jim.shamlin.com

7: Zeroes and Ones

Most psychologists subscribe to the theory that human perception is imperfect and that human memory is transitory. We don't pay notice to everything we see or hear, but filter it to focus only those things that seem significant. We don't remember everything, either: it resides in perishable short-term memory and requires repetition to be ported to long-term memory - and even that fades over time.

Other schools of theory maintain that we do, indeed, perceive and remember everything - that every perception of every moment of life is coded and warehoused for later access, and in some instances we can recall things we didn't think we had in memory in response to a give stimulus. This school of theory isn't widely supported, but there is evidence that it is not unreasonable to think this may be true.

With computer systems, there can be no argument: sensors perceive everything in their range, and unless programmed to ignore certain details, they record everything they see. The data, once recorded, remains in computer memory indefinitely - unless the media is damaged or the data is purposefully deleted, computers have perfect and infinite memory.

As has been discussed in previous chapters, computer systems have for many years been recording a great deal of information about people: every check and credit card transaction you have made, every class and grade in school, every ticket or citation, every message ever sent via e-mail or telephone, every medical treatment or prescription reported to insurance companies, and much more has all been observed by technology, and much of it has been recorded.

And unless it was deleted from every system that ever held it, the data it's still "out there," waiting for someone to discover it and find a use for it. The story of your life, down to minute details that you are incapable of remembering, resides in information systems for anyone to read.

Data Salvage

"Sandy" Pentland, an MIT professor, has been studying and mining "Secondary" electronic data for over a decade, and has been discovering some extraordinary things that have been hidden or ignored by the data systems that originally collected them. His particular area of interest is in the detection of "honest signals," which are patterns of information that provide a valid sense of an individual's behaviors and attitudes.

(EN: This is important because a known flaw of most behavioral research that the things people say about themselves aren't often quite true, and behavior that takes place when a person knows they are being observed isn't ever quite natural. Looking at actual behavior is more accurate.)

Some of the observations of this practice have verified conclusions that have already been supported by traditional research; others have called widely-accepted conclusions into question. More importantly, analysis of data has led to the creation of predictive models that have been highly accurate. In some instances, human behavior has been predicted with 95% accuracy.

Much of this is based on the assumption that human behavior falls into patterns of habit and tendency. It's not that people are automations locked into a rigid routine, but instances in which a person makes a choice that is not in line with their patterns is far less frequent that the instances in which they do what can be expected and predicted. This is as true for complex choices as it is for simple ones.

For example, the research considered how people react to others on social networks to predict whether a given person would become "friends" with another person, and who would approach whom to initiate contact. They could even predict the instances in which communications between two friends would be reciprocal (both initiating contact with the other with about the same frequency), one-sided (one party initiates contact far more often than the other), or none at all (while nominally "friends" they do not actually interact with one another). This could be done with 96% accuracy.

It's noted that social networking has convinced large numbers pf people to put a significant amount of information about themselves online, and applications such as Foursquare (enabling people to tell others where they are at any given time) are enabling further self-reporting to which people seem to be eagerly taking. Most of this is intended to casually touch base with friends and acquaintances, but the volume of data is significant enough to reveal information you might not have intended to communicate.

One example is the way in which burglars (EN: allegedly) use Facebook to profile people to determine which among them is likely to have things that are worth stealing, and to discover time when they will not be at home for a few hours (or when someone announces a vacation, perhaps even several days).

Subconscious Signals

The author dips briefly into the notion of the subconscious mind, that decisions we make without thinking and patterns of behavior we are unaware of have more to do with our behavior than any logical or conscious effort. This leads to the notion that the wealth of data can reveal to an observer things about a person they may not be aware of.

One researcher suggests a measurement of four factors as a method of predicting human behavior: Activity (the amount of energy expended through unconscious movements and things such as the rate of speech), Mimicry (the degree to which one person adopts another person's gestures, expressions, pattern of speech, etc.), influence (the degree to which other people mimic a person or demonstrate submissiveness), and consistency (the degree to which a person follows a given pattern, with special attention to when they deviate from it).

The author suggests (EN: without any specific reference) that there is call center software that can determine, within the first ninety seconds, if the call will be "successful" by reading these cues in a conversation.

Cellular Location

The process by which a cell phone negotiates a network of towers can be used to identify the location a given phone with relative accuracy. Even when the phone is not in use, it attempts to make contact with towers, sending its ID number to nearby towers to determine which is nearest. By triangulating a cell phone's signal, the location of the phone can be determined; and by repeatedly doing this, it's possible to follow (and predict) the path that a driver is taking.

Taken in aggregate, this can be used to more efficiently and accurately gauge the amount of traffic on roads. This was previously done by installing sensors in roadways, which were expensive to install and maintain and could only measure the number of cars at a given place. Now that cell phones are ubiquitous, transportation agencies in and around the Washington DC area are using this information to augment their intelligence on traffic movement on the highways and surface streets.

Another example is the use of cell phone tracking in Tanzania, where the sue of cell phones to track travelers who went to malaria-plagued regions could be identified and tested before being permitted access to more heavily-populated areas. Testing all individuals who enter the city would not be feasible, but the use of this technology enabled to identify the government to detain and quarantine high-risk individuals.

There is some concern about the possible abuse of this system - to track a given individual in real-time or access a history of cell phone tower logs to track their patterns in the past, though the author downplays this threat, as the phone transmits only its unique ID not any personal information.

He concedes a few concerns about the potential abuse of the system, such as using the cellular signal to determine speed and ticketing drivers, or abusing it to follow a specific individual without due process, but suggests the concern is "probably unwarranted" ad wouldn't provide an acceptable ROI for the police to use it to write virtual tickets.

