There Will Be No Privacy Chernobyl
Ed Felten asks:
What would be the Exxon Valdez of privacy? I’m not sure. I don’t think it will just be a loss of money — Scott explained why it won’t be many small losses, and it’s hard to imagine a large loss where the privacy harm doesn’t seem incidental. So it will have to be a leak of information so sensitive as to be life-shattering. I’m not sure exactly what that is.
(“The Exxon Valdez of Privacy.”) Privacy advocates have been waiting for this for a long time. It’s important to remember that the Exxon Valdez followed Silent Spring by nearly 30 years. The environmental movement had time to evolve memes. Privacy still has many meanings. The parade of breaches or overflows hasn’t done it, despite medical data, financial data, and just about anything you can imagine being leaked.
This past weekend, I was speaking to a vet friend, and he didn’t care about the VA leak. He said that military SSNs are so public anyway, you’d drive yourself nuts worrying.
Part of the problem is that alternatives are hard. Consumers can’t switch to hydro for their credit. (How’s that for mixing a metaphor?) Background checks are being made a liability issue, despite the base rate fallacy and their general failure modes. Driver’s licenses are being made machine readable.
We’re not going to have a privacy Chernobyl.