« Err...oops? | Main | As a whole »
February 21, 2003
Privacy Online
I attended a follow up lecture today by Dr. Lorrie Cranor concerning her research into online privacy, and the issues surrounding the current state of affairs with respect to the United States.
First the notes about the presentation.
The initial change from yesterday, she slowed down her presentation style a lot. A very nice change in that I was able to allow my attention to drift a bit here and there, and not have to worry about how lost I would be with the rest of the presentation. She countered this good move by reading from the projected slides instead of from her laptop screen. Essentially she turned her back on us more often than I would have expected. Once or twice is okay, but after the 5th time I stopped counting. She packed an awful lot of information on the overhead slides, which made the importance of some items become a bit understated. No where did I hear the word "whirlwind" in the presentation today.
Now onto the lecture content itself.
This wasn't a terribly in depth lecture on the issues of online privacy. It seemed to be much more a broad overview of the current state of affairs in privacy and how they are or are not changing. One of the more interesting points in the slides discusses how the lack of US privacy laws has conflicted towards European privacy laws, and how the US is starting to play catch up Europe. She also noted that many organizations are starting to "self regulate" in the hopes of stemming a nationwide law. It's functionality has yet to be seen.
Other interesting points in the lecture were not from the lecture itself, but from the audience participation. At one point she put up a series of shield icons from TRUSTe, BBB Online, and a Japanese site I've never heard of or seen (she claims the BBB Online has absorbed it recently). She asked how many in the audience have seen or know of these icons. Out of about 30 attendees, only 2 or 3 raised their hands (myself included). This frightened me, a lot. It was at this very moment it occurred to me that the need for something like PrivacyBird is much stronger than I had originally anticipated. How can a user blindly trust a merchant just because they are on the web? Compared to offline shopping, many of these same people would not give their information to establishments (or people) that they cannot verify or feel safe with. Is there some kind of inherent safe feel to using the web that causes users to blindly trust others?
After all was said and done, I tried to get her opinion/feel on topics such as the Patriot Act, and the Total Information Awareness project. She neatly described each of these, tried to describe what has happened with them, and disclosed absolutely nothing on her personal stance. Nice sidestep. Someone else furthered the question by inquiring if this was to be brought in under the radar next year or so, and she believed this to be a yes. Keep your EFF and ACLU memberships handy and upto date. Looks like we'll have a fight in the near future. Oh and keep reading CryptoMe for more details.
After the lecture I did get a chance to talk to her a bit more about PrivacyBird and it's operation. It seems that she does have hope of cleaning up the code base and releasing the project as Open Source in the sometime near future. The hope is that other developers could port the IE plugin to thing such as Mozilla, Safari, and Opera. She didn't have a time estimate on when the code release would occur or what license it would be released under (push for BSD).
One of her hopes is to release a Macintosh based version before this happens. It would be nice to see, especially since I believe now (more than ever before) that such a tool should be integrated in the core of every web browser.
I presented the question on if the group had asked for advice/input from guru's of HCI (i.e. Jef Raskin, Andy Hertzfeld, etc..). Apparently there were a series of HCI specialists working on the project who were in fact responsible for one of the failed designs. This design presented a series of questions using sometimes vague terminology for the user to pick and choose between. The catch was that on the side of each screen were glossary definitions of these vague terms speecific to the page. It seems that when reading people don't browse the rest of the page, as few of the users ever even noticed them. Later due to cutbacks and constraints by AT&T, the HCI specialists were no more, and her group continued on.
She pointed out that this project was done on a minimal shoe-string budget, and as such had no money to spare in consultations with outside HCI gurus.
Posted by Dan at February 21, 2003 08:37 AM