Thanks for posting. Was interesting!
From the security summit...
Thursday December 07 09:15 PM EST
Forrester exec injects security summit with harsh truths
By Scott Berinato, eWEEK
REDMOND, Wash. -- Just a few hours after Bill Gates opened Microsoft Corp.'s (Nasdaq:MSFT - news) SafeNet 2000 security summit here Thursday on an optimistic note, Forrester Research Inc.'s (Nasdaq:FORR - news) John McCarthy blew it all up.
In a keynote titled "The Internet Privacy Migraine," McCarthy, Forrester's group director of politics and government, directly contradicted Gates on several points and provided some cold facts that indicate online privacy is a problem that won't be fixed anytime soon. He also predicted heavy government intervention over the next four years to deal with online security and privacy.
"The privacy issue will not go away," McCarthy said, echoing the title of a slide from his presentation that he would show five times before he was through. "Privacy issues will require a fundamental redesign on how some companies deal with information."
McCarthy sited four areas of privacy concerns that consumers have online. First is the simple irritation of "spam." Second is feeling violated, as many did when it was revealed that Real Networks Inc. was collecting personal data about users. Third is a fear of being harmed online when others find their personal information. And fourth is the nightmarish Big Brother vision that some users have about online privacy.
"And as the technology plays out, as we get smart refrigerators and interactive TV, these concerns will only go up," McCarthy said. "New technologies will increase fears. I really believe wireless could be ground zero for privacy debates. First spam came to my mailbox, now it comes to my desktop PC. The notion that you'll get real-time junk mail delivered to your hip while you're walking through the mall really turns off consumers."
McCarthy then walked through some predictably negative numbers. In one study of 10,000 households, 65 percent of consumers were "very concerned" or "extremely concerned" about privacy online. That number wasn't affected by age, gender or income, either.
Businesses are affected, too, he said, noting that privacy concerns prevented online consumers from doing $4.2 billion of business last year. Fifty-four percent of businesses have either halted or slowed down online commerce because of privacy, McCarthy added.
Who's to blame?
So if it's really all that bad, who's to blame? McCarthy was refreshingly candid on this score, blaming just about everyone, including the host of today's conference, saying that even if companies look at their technologies as an enabler, consumers look at them as potential privacy threats.
"Look at something like AuotPC from Microsoft, a follow-where-you-drive technology, and there are real Big Brother fears in that for some people," McCarthy said.
He added dot-com companies' hubris as a reason consumers are skeptical. He said most Web sites are so poorly designed that they add to the problem, too.
"If Firestone produced tires like most companies build Web sites, this recall would be a drop in the bucket," he said.
McCarthy said privacy advocates have become "Chicken Littles," alienating consumers by not focusing their message on the truly important facets of the debate. Technologists he blamed for constantly rolling out "the latest and greatest" and claiming it's a silver bullet -- when there is no silver bullet. And legislators lack the proper understanding, while regulators are hamstrung.
"It's not to pick on anyone, but almost every group is represented here," he said.
Enter government regulation
While he made a point of saying he didn't advocate government regulation (nor did he say he condemned it), McCarthy made it clear it's coming.
"Particularly in the business world there's a notion that any type of regulation is bad," he said. "But anyone who thinks the government and the Internet won't overlap more is naive."
He said businesses themselves will be one of the groups pushing for regulation even if they don't realize it yet.
"Businesses want stability," McCarthy said. "The winners always look for regulation to strengthen their lead. You already see this in dot-coms filing for patents. And the losers look for relief, just as American auto makers looked to the government in the late '70s when they were losing to the Japanese manufacturers."
Consumers will push for government involvement as well, McCarthy said, and it will become necessary as the Internet becomes a government channel for things like tax filings.
Indeed, some of that regulation is already here, McCarthy added.
"The reality is we've already got a growing labyrinth of privacy regulations, already on the books or out in the next six months," he said, citing bills like the Health Insurance Portability and Accountability Act. "The notion that there's no regulation is wrong. That doesn't necessarily placate consumers, but it puts a piecemeal burden on the companies to follow regulations."
McCarthy then made a prediction about the next four years, when he sees three phases of government intervention into security and privacy online. In the first phase, the issue becomes prominent and privacy camps polarize on either side of the debate.
Phase two will see consumers getting used to the privacy issue or enduring a galvanizing event such as a major security compromise. At the same time, the skein of legislation around the issue will become massive and unmanageable.
"The one thing that could affect this is wireless," McCarthy noted. "That really could be a wild card. It could really create a ground-breaking privacy event."
In the final phase, four years from now, McCarthy sees sweeping legislation, the likelihood of major corporate hacks and the passage of a single omnibus privacy bill.
Sorry, Bill
Much of this flatly contradicted Gates' mostly upbeat keynote in the morning, which he closed by fielding a question about government intervention. Gates downplayed the government's role in privacy, suggesting it should merely be an enforcement arm, making sure corporations are following the privacy practices they claimed.
McCarthy had no problems contradicting his host. He even tempered the excitement surrounding the P3P (Platform for Privacy Preferences) specification, which Gates highlighted in a demo of Internet Explorer 6.0 and Whistler, the next version of Windows.
"P3P alone won't work," McCarthy said. "In fact, my fear is it will spook people when the light on the browser constantly goes red" because a site is not P3P-enabled. "Can sites do it? There's a question on the legality of it. How can you interpret the legality of my site? It's not a silver bullet." |
