Tuesday, July 9, 2019

still creepy

I read a New York Times opinion piece by Charlie Warzel, about tracking behavior in a mail client called Superhuman – it embeds tracking pixels in all its sent mail so it can report views back to the sender. The piece starts off with a succinct and reasonably accurate reading of how this sort of thing usually plays out:

Call it the Five Stages of Privacy Erosion.

Tech Company builds popular product.

Product is exposed in the press for doing something shady behind the scenes.

Tech Company apologizes/clarifies/signals a fix.

Brief phase of collective rejoicing and moving on.

It’s revealed (usually by the same people) that Product was never really fixed.

…and then midway through it comes to this disclaimer:

(I want to pause here to offer an email-tracking disclosure and some clarification. Tracking is a tricky subject. It isn’t inherently nefarious. This newsletter tracks things like how many times the newsletter email is opened and what links are clicked, which helps to improve the newsletter. But like all privacy issues, it’s a matter of transparency and expectations. When it comes to marketing emails and newsletters, which often come from corporate entities, there’s often more of an expectation that open rates might be tracked. In Superhuman’s case, as Davidson notes, the tracking takes place with every personal email sent, which is more likely to violate the expectation of privacy.)

Which I think demonstrates how fucked we are just about as well as anything. The tracking is creepy, under this model, when you don’t expect it from an individual quite as much as you do from a company, which has legitimate reasons to hoard your data. Don’t you want the newsletter to improve?

This is the mode of reasoning that’s gotten us where we are now, after decades of principled objection from people with both functioning consciences and a coherent grasp of privacy: to an ever-ratcheting state of intrusive, unregulated, irremediable surveillance. Surveillance as a cornerstone of the economy and a baseline expectation of business, publishing, government, and law.

I don’t mean to pick on Charlie Warzel and if he reads this I hope he doesn’t take it as mean-spirited. I don’t disagree with the rest of the column, and including that parenthetical disclosure shows more self-awareness than the majority of editorializing you read about this stuff, hosted as it is on websites with dozens of embedded trackers and ad services. But! When a journalist specializing in privacy topics explains that the technology he’s calling out as creepy isn’t creepy when it’s built into the platform he writes on, it says something about what understandings are possible and allowed.

It’s possible to understand that these behaviors are inherently nefarious, but taking that idea seriously, let alone saying so out loud, isn’t compatible with keeping a lot of jobs. You always have to soften the blow, to acquiesce in ways that undermine either your own awareness or your honesty. You might try to fight it, but in most situations it’s like shoveling back the tide with a fork. I’ve tried more times than I can count and I’ve lost pretty much every time, in every way that matters.

All the same, that this is an intractable situation for anyone whose livelihood is caught up in it doesn’t change that the shady behaviors are shady. The creepy stuff is still creepy even when a respected media outlet does it for reasons that seem to bolster the media outlet’s interests.

tags: topics/new-york-times, topics/panopticon, topics/surveillance

p1k3 / 2019 / 7 / 9