others, but we can clearly see the tension between private faith and public faith. (below, emphasis mine).

Matthew 6:6
But you, when you pray, enter into your inner chamber, and having shut your door, pray to your Father who is in secret, and your Father who sees in secret will reward you openly.

Matthew 28:19
Go, and make disciples of all nations, baptizing them in the name of the Father and of the Son and of the Holy Spirit.

We may hear plenty about how people are turning away from religion, but that does not mean they are turning away from faith, and it certainly does not mean that our concept of right and wrong aren’t strongly influenced by religious traditions – even if we, ourselves, don’t consider ourselves “faithful.”

How do you see it?

Do you agree that your private life is akin to only your inner relationship with your creator (or with yourself)? Or do you see yourself as having a duty to live openly to serve as an ambassador and example for others?

Do you agree that your private life is akin to only your inner relationship with your creator (or with yourself)? Or do you see yourself as having a duty to live openly to serve as an ambassador and example for others?

Mark the spot on the continuum that feels right for you.

.  .  .

Perspective #8: The Greater Good

Let’s expand on that last question from a different perspective. As we’ve already discussed, since the industrial revolution, we’ve relied on systems and technology (rather than other people) to achieve things no small group of individuals could do on their own.

But we’re running up against the wall. In order to break through and understand the toughest and most intractable problems – cancer, climate change, and racism to name just three – we may need to rethink the importance of other people in our collective lives.

Speaking of personal, let’s get personal.

I am part of the Mayo Clinic’s bio bank. It is a massive data collection program with the mission to build an ever-expanding database of people’s personal lives and habits – and how those variables impact our health and the course of disease. The goal is profound: To create next generation of medicine.

For me, the decision to participate was easy: Cancer took my dad at 61. I would give very much for someone else to be spared that. I might even be inclined to support a mandatory program of data sharing.

Donald Voiovich

In that, the Chinese government might agree with me.

In China, the government is engaging in perhaps the largest data collection exercise in history – they call it social credit – and their goal is to use data in the most ancient of Chinese objectives: to create a more harmonious society. Don’t visit your aging parents enough? You might not get a small business loan. That’s oversimplifying, but it’s the basic idea.

China social credit system

To do that, China tracks all manner of information – from everything you buy to everywhere you go to everything about your health, and so much more. Where some in the West view this as Orwellian, and that the government is only doing this to maintain “control”, China’s experience reminds us that “the greater good” is in the eye of the beholder.

With those two examples in mind, here is your next question:

What is more important to you, protecting your individual privacy or the contributing to the greater good?

What is more important to you, protecting your individual privacy or the contributing to the greater good?

Make your mark.

.  .  .

Perspective #9: The Psychology of Privacy

It’s funny, isn’t it, that in all this time we haven’t talked about the study of the human mind itself – and what psychologists can tell us about the balance between a private and public life.

When most people think of “privacy”, they tend to think of it in very simple terms – as in being away from other people or having your thoughts, actions, or identity shielded from others.

But psychologists say it’s more productive to think of privacy as a “boundary control process” through which we control whom we interact with, how we interact with them, and when and where these interactions occur.

But even psychologists admit that our need for privacy is a combination of nature and nurture. In other words, our introversion and extroversion, the context situation we’re in, the culture to which we belong and identify, and our biological heritage. On that last point, we only need to look at our closest living relatives to see that we seem to be more social than solitary.

But even individual chimpanzees have different preferences. How about you?

What’s more important to your emotional well-being in general: Privacy or socializing?

What’s more important to your emotional well-being in general: Privacy or socializing?

Make your selection.

.  .  .

Perspective #10: Economics

We’ve ended at what I feel is the most honest, and useful, aspect of privacy: That privacy is, fundamentally, an economic question. There are benefits to be gained by sharing information, whether those are social, psychological, legal, religious, or monetary. There are also costs. From an economic point of view, it’s a simple question: Do the benefits outweigh the costs?

To explore this is just a bit more depth, let’s compare the idea of privacy as a right to the idea of privacy as an asset.

As a right, privacy is something to which you are entitled. The downside is that rights are given to you by where you live. You don’t control them. Inalienable rights in one country don’t translate to inalienable rights in another.

Privacy as a right

As an asset, privacy is yours to use as you see fit – to incur the benefits and the costs. However, that control comes with responsibility. Ignorance is not bliss, and the powerful will tend to take advantage of the powerless.

Privacy as a asset

With those definitions in mind, here is your final question:

Do you see privacy more as an inalienable right, or more as an asset to be utilized?

Do you see privacy more as an inalienable right, or more as an asset to be utilized?

Make your final selection.

.  .  .

Predicting the Future of Privacy?

