Business

Hiawatha Bray | Tech Lab

Data privacy? It’s mostly gone, but that can change

Bruce Schneier  video-chatted with Edward Snowden  during a January symposium on privacy at the Harvard Science Center in Cambridge.
Aram Boghosian for The Boston Globe
Bruce Schneier video-chatted with Edward Snowden during a January symposium on privacy at the Harvard Science Center in Cambridge.

For some odd reason, data privacy maven Bruce Schneier is an optimist. It’s odd because, according to Schneier, there’s practically no such thing as data privacy. Just about everything we do these days is under some form of electronic surveillance, with governments and corporations eager to record and analyze our every action.

But when Schneier holds forth on Friday at Harvard University, as part of the ongoing HUBweek festivities, he’ll reassure his listeners that the cause is not lost, that our online privacy will someday be ensured. Just give it a decade or two.

“It is possible to write laws to prohibit behavior we find immoral,” Schneier said. “We do it all the time.” So it’s just a matter of persuading businesses, governments, and voters that the current level of comprehensive digital surveillance crosses an ethical line. Technology isn’t the issue. “It will take an act of moral will,” he said.

Advertisement

Schneier, a fellow at Harvard’s Berkman Center for Internet & Society, has been trying to prick the public conscience for years. He’s a cryptographer by trade and author of one of the field’s most respected textbooks. But since 2000, he’s written a series of books for the rest of us, intended to wise us up about the importance of securing our data, and the perils of hyper-surveillance. This year’s entry is The New York Times bestseller “Data and Goliath,” an entertaining and worrisome survey of the many ways we’re being watched.

Get Talking Points in your inbox:
An afternoon recap of the day’s most important business news, delivered weekdays.
Thank you for signing up! Sign up for more newsletters here

The temptation to spy on us is irresistible, in part because we’ve made it so easy. The electronics in our phones, computers, and cars generate a torrent of information every time we switch them on — “data exhaust” is the cool nickname for it. The problem arose by accident. There was no evil conspiracy, no master plan. The people who built the Internet or the phone system or even those automatic toll booths just wanted them to work efficiently. Nobody thought much about privacy.

Your computer needs an Internet address so it can receive messages. But that same address gives away your location. GPS was added to your phone so emergency workers could find you when you dial 911. But it also lets the phone company, Google, Apple, and perhaps the US government track every move you make.

Schneier says networks and devices could filter out data exhaust with a sort of catalytic converter. The tollway EZ-Pass would collect its fee, but forget the identity of the driver who paid it. All Internet traffic could be routed through proxy servers that would obscure its point of origin. The cellular network could be designed to forget our location data every 24 hours.

It’s all technically feasible, but costly, and there’s no sign that anybody’s willing to foot the bill. Schneier compares it with the perennial popularity of human bondage. “Why wasn’t slavery abolished from the beginning of time?” he said. “Because it was so easy, and we liked having slaves.” In the same way, today’s privacy-shredding gadgets are so pleasant and so cheap that even their victims – pretty much all of us – can’t imagine life without them.

Advertisement

There’s only one hope for building privacy-friendly networks, said Schneier. “It would require a law saying you have to do this.”

That’s bound to happen, he believes. He’s just not sure how much pressure it will take. “Do you need social upheaval to solve this problem, like we did with slavery,” Schneier wondered, “or can you do it incrementally, like we did with child labor?”

Schneier is no privacy purist. Like many of us, he lives a life of compromise. He uses a smartphone, but won’t get a Facebook account. He tries to use the pro-privacy search service Duck Duck Go, but admits falling back on Google, because it generates more accurate search results. He has a personal e-mail account and wants no part of Google’s Gmail. But he notes that many of his friends and colleagues are on Gmail. So when Schneier writes to them, Gmail analyses his inbound messages, whether he likes it or not.

“Everybody makes their own trade-offs,” Schneier said. “I think I’m the reasonable guy. I’m not the paranoid guy.”

But there’s no compromise about his ultimate goal: a world in which you don’t have to be paranoid to ensure your personal data stays personal. “I think it’s going to take 10, 20 years,” Schneier said, depending on how much we want it.

Advertisement

HUBweek is founded by The Boston Globe, Massachusetts Institute of Technology, Harvard University, and Massachusetts General Hospital.

Hiawatha Bray can be reached at hiawatha.bray@globe.com. Follow him on Twitter @GlobeTechLab.