On Dec 12, 2012, at 2:31 , Robin Wilton <[email protected]> wrote: > There are clearly lots of issues here at several levels, from the procedural > to the technical… I'm not going to fan the flames, though - I just want to > make one observation about the threat model/risk assessment, in response to > the snippet I have retained below. > > There is a general problem with user perceptions of privacy risk, because of > the lack of noticeable impact arising out of behaviour that erodes privacy. > The human brain is not well adapted to this kind of threat (it's well evolved > to deal with immediate threats like a tiger running at you…). When it comes > to privacy, the deleterious effects of 'bad' behaviour are so remote from the > behaviour that caused them, that we tend not to draw the connection between > the two in any way that causes us to change our behaviour. > > Similar issues are evident in our attitudes towards the risk of smoking, lack > of exercise, poor posture, fatty foods etc.: the risk (and the damage) is > incremental and often not apparent until the habit is too well ingrained to > change. > > The threat to privacy from intrusive surveillance technologies may be remote, > and the impact may not be noticeable to the average person, but that doesn't > mean it should be ignored… nor does it mean that user perception of the > problem is a reliable guide to what should be done about it. >
On the other hand, I think that people can also be over-concerned about privacy risks. We tend to be able to evaluate risks that are (a) voluntary (we chose them) and (b) perceptible and 'quantifiable' (we can see and maybe assess the potential problem), much more effectively than their counterparts. Nuclear radiation is the most-often cited; you generally don't choose to expose yourself, and you can't see it or its consequences (until it's too late). People freak out about it, as a result. Driving is the opposite; we choose to drive, and we see the very real possibility of accidents. The fear that people have that 'some people' are 'building a database about me', 'without my permission or knowledge' may be much larger than warranted if they only knew what was in the database, or it was accumulated after consent/knowledge. Basically, reducing the "it's creepy" feeling may be of assistance here. David Singer Multimedia and Software Standards, Apple Inc. _______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
