An endless series of meaningless choices does not equal privacy, argues a security expert. Nor will they equal security for Vista.
For those who havent had the joy of installing the new Windows Vista operating system, the humor of the latest installment in Apple Computers Im a Mac; Im a PC series of television ads may be lost on you.
But if youve ever been asked by a piece of software, your operating system, or a website whether you want to make a choice without the benefit of any background information or useful context then you can pretty much get the gist of joke.
The new TV ad, titled Security, features the grungy Mac guy standing next to the geeky PC guy, and behind the PC guy is some sort of Secret Service agent in sunglasses and a dark suit.
Every few seconds, the security guard asks PC if hed like to cancel or allow virtually everything PC does: You are returning Macs salutation. Cancel or allow?
As the ad goes on, PC gets increasingly frustrated with the repeated questions, when finally PC explains: I could turn him off, but then he wouldnt give me any warnings at all and that would defeat the purpose
This brand of faux security is well known to privacy folks, because the robot-like process of asking for user authorization has passed as a form of privacy protection for years.
(Before Im accused of some kind of bias, I should note that Im not particularly enamored of Mac security, either.)
For nearly a decade, most of the things that have passed for privacy features in a wide variety of applications, especially web browsers, have made those applications virtually unusable without choosing the equivalent of allow every time youre asked.
As we have learned through sad experience in the privacy world, an endless series of meaningless choices and even more meaningless actions do not equal privacy. Nor will they equal security in the world of Vista.
Come to think of it, they dont equal security in airline transportation either, but I digress
The real concept at work here is less about protecting the privacy or security of the user than it is shifting the blame to them and away from the software creator whose application is about to do something that may be about to compromise the user.
The notion of giving users choices and letting them make their own decisions is fundamentally appropriate. But as with any choice that has significant consequences, no one can be expected to make a sound and reasonable decision without having enough useful information.
In the end, whether its asking a user to agree to a Terms of Service document thats full of privacy loopholes, or whether youre asking them if they want to allow a Trojan Horse application to upload a users banking records to an identity thief, its a sham.
Unless a user has enough information, and enough context in which to judge the consequences of their choices, the choice to cancel or allow is nothing more than yet another annoying obstruction between the end-user and the task theyre wishing to accomplish. In such a case, users can be counted upon to make whatever choice gets their task accomplished, regardless of whether it costs them their first-born child.
As I noted, none of this is very new to the privacy world. Indeed, organizations like the Internet industrys favorite so-called privacy watchdog group, TRUSTe, have made a cottage industry of creating faux choices and calling it consumer protection. Companies have learned to construct devious privacy policies and pretzel-like processes that are summed up by a cancel or allow decision that stands between the consumer and whatever it is shes trying to accomplish.
These processes are designed to look like theyre empowering users, but really theyre providing them with what amounts to a Hobsons choice a choice that is really no choice at all.
According to Wikipedia (so you know it must be accurate and if it isnt, feel free to change it!), the concept of the Hobsons choice originated with an English livery stable owner in the 1500s. Customers seeking to rent a horse were given the choice of whatever horse Hobson offered them, or pulling your carriage yourself.
Over the last decade, many websites have adopted a privacy model that is similar to Vistas new security model: present users with a choice between agreeing to whatever consequences are being foisted upon them, or be stopped dead in your tracks and get nothing done.
Given the extraordinarily task-oriented nature of most peoples computing experiences (when was the last time you sat down at your computer actually intending to get nothing accomplished?), presenting useless choices as being any choice at all is cynical at best and fraudulent at worst.
Yet many will undoubtedly continue to parrot the line that Vista is the most security-minded version of Windows yet. And if your definition of security-minded is the conditioning of consumers to click allow in order to get anything done, it is indeed one of the best testing grounds of conditioned responses since somebody bought Dr. Pavlov a dog and a bell.
Cancel or Allow?
At the end of the new Apple ad, the security guard finally asks the hapless PC: You are coming to a sad realization. Cancel or allow?
Unfortunately, after conditioning the world to click allow, all Microsoft will have accomplished is to pass the buck to the hapless PC user, trying to make the user responsible for anything bad that happens because they ultimately chose to allow it.
While that may allow Microsofts security engineers to sleep at night, the rest of us wont rest as easy until Vistas holes are plugged with something more substantial than a dialog box.