So the set up goes like this: as I’ve written elsewhere, there is a ton of information about all of us that we willingly (social networks, registration data, search history, etc.) and sometimes unwittingly (clickstream data) leave, forever, on third party servers.
Now, we may trust those third parties not to mess with our data, and not to do evil things, and for the most part, I am quite sure they won’t – if they do and they get caught, they’d be crucified, and the competition is just one click away. And it’s pretty much out of their control if the government decides it wants access to that data – they have to give it up, and stay quiet about it (more on that here and here.)
But…Google, Yahoo, Microsoft, eBay, Amazon, etc. are not small companies. They are made up of thousands of individuals, a few of whom just might be…well…a bit off balance.
So this scenario involves one of those types of folks.
Imagine that an engineer at a major Internet company decides he has a thing for young blond women. Imagine further that he works at a place that has local search, social networking, blogging, search history, registration, and email all in one place. A company like, oh, Google, or Yahoo, or Amazon, or Microsoft.
Imagine further that this engineer has access to, or can figure out how to get access to, pretty much all the information he wants on all the young blond women that use his company’s services near where he lives (by zip, keyword, etc.).
Over a period of time, this engineer compiles an extremely detailed dossier of information about scores of young blond women, including addresses, personal emails, photographs, blog postings, social network connections, search histories, etc. This dossier is rather carelessly collected on his own personal PC at home, where he’s protected it in a folder with the password “hot young thing”.
Now let’s set the story in motion. In this engineer’s hometown, a series of unsolved rapes begins, all of which involve young, pretty blond women (why did I choose pretty blondes? Because the national media machine LOVES stories where pretty blondes are in peril, of course). Local officials and politicians, not to mention fearful parents and families, raise a cry to find the “Blonde Stalker”, but local police are flummoxed. The local media picks up on the story, but so far, it has only been mentioned in passing in the national news.
Then, one of the victims is found gruesomely murdered. Another follows. The national press pounces, and the pressure to find the killer intensifies. Every day pictures of the pretty victim are splashed across MSNBC and CNN, not to mention Fox, where Bill O’Reilly personally pontificates on how inept local police are, and how he’d personally pay a bounty of $50,000 to whoever finds and turns in the culprit.
Meanwhile, a co-worker of our dossier-creating engineer notices how strangely the engineer has been acting lately, making odd statements about women, missing work, acting, well, just generally creepy. The co-worker mentions this to a manager, who, to cover his ass, tells the police.
The police, hungry for any lead, obtain a search warrant for the engineer’s home, and while he is away, they comb through his apartment, finding little evidence linking him to the crimes. But they take his home computer, and through relatively simple computer forensics, manage to unlock the password protected folder, unearthing the trove of information contained within. It is a shocking dossier of scores of young women, and the most unsettling thing about it is how simple it was for the engineer to compile it.
Someone at the police department tips off a local reporter that the engineer is the killer, and that the password he used on his dossier of his victims was “hot young things.”
The national and international media absolutely go batshit over “The Hot Young Things Killer” and set up a 24-hour-a-day satellite-truck-infested mediapalooza outside the engineer’s employer. Every possible story angle, every speculation, every movement of anyone involved in the case is scrutinized, live, 24/7. It’s the Scott Peterson, OJ Simpson, Michael Jackson media scrum of the moment.
And the main hook of the story? How easy it was for the killer to identify, track, and manipulate his victims because of the data he had access to at his workplace. A privacy nightmare! Who KNEW that we we so exposed?! Google, Yahoo, MSN, etc. are FLOODED with requests about their privacy policies: What information do you have about me? How can I see it? What do you use if for? Come on, tell me EVERYTHING! Who else has access to it? How can I edit it? Protect it? Delete it? Manage it? The companies are caught off guard, and, at least initially, do not have adequate resources to manage the demands of the tends of thousands of users who are flooding their phone and email lines. In fact, some of them simply CAN’T promise that they can find or even delete the information, leading to even more outcry.
Sensing an opportunity, a cadre of congressmen whip up the USA PROTECT Act (I’ll figure out what that stands for later) which, in essence, is about as stupid and ill thought as the PATRIOT Act.) In short, it makes it nearly impossible for the Internet industry to do just about anything with individuals’ data unless they expressly agree to it, in writing. The debate is brief, the act passes nearly unanimously. Innovation and new product flow withers, search and search-driven progress stalls. A fearful public begins to use the Internet just a little bit less….worried that until the companies with which they interact can guarantee their personal privacy, the trade off is simply too great.
Now what?
Or rather, what can be done to mitigate such a scenario?
I have a few ideas, but that will be in the next post. This one tired me out, and it’s Saturday, after all. (Oh, and by the way, anyone in Hollywood reading this, the screenplay is in the mail….)