Do No Evil
There were two significant news articles relating to privacy this week. First, Eric Shmidt, the CEO of Google said the following with respect to privacy:
"If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place."
Really? I can’t imagine a scarier statement from a company like Google. I have avoided the anti-Google paranoia because they have always seemed like such a great company — their core value was “Do no evil.” They have provided wonderful things for the Web at no cost, and arguably are a key part of what makes the Web work. They are fantastically successful. But a statement like that is a huge cause for worry to privacy advocates everywhere, and I personally find the attitude behind it very offensive. We have laws for a reason — things that we, as a society, do not want to allow. Those are the things I shouldn’t be doing.
But there are a wealth of things I might do that I don’t want people to know about that aren’t illegal. I eat McRibs (when they are available); I watch Aqua Teen Hunger Force; I cry during the movie Flashdance. Are these so evil, Mr. Shmidt? Should I really not be doing these terrible, awful things, just because I don’t want people to know about them? Well, in any case Mr. Google, please just keep these guilty pleasures between you and me, OK?
The second privacy related article comes to us from our friends down under. A mall in Sydney is planning to add face recognition to their CCTV cameras, in order to keep out…um… someone. Undesirables, I guess. This is wrong for a number of reasons.
First, and least important, I don’t believe it will work. I have see a number of demos of so-called “face on the move” systems, and they are always done in tightly controlled conditions where they can get people to look at the cameras. This will be difficult at a mall. But let’s say they have some cool technology and it works perfectly. That leads to my second objection:
Involuntary biometric collection is for criminals. Biometrics can provide benefits to people in many scenarios. But they should not be collected without your consent or permission. It has been well established that you don’t “own” your face in public; anyone can take your picture without your consent. That doesn’t mean it is an ethical thing to do, however. From the article:
It will prevent many individuals who have criminal records of being a danger to normal shoppers in malls.
The last time I checked, having a criminal record does not make you a criminal. Breaking the law makes you a criminal. Are they seriously planning to not let anyone who has ever had a criminal record into their mall? The person who was arrested for possession of three ounces of marijuana is really a threat to the honest mall shoppers?
To be clear, I believe a private company can restrict who enters their facility for whatever reason they want. However, if you are taking a picture of me and running it against a criminal database of faces, I deserve to know about it. Personally, I think this mall should abandon this terrible idea. But at a minimum, it should very clearly post that faces and biometrics are being collected and checked against a criminal database. Then, people can decide whether they want to shop there or not.