Data security experts and identity management gurus use a cute metaphor to describe the widespread nonchalance with which Americans treat their privacy and data security. They say, quoting noted computer security experts Edward Felten and Gary McGraw, that: “Given a choice between dancing pigs and security, [computer] users will pick dancing pigs every time.” This comment refers to an observation that computer users who are offered an opportunity to see a cute dancing pig on their computer screens will routinely ignore any warning messages they receive stating that activating the dancing pig link could lead to serious data security problems. See http://en.wikipedia.org/wiki/Dancing_pigs.
I am unaware of any research on the competing dopamine reward structures dictating this result, but many of us recognize this irrational behavior in ourselves or in our friends. Perhaps an underlying rationale our for Picking the Pig is the one I commonly hear when I admonish people about the risks of sharing the intimate details of their lives on social media. The retort is: “I have nothing to hide, so it doesn’t matter.” And yet sooner or later, most people realize that it doesn’t matter — until it does.
For college students posting inspiration images of their bong finesse on Facebook, it doesn’t matter — until they are searching for a job as a bus driver, a teacher, a cop, a pilot or some other substance-sensitive career. For the high school girl broadcasting texts showing less-than-modest photographs of herself, it doesn’t matter — until she finds herself wondering which of the thousands of people with access to those photos is harrassing her. For the middle aged parent who sells their shopping history to the local grocer in exchange for a 5 cent discount on a loaf of bread, it doesn’t matter — until those records are subpoenaed to determine their weekly alcohol consumption in a wrongful death suit. It won’t matter to us until our identity is stolen, or we run for public office and are thwarted by our opposition’s threat to expose embarrassing personal information, or we can’t obtain insurance because the intimate details of our medical conditions have mysteriously become known to the insurance industry.
Are the above examples a manifestation of far-fetched, Huxley-fueled paranoia, or do they reflect realistic risks? One would have to be both naive and illiterate not to know of the many instances in which private businesses and governmental entities have used private information inappropriately. Do these unsavory practices only touch folks with interesting, meaningful lives who “have things to hide?” Maybe. And maybe if you are confident that the remainder of your life will be both devoid of any meaningful actions or communications, and immaculately free of any personal misjudgments, then filling your life with the pleasures of the Dancing Pig may be your destiny.
I raise the Dancing Pig metaphor is connection with the current furor over the NSA’s surveillance of certain information about our phone usage. How can some of us, on one hand, voluntarily launch into the worldwide and forever public library of the internet the most intimate details of our personal lives, often for a payoff akin to a Dancing Pig, and yet wring our hands in anguish about a practice that should have been the predictable, obvious, systemic invasion of our privacy by national security and law enforcement interests?
BOTH practices pose problems, and neither are necessary anymore given today’s technologies. If we have the audacity to start deploying an identity management system that gives us real control over the collection and disposition of our personal information, then our only challenge remains the Dancing Pig. I suggest it is high time for us to take personal responsibility for our privacy and data security.