With all of the recent coverage of PRISM there has been a lot of discussion about the handling and disclosure practices of information about people, and how this information might potentially be used and abused by various information controllers, including services, apps, governments and individuals.
This is interesting because in reality, the vast amount of information being kept by Google, Facebook, and the big cloud providers is information -we- keep for ourselves; e.g., the files we keep on Dropbox, the messages we receive from our friends and colleagues, our music libraries, photo libraries and so on — fundamentally this is information -for us-, with only very limited (and rather boring) handful of explicit data about us. Of course, the data -for- us (and for our friends with whom we are connected) can be used to derived many sorts of information about us. This is why it is less the data itself that information controllers / agencies desire than what can be inferred about the individual based on this information; e.g., what it is about a person’s purchase and spending habits, consumption habits, and circle of friends might suggest about someone and their future actions. It is worth pointing out that there may be considerable guesswork in this process of deriving this valuable data from the raw bits of one’s personal information space, and it is in the gaps that people’s fear of danger lurks. (The media seems to be calling this information of inferring characteristics of individuals the “metadata”, which conjures memories and arguments about what constitutes Data vs Metadata anyway?)
This post by my MIT academic advisor David Karger highlights this distinction in a blog, (Personal Information) Management vs Personal (Information Management) from over a year ago, in which he points out the vast variety of kinds of Information Management people actually perform.
(Image: Mona Lisa Glitch, artist unknown)