Do you feel a little mentally exhausted? Confused? Frustrated? The first time we truly broaden our perspective, it will seem challenging. Privacy is complicated. It’s high time we respected privacy for the tough series of tradeoffs that it is.

Let me help you make the past 15 minutes actionable for you. What you see below is my privacy profile based on the same questions I just had you answer. Now you’ll see the power of this perspective to help me make an everyday decision about my privacy.

Here’s the question:

Should I purchase an Alexa-enabled virtual assistant for my home?

I could use any (or all) of my answers to the 10 questions to help me decide, but my research has taught me that middle-of-the-road opinions don’t drive much action. Strong opinions do. In my case, my three strongest opinions refer to security, the greater good, and economics.

From a security perspective, I know that the more people who are involved in the process, the less secure information is. At this point, we know that Amazon is using humans to “train” its artificial intelligence. The likelihood of a breech for someone (not necessarily me) might be remote, but the likelihood of it happening eventually to someone is basically 100%. It’s not irrational to be wary of fat tail risks like this one.

Secondly, I am not sure that by buying one of these voice assistants that I am contributing to the greater good. If, perhaps, the voice assistant was tracking the tone of my voice to help create a database of anxiety or conflict disorders, perhaps. But for ordering toilet paper online? Not so much.

Jason Voiovich - filled in provacy profile with Alexa - choice 2

Finally, the economic tradeoff. The risk I could incur, and the lack of any greater benefit, means that the “price” I pay for the Alexa-enabled device isn’t worth the “costs” I incur – even if it were free of charge.

Jason Voiovich - filled in provacy profile with Alexa - choice 3

So, no. An Amazon Alexa-enabled device isn’t the right decision for me, at this time.

But that doesn’t mean that you, using your own chart, may not come to a different conclusion. Your chart is your decision-making machine.

That’s great for you in a personal context, but how can this exercise help you answer critical business questions?

We can use these questions to build a survey of our patients, employees, or customers, and learn how they view privacy in aggregate. Using regression analysis, we can discover which of the 10 answers in strongest in a given context. Finally, we can use that analysis to better predict the answers to critical questions, like the ones I showed you at the beginning of our discussion.

  • Will employees consent to listening devices if those devices can prevent harassment and abuse?
  • Are customers likely to adopt a freemium software offering if it aggregates and remarkets their data?
  • Should patients accept a lower cost health plan option if it requires ongoing monitoring?

But the real question for you is:

What different decisions might you make if you knew this information about how your critical stakeholders view privacy? I can’t answer these questions for you, but I know who can.

Because not knowing how your customers feel about privacy – in this next “personal” information age – is as irresponsible as failing to test your product before you launch it.

More than ever, understanding privacy is a business imperative.

Now you have a tool to start asking better questions.

###

This isn’t the first time I’ve tackled the privacy issue, although I think the piece you just read is the furthest along in my thinking on the topic. Interested in past work? You can see how much I struggled with the issues, and also get a sense for how I ended up where I did. Here goes:

“Alexa, play some music” isn’t the only time Amazon is listening to you.
Using Google Maps costs more than you think.
Data Exchange Networks, AI interrogators, and corporate espionage (Chapter 2 of the Dr. Thomas story)
Your “smart” TV is a dumb idea
Messing with data: The 10-step subversive instruction manual to hit the tech companies where it (really) hurts.
What if someone offered $6,495 for your private data? Would you sell?
You don’t have a right to privacy. You have something better.
In America, your digital freedoms are what the tech companies say they are.

###

About Jason Voiovich

Jason’s arrival in marketing was doomed from birth. He was born into a family of artists, immigrants, and entrepreneurs. Frankly, it’s lucky he didn’t end up as a circus performer. He’s sure he would have fallen off the tightrope by now. His father was an advertising creative director. One of his grandfathers manufactured the first disposable coffee filters in pre-Castro Cuba. Another grandfather invented the bazooka. Yet another invented Neapolitan ice cream (true!). He was destined to advertise the first disposable ice cream grenade launcher, but the ice cream just kept melting.

Jason Voiovich and grandpa

I think this photo explains a lot about why things didn’t turn out the way I’d hoped.

He took bizarre ideas like those into the University of Wisconsin, the University of Minnesota, and MIT’s Sloan School of Management. It should surprise no one that they are all embarrassed to have let him in.

These days, instead of trying to invent novelty snack dispensers, he has dedicated his career to discovering why people do what they do – because that’s the only way we’ll tackle our biggest challenges and accomplish the next great thing.

Jason T Voiovich

1 comment

Sign Up for Updates!

* indicates required



I will always take your personal preference into account before sending information about products, offers or services. Please check the box to give me your permission to keep in contact with you via email.

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices here.