gently musing about keeping secrets and trust and privacy

There I was, quietly reading last week’s Economist, and I came across this article on UK telephone calling habits, drawing from MIT’s Senseable City Lab research on the subject.

Its core finding? Calling habits tend to reflect cultural/political boundaries.

While I’d been aware of the study, I hadn’t seen this particular representation of the data. And it reminded me of something else I’d read about, and written about, a few years ago. There was a paper titled Understanding Individual Human Mobility Patterns, by Gonzalez, Hidalgo and Barabasi (yes, he of Linked and Bursts fame).

Its core finding? People were creatures of habit when it came to making mobile phone calls. Often from the same place, at the same time, to the same people, for the same duration.

A little while later, a headline caught my eye. Facebook connections map the world.

Apparently an intern had been working at Facebook, trying to map friendship pairs relative to cities of residence. The core finding? The friend graph network looked a lot like the political map of the world, with a few glaring exceptions.

When it comes to communications, we’re as predictable as can be. We’re creatures of habit. We tend to speak to the same people. Many of these people have similar cultural, geographical or political backgrounds to us.

That’s enough, I hear you say, mumbling scatological questions about ursines in forested areas. Which is all fine, but given recent events to do with secrets and leaks, I felt it was worth making a few points here:

  • 1. If you really want to keep something completely secret, don’t tell anyone.
  • 2. If you do want to (or sometimes even have to) tell someone, then only tell people you trust.
  • 3. Which means that if you do want to keep a secret online, you must have a way of making sure that all the people you’re telling are people you trust.
  • 4. Which in turn means that you have to have a way of figuring out who those people are and whether you trust them or not.
  • 5. The more people you tell, the harder it will be to make sure of these things.

Or, as Bruce Schneier so elegantly put it, access control is hard. [If you haven’t done so already, read his article on Real-World Access Control from just over a year ago.]

Trust is a key component of secrets, and for that matter a critical component of privacy as well. When my daughter friends me on Facebook, she trusts me not to delve into her wall and posts and conversations and photographs. She trusts me to respect her privacy. Even though she gives me the right to invade it.

This is nothing new. There are drawers in my bedroom I don’t open, they’re my wife’s things. There are drawers in our children’s rooms that we don’t open, they’re their things.  And they’re private. If a guest should sleep in one of our bedrooms, we don’t expect that guest to be looking into cupboards and drawers.

Respecting privacy is common courtesy amongst friends. We trust each other.

When you trust someone with a secret, you give that person the right to betray you. Trust, like faith, grows only when exercised.

The very concept of bankruptcy comes from a breach of trust, and the consequences of breaching trust. The word bank itself comes from the word banco, meaning bench. Lombardy merchants, the early bankers, gathered together and transacted business while seated on benches. Your word was your bond. You were trusted. And if you breached that trust, they sent the heavy mob after you. Who dumped you unceremoniously off the bench, then, just to make sure you understood what had happened, they broke the bench in half, for good measure. So the banco was rutto. Bankrupt.

Privacy and confidentiality and secrecy have always been about trust.

And yet trust is about one other thing.


Bilateral transparency. Multilateral transparency. And sometimes universal transparency.

We have to be careful. Some of the events that have happened, they happened because of poor design (too many people trusted) poor implementation (too many things to be kept secret) and poor behaviour (too many indiscreet actions).

The events did not happen because trust broke down; the events did not happen because transparency is wrong. Trust models will continue to emerge, will continue to evolve, and we will continue to learn about how to scale them.

We have to be careful. Because there will be a backlash against trust-based models, there will be a backlash against transparency. If we don’t do anything, there will be a reversion to the evils of “lobbying” and “briefing”, behaviours designed to break trust down even further. You know the types, they exist in every government, every firm, every department of any scale. Whispering behind the scenes. Wielding the power of corruption. The corruption of power.

And this world will be poorer as a result.

6 thoughts on “gently musing about keeping secrets and trust and privacy”

  1. Interesting topic JP and nicely written. ‘Trust Engineering’ should be a skill at levels. A trustworthy person now may not be the same 10 years down the line but the information he holds could be valuable. This becomes a mammoth challenge in a connected world. A lesson learnt the hard way for America (& all). Thanks a lot for sharing.

  2. Pedant’s Corner: Our word ‘bank’ probably comes from ‘banca’, meaning bank. It’s reasonable to assume this has a common origin with ‘banco’, bench. It’s not clear whether the specialised meaning of ‘banca’ to mean a merchant’s counter happened while the Lombard merchants were still speaking a pidgin of Latin & Old High German or after Italian became a fairly homogeneous language.

    My somewhat tedious point being this: ‘bank’ ultimately comes from the Germanic word ‘bank’ (meaning bank as in a river bank) which was then used by them to mean something they *made* that had the same affordance (i.e. you could sit on it with legs downwards). The Lombards adopted this same word for both the sitting arrangement (banco, bench) and the counter (banca) which has the other affordance in common with a bank: you can put things on it at a convenient height.

    Phew. And sorry.

  3. On a more substantive point: you characterise trust as being transparent with more than a specific confidence (giving access to private drawers and trusting that that access will not be abused). Clearly this is different to trust as defined by a Non-Disclosure Agreement, for instance, since that covers a specific set of information.

    Are you saying this broad transparency is a necessary part of trust to be trust, or simply that trust relationships are unmanageable if defined too specifically?

  4. @Dom most of the time NDAs are a bit like pre-nuptial agreements, more contract than covenant. Contracts are not instruments of trust, they are instruments of breach (of trust). Contracts focus on recourse.

    I have tended to operate on what has colloquially been called a FrieNDA, pronounced Friend-Dee-A. Which is an instrument of trust. Unsigned, undated, undocumented, unspecific. Founded on vulnerability and frailty.

    Maybe I need to write another post on this soon.

  5. Privacy Trust has many unspoken rules….

    I mentor quiet a few college age young women 15-25. They invite the Facebook connection after trust is established. But they trust I’m not writing on their walls or opening their up their pictures.

    Unspoken trust = privacy rules (I think)

Let me know what you think

This site uses Akismet to reduce spam. Learn how your comment data is processed.