Glass Maze Every jumbled pile of person

Prudence vs Paranoia

Just ran across an infuriating column¹ from David Pogue, whose stuff I usually love. It’s a review of Dragon Dictation for the iPhone, an amazing app that transcribes speech into text with genuinely impressive fidelity.

Unfortunately, Pogue devotes half of the column to a rant about the “paranoid” people who are complaining about the app’s privacy issues:

1. It uploads what you’re saying to its own servers, which do the transcription and then send the text back down to your phone (it may also store those transcripts; it’s unclear); and
2. It automatically grabs all the names out of your address book and transmits them to those same servers, to make it easier for the application to recognize names you might often say.

Pogue’s reaction to the controversy is, sadly, a bunch of completely-missing-the-point hokum of the usual variety: who cares if they’re storing your data, it’s on secure servers anyway, there are already many other services that do the same kind of thing, etc, etc. I found this particularly galling:

OK, first of all, this business of your audio being sent to Nuance for transcription rings a very familiar bell. Remember the Gmail brouhaha? When Gmail debuted, it offered a fantastic e-mail account, paid for by small text ads on the side whose subjects are matched to the e-mail contents.

At the time, everyone was hysterical about the supposed privacy violation: Google will be reading my e-mail! Of course, no humans were looking at your e-mail. It was just a bunch of servers analyzing keywords. Today, everybody’s forgotten all about it. But now the issue rises again with Dragon Dictation.

There is so much wrong with these two paragraphs. For one thing, the fact that people have stopped screaming about google’s practice of reading your email to target ads at you does not in any way remove the actual problem. People have other things to worry about, are not generally concerned about their privacy, and are constantly bombarded with “paranoia” propaganda by well-meaning people like Pogue, who should know better.

Second, this line of argument depends on trusting implicitly the claims of the corporations who are harvesting your data. Pogue quotes the makers of Dragon Dictation on this point:

Nuance says nope, it’s just a bunch of computers, maintained in a secure facility,

Oh good! That should be fine, then. Because if there’s one thing we’ve learned over the past decade, it’s that personal information stored in impregnable data strongholds by organizations that will suffer absolutely no legal consequences for losing that data is completely safe.

Third, it’s just incredibly short-sighted. The fact that we are not at the moment under the thumb of a corporate/government megalopoly tells us nothing about what’s going to happen in the future. Have any of us really thought deeply about what it means to have our lives tracked by entities whose entire purpose is to profit from what used to our private information? Yes, this is already happening. And yes, it can get much much worse. And will, if we already assume that the game is lost.

Ok. Having said all that, I’m very aware of the fact that we are sliding inevitably into a future where a good portion of our lives will be stored in the cloud. The “cloud” is a terrible metaphor, incidentally, if for no other reason than it suggests concealment, of a sort. We can’t afford to assume that anything that leaves the confines our computers is in any way concealed. I’d rather we just cut through the crap and say what we’re really doing here: storing data in the open.

But, again, fine — that ship has sailed, and there are real advantages to decentralized data storage. What bugs me about this is the sneakiness. It’s probably ok that Dragon Dictation uploads what you’re saying into the ether, because most stuff people say is innocuous, and because the coolness that Nuance has achieved on an underpowered computer like the iPhone just wouldn’t be possible otherwise. It’s less ok that they upload your contacts, but, since it’s just the names — they claim — maybe no harm done here either.

But, for the love of god, tell us that’s what you’re doing! And I don’t mean tell us in your EULA, which, like all EULAs, is painstakingly engineered to ensure that absolutely no one reads it.²

When the application starts, the first thing you should see is a question:

In order to improve our voice recognition capabilities, we’d like to upload the names of your address book contacts to our servers. We won’t send anything but the names. Is that ok?

The app should only send your stuff up if you click Yes.³ By the same token, before they do the first transcription, they should pop up a message telling you that everything you say will be transmitted to their servers. Just so you know.

Which gets us back to the terrible, ubiquitous canard that people often fall back on in these situations: “But everyone else already has all our data.” It manifests this way in Pogue’s column:

What I don’t understand is: Why don’t these same people worry that Verizon or AT&T is listening in to their cellphone calls every single day? Why don’t they worry that MasterCard is peeking into their buying habits?

It’s a specious argument. The point isn’t that other services are already listening in. It’s that a layman wouldn’t expect this particular application to be transmitting your words into the open in order to do what it does, and we certainly wouldn’t expect it to be sharing our contacts, unbidden.

This is the real battle: not how to turn back this tide of stored-in-the-Cloud information, but how to enter into the new world with our eyes open, understanding the consequences of everything we do. If we’re going to blast our data out into the great beyond, then we have to know that we’re doing it. Any application that doesn’t go to great lengths to inform us of the consequences of our actions is an application we should avoid.

Jeff Atwood tooted something along these lines yesterday:

He’s talking about Facebook’s byzantine and sometimes deceptive privacy settings, but the principle applies in general.

This line of reasoning used to freak me out, but now I think it’s really the only way to go: assume that everything you do that has an online component will be visible to everyone, and act based on that assumption.

Pogue would call this paranoia, I suspect. I call it prudence.

We can (and should) operate under that assumption now, of course. But there are limits to even this simple recipe. As the lines between our personal computers and the ether blur, it’s hard to tell exactly what’s being made public, and what’s not. Which is why applications like Dragon Dictation have an obligation to tell us.