Is Privacy Necessary Without Humans
I finally found some time to catch up on the week’s news last night and, not surprisingly, there were a number of different stories reporting on Google’s new tools for tracking user’s on their smartphones. The effort from Google is not surprising in the least, nor do I think it is all that interesting, it did however send me thinking of something I hadn’t considered before.
Note: The Google announcement is yet another story, in a long line of such stories, where companies announce some increased ability to track customers and people respond to the news by expressing discomfort over being tracked. I’ve written about this many times before so I won’t belabor the point, but to readers who are running services that collect personal information you really should confront the issue in a transparent manner and not simply hide behind some legalese filled privacy policy.
As I was considering the arguments from both sides of the stories and picking apart the manner in which Google decided to publicizing the new functionality, my mind wandered. For some reason I started to recall an article I read sometime ago about a coffee bar, Briggo, that brewed and served the perfect cup of coffee, to customer’s preferences, without any human interaction at all.
The techie in me likes the precision that a machine can bring to brewing the coffee, even though it removes the potential artisanal touch a barista could apply to a cup of coffee. But the one memorable aspect of the Briggo machine that as a privacy guy I recalled, is that it not only includes the ability to take your order, and make a good cup of coffee, but it can remember your personal preferences and serve you your coffee according to your past purchase history.
Now, I’m not sure how my mind went from Google tracking to robot baristas but it did. Maybe it was the tenuous link between Google leveraging personal information and the Briggo also leveraging personal information (in the form of storing your preferences). Of course, personal coffee preferences don’t carry quite the the same type of sensitivity as the wide swath of information Google has access to, but what if it did?
Imagine if Briggo extended their platform to include more sensitive information. What if it built links to any of the popular health/fitness monitoring devices. It could then make decisions, such as delivering a cup of coffee with less caffeine if you were currently experiencing elevated blood pressure, or maybe a bit more of the good stuff if you had a poor night sleep the night before? Or even make a cup with less sugar, or a sugar substitute, if your diabetes markers are off.
That kind of thing is certainly possible today. All you would need is some agreement between machines so they could share information and there are many ways to accomplish that. It wouldn’t surprise anyone to guess is that that kind of linkage is certainly likely in the future as efforts like Apple HealthKit become a “thing.”
So, theoretically we can have a coffee bar that collects truly sensitive information. Oh what a backlash that would bring! There would be all sorts of troubles on an emotional level with the public but on a practical level how would you gain consent, be transparent, and all of those good best practices, but that isn’t where my mind wandered to.
I started to think what would happen if you developed this coffee system in such a way that no human would ever have access to the data collected. Now, I understand that there are all sorts of technical and security limitations that make that sort of guarantee impossible, but given the exponential growth of our technical advances, it may only be impossible for short while.
If you want to see the mind-blowing capabilities that are lurking around the corner, check out the 2014 Fields Medal winners. By the way if you can fully grasp what those brilliant folks are doing you are smarter than me, but rest assured, if the past is any guide, we’re going to see some amazing stuff from their work.
Anyway, the big questions is: Do privacy issues exist in an ecosystem where there is no human interaction? If the coffee bar’s only purpose for collecting and storing personal information is to deliver the perfect cup of coffee to a particular customer at a particular time, no human would ever need to see that information. Do the laws and regulations that demand transparency and consent apply? I don’t know the answer, but it is a fascinating scenario to consider.
By the way, the inevitable designer of a system that provably ensures data collected can only be used by the machine collecting it – the information can not be extracted or read by a human – will be famous and filthy rich.