(EN: This strikes me as another instance of selective hysteria - he could well claim that it's simple to determine an individual user's MIN/ESN pair and then track them, but chooses to downplay rather than exaggerate the concern here.)

One security flaw was identified, that enabled cellular Ids to be used to retrieve the e-mail addresses that were associated to data accounts, though the security research group that discovered this gave the carrier time to change their system before disclosing the flaw.

Health Monitoring

Due to the population bulge of the "baby boomer" generation, it is anticipated that the number of Americans over age 60 will far surpass the capacity of facilities for the care of the elderly. As such, researchers are turning to technology to find a solution: a pocket-size device that can monitor the wearer's health, not only for general monitoring and health maintenance, but also to detect the onset of a seizure or an injury to dispatch emergency care.

One of the main problems with this is that security is often pushed to the side in discussions of healthcare technology: the health of the patient is seen as far more important than the privacy of the patient. (EN: That, and the rights of elderly patients are often regarded with the same disdain as the rights of dependent children - the caregiver feels a sense of "ownership" of the person to whom they are giving care. But this is more in the nature of a cultural problem than a technical one.)

Proposals for monitoring patients with dementia go further - to not only monitor the patient, but to monitor their home and enable a caregiver the ability to turn off the stove or monitor bath water temperature, even locking their doors to prevent them from leaving the premises.

On the bright side, there's little investment or interest in such systems at present: it's perceived that such systems will be expensive, unlikely that the federal programs such as Medicare will be willing to foot the bill, and there still remains the stereotype of older people being confused, bewildered, and resistant to newfangled devices. Likely, such systems will be available only to those who are willing to opt-in.

A Global Network of Eyes and Ears

The ubiquity of cellular phones and mobile devices creates a world with billions of "eyes and ears," each person effectively carrying on his person a "bug" that will monitor himself and others in his proximity. Whether this tremendous network is exploited by the state or hackers, the prospect of a worldwide network of gadgets that can be used to do audiovisual surveillance on such an enormous scale is ominous.

The notion of doing so is not new: in 2006, the Department of Justice approved monitoring of cell phones owned by members of a crime syndicate in New York. Having been thwarted in attempt to use wiretaps and concealed microphones, investigators were able to access the microphone on the fell phones, even when the device was turned off, to intercept conversations in its range. Ultimately, this led to the conviction of 45 members of the family on crimes going back over two decades.

The author mentions some concerns, such as the fourth-amendment requiring a description of "the place to be searched" having previously been effective in the prevention of roving bugs.

(EN: He does not mention the potential abuse of such a system by those outside the law - to listen in on private conversations, or tap an executive's cell phone to gain confidential information for corporate espionage or insider trading.)

Privacy and Control

Some researches have suggested that we're entering a "new era" that requires us to rethink our expectations of personal privacy in light of the emerging technologies. There can no longer be a single standard of privacy, but varying ones in which a person might change what we perceive to be a person's civil rights for reasons of civic interest and the greater good of society.

One such incident was the outbreak of SARS in 2002, which might have been contained much sooner: had the government been tracking the movement of citizens, it would have been obvious that there was a cluster of individuals on a single floor of a single residence building who called in sick to work during a period of a few weeks. It's asserted that monitoring their cell phone locations would have enabled the Chinese government to stop the problem immediately rather than weeks later when it had alreadg spread.

(EN: The pathology of SARS is such that it is contagious for several days before symptoms occur. While it might be possible to suggest that if data on the movement of every person with a cell phone might have helped identify some of the individuals who may have been exposed, to suggest an outbreak was preventable is a clear misrepresentation.)

The notion of personal privacy is also culturally derived. People who live in Asia tend to be less concerned about privacy than Americans, who are less concerned than Europeans. And generally, large numbers of people are willing to provide some personal information (name/address/e-mail) and allow their activities to be monitored in exchange for a benefit such as a discount at a given retailer.

It's also noted that privacy in the modern world is virtually impossible, and highly impractical. For example, it's possible to avoid being tracked by a cell phone if it is turned off completely and the SIM card removed - such that the user would need to plug in the card and power up the device to make an outbound call. But this makes the cell phone virtually useless. To use one at all is to accept that you are constantly broadcasting your location to the service provider.

Alternately, a person concerned with privacy may purchase a prepaid cell phone and renew it with a card, both of which can be paid for in cash, though these phones have limited features and due to their popularity with drug traffickers, they draw the attention of law enforcement.

However, even those who feel that privacy is unimportant commonly maintain that a person should "own" their own data. In effect, any company that collects personal data should give users access to an account that would enable them to see all data pertaining to them, to edit or delete it at will, to be able to opt-out of sharing it with any third party, to be able to see who it has been given to when it is shared, etc.

One of the more bizarre suggestions is the use of an RFID tag that broadcasts a code indicating that you do not wish to be monitored - like the "no follow" tags on Web pages that spiders are expected, though not at all required, to obey. (EN: This interpretation is a bit inaccurate, in that the tag was used as a courtesy to search engines so they did not follow links that were temporary, not as a protection of any kind for pages a person didn't want to be indexed.)

What may also be needed is stronger laws about the method and duration for which personal information is kept. For example, European laws require business to delete customer data after a certain amount of time., whereas in America, they are required to keep certain kinds of data (and many businesses decide to keep all data) for a minimum amount of time, generally seven years - and they are permitted, but not required, to delete it after that time.

Ultimately, the author compares concerns about privacy to the fear certain primitive tribes held about photography being used to steal there souls, and what is needed is not to cater to such irrational superstitions, but to use knowledge to dismiss fears born of ignorance.

(EN: Such a statement, made by an author who has throughout this book distorted the truth to create or exacerbate such fears, is simply hypocrisy.)