Women In Security
Today is Ada Lovelace Day, an international day of blogging to celebrate the achievements of women in technology and science.
For Lady Ada Day, I wanted to call out the inspiring work of Aleecia McDonald. In a privacy world full of platonic talk of the value of notice and consent, Aleecia did something very simple: she figured out how long it would take for consumers to do what the Direct Marketing Association recommends: read privacy policies.
She then multiplied that by an estimate of how much it would cost, and demonstrated pretty conclusively what we all intuitively knew: the current scheme is a massive wealth transfer because of transaction costs. (I’m interpreting her results here; I believe she would be more conservative in the interpretation.)
Her work also prefigures Cormac Herley‘s recent work “So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users.”
So Aleecia McDonald is my choice for a woman in science and technology who’s inspiring me to think about the economics of security and privacy in new ways.
PS: I have an another choice over at The New School blog. Hey, two blogs, two choices.