Lee Tien
Lee Tien: How does a user know when a device has been redesigned to limit what the user can do?
Deeply, this is a question about the nature of law. We have a legal sense that appeals to a sense of legitimacy and discourse. Where architectural regulation hides what it does, we're heading out of law and into instrumental control. We're leaving the realm of law and any moral dimension/legitimacy issue.
Cf. seatbelt regulation. Everyone knows about that and can see it. But when we talk about privacy we're talking about govt attempting to change the conditions of social experience. From a 4A standpoint the standard is reasonable expectation of privacy — and if we have no concern about govt steps to design things, we won't know what has happened to our privacy or what is reasonable. We won't have the opportunity to experience that privacy. (eg, never having had doors on phone booths would have changed the Katz result).
So rearchitecting network to expose information (creating an audit trail, as Nimrod suggests) may foreclose personal experiences that might inform expectations about privacy. Eg, zipcode plus birthdate is enough to re-identify 80-90% of data — triangulation is very easy. Yahoo! gets this information all the time from users. Do I know what the invisible consequences of my actions are? What do you need to know when you're on the internet or using DRM? How is that that you know you're being injured in some way?
Do users need to know design options (could it have been done differently so this wouldn't have happened)? Without knowing the harm, how can your expectations be shaped?
When you're dealing with systems, parts of these systems are in shadow — so we can't know how these work (eg, PCs, telephones). Metaphor of architecture means we only perceive in bits and pieces.
Finally, in the world of enforcement — we don't talk much about the way automated enforcement changes things. Rules can have a normative career; enforcement of rules is an entrepreneurial event. You make a decision, using your discretion, that has cost. That's not the case in architectural decisions to enforce. Additionally, architectural enforcements are private and unseen. We can't work on the social meaning of a rule.
Excellent, thoughtful talk by Lee.
Comments
Got something to say?