If we’re worried about state actors getting this information, they’re not limited to looking at public websites. Dozens of companies have incredibly sensitive, fine-grained location data on millions of individuals. These are juicy targets for coercion or hacking.
-
-
Show this thread
-
The Strava heatmap is a symptom of a bigger problem. Let’s use it as a trigger for a conversation about the deeper issues that it hints at, one of which is the lack of public oversight of how companies collect and use sensitive data.
Show this thread -
When data is taken out of context, when data from multiple users is combined, and when algorithms process data to infer facts that aren’t directly disclosed, privacy issues are exacerbated.
Show this thread -
Tech companies frame privacy as an issue for individual users to figure out. For example, Strava’s response has been to point people to the site's privacy controls and opt-outs. But of course that doesn’t solve the problem, because everyone’s behavior affects everyone else.
Show this thread -
Zeynep Tufekci argues powerfully that privacy is better thought of as a public good like air quality or safe drinking water. The framing of privacy in terms of individual negotiation breaks down here (and in many, many other cases).https://twitter.com/zeynep/status/958325186310307840 …
Show this thread -
Besides, Strava’s privacy controls can be confusing. For example, "Privacy Zones" allow you to hide your activities that lie in a circle around your house. But if I grey out a circle around my house, isn’t my house just the center of that circle?! So haven’t I revealed it anyway?
Show this thread -
Maybe not, but the point is, I couldn’t figure it out. And I’m supposed to be a privacy expert. The typical user, who might be a runner excited about sharing their routes fellow athletes, isn’t invested in mastering these privacy features and their implications.
Show this thread -
Many Strava users use fake names. Can they be de-anonymized by cross-referencing their location traces with profiles on other social media platforms? This kind of question is the topic of research papers. It just isn’t reasonable to expect users to figure it out.
Show this thread -
Strava first released the heatmap in 2014. In Nov 2017 they released an updated, more detailed version. But it was a chance finding by
@Nrg8000 a week ago that made this a major story. That makes me wonder: how many other such privacy fails have we never heard about?Show this thread -
On the other hand, wouldn’t it be great if there were organizations with the resources and the incentives to systematically analyze products for privacy impact, and alert the public when there is a screw-up?
Show this thread -
In a previous thread I discussed why this isn’t happening in the context of third-party online tracking. But it's a broad problem. We need more tech-focused public interest organizations.https://twitter.com/random_walker/status/946889870114467841 …
Show this thread -
The wrong lesson here is that companies shouldn’t release products like the Strava heatmap because of the potential PR backlash. The right lesson is that privacy should be integrated into every stage of the product design, and involves a lot more than anonymity and opt-out.
Show this thread -
Show this thread
-
Finally, and most importantly, I should take voice training lessons or something to learn to speak more like the radio host,
@nora3000... I sound like a robot in comparison
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.