The statue of liberty that presides over the city of Budapest from a hill all to herself is, I learned from my local host, a divisive figure. Put in place after World War II, she faces east, arms outstretched and holding a palm leaf I couldn't see through the haze. She is welcoming the Soviets, who liberated Hungry from the Nazis. For many, including my host, part of whose family is Jewish, she is a reminder of the many relatives she saved from certain death. But: she also represents Soviet rule, and for those who lost their liberty, property, and farms, she is a reminder of a different era of enslavement. After Hungary's second liberation, a number of people wanted her taken down.
My host wants her kept because she is part of history. I liked her initially as a liberating woman; after his explanation I appreciated her added value as a metaphor for mixed blessings. Democracy is a process, not a state; from the frying pan into the fire, to be sure, but the fire is still closer to safe ground.
I've been trying to imagine what a liberating statue to the folks currently plotting technical ways to turn back surveillance would look like if they're successful. It's one of those unfortunate things about the Internet: colonization is easily hidden, and celebration doesn't look like much. In the physical world, you know if you enter a different country, and the statue on the hill can inspire even before you know its background.
My presence in Budapest was as a new advisory board member for Trust in Digital Life, a collaboration of companies and universities to create technologies to enable us to protect ourselves against the many different types of cyberthreats. Two discussions in particular were provocative. The first was Erik van Zuuren, a Deloitte risk services director, who outlined Belgian efforts to create electronic IDs for government transactions; the second was a discussion of work-in-progress studying ways to improve app privacy.
Like Britain since the Government Digital Service, Belgian electronic ID efforts have focused on practical applications rather than writing plans. The country had services and it had a national ID card that everyone over 12 must carry; so the only issue was how to add electronic authentication to ensure that any user conducting an electronic transaction had a legal mandate to do so. (So much easier, as van Zuuren openly acknowledged, when you don't have to have democratic discussions about these things.)
The system also must recognize the different roles a single individual may have: you may be a person, a parent, and a civil servant, and each role is entitled to access and act upon different information. As such systems expand, the risks mount: at the design stage, the risks of fraud may be very small; but by the time you're using it to maintain birth records and authorize civic projects worth millions of euros, tracking back the source of errors and fraud is essential. There is, therefore, a real need for authoritative sources and carefully managed, highly specific authorizations. But the real headache comes when dealing across national borders: users need to be uniquely authenticated, but some countries do not allow service providers to ask for official identifiers such as social security numbers. In Hungary, a law bars linking together the country's three identifiers - tax, government, and health. How to ensure cross-border interoperability and certainty of claims is a genuine question. The EU is 20 years old now, yet member countries have no common principles in this area.
The other case seems at first more trivial: how do you ensure that you have a real sense of what the spy in your pocket is doing? The information apps currently give you about what they will do is static, coarse-grained, technical, and inappropriately timed. The project accordingly set out to test how people would respond if presented with privacy ratings when considering which apps to download and try.
You can see the need. The research just keeps coming about the sensitivity of information stored on mobile phones. At Carnegie-Mellon, researchers analyzed call and text logs (PDF) and found that just the frequency, length, and timing of calls can accurately classify the phone's owner's contacts with 90.5 percent accuracy. Other studies have highlighted the extra privacy risks posed by free apps over their paid fellows: paid apps are less likely to rely on advertising revenue and hence ad libraries, which are largely invisible back ends to most consumers. Using paid apps, however, requires surrendering one's real-world identity to Google (or Apple), a trade-off that's not easy to quantify.
The research project found that while users will not necessarily choose the app with the best privacy ratings they will examine the ones with higher privacy ratings first.
TDL's overall goal is to ensure that the various ideas its members consider and propose end up as real-world projects, not just papers. You have to hope they do; they won't be as much to look at as that statue on the hill, but right now we need function first.
Wendy M. Grossman's Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.