We spent a couple days on mountain bikes in Switzerland recently. We got lost a lot. We didn't use GPS or geo-location-apps. We didn't really know where we were going, but we sort of had faith in our legs and our bicycles that we'd somehow get up and back down.
It was good to get out on a mountain. It clears my head. I was trying to think of the big privacy challenges this year.
And like choosing a mountain path that you don't know, these privacy challenges may turn out to be easy, or they may turn out to be the hardest ride of your life.
Here's my list of this year's cliff-hangers. And like any good cliff-hanger, I'll be back to comment on all of them in the months ahead.
1. Location: who should know where you are and where you've been and how can you control it?
2. Face recognition: how to enable useful apps without creating a mass surveillance device?
3. Data minimization: can we (or should we) restrict some data collection in the age of data ubiquity?
4. Notice and consent in machine to machine processing: e.g., how can a user meaningful exercise control and consent when apps instantly share data?
5. Communicating with end users: everyone agrees privacy policies aren't human-friendly, but does anyone have a better idea?
6. Social graph: what can algorithms know or deduce from your public social graph and what can you do about it?
7. Online mapping: what's private in a public place?
8. Droit a l'Oubli: can a line be drawn between "forgetfulness" and censorship?
9. Conflicts of laws: how can sites on the global web comply with conflicting rules from country to country, and is the global web balkanizing?
10. Anonymization: in the age of data mining, what is "anonymous", or is everything somewhere on a spectrum to identifiability, and what does that mean for privacy practices?