Saturday, March 26, 2011

Crowdsourcing College Basketball

I saw an interesting article a few days ago about using crowdsourcing to make your picks for the big college basketball tournament currently underway (I don’t think I’m allowed to use any phrases that contain the words “madness,” “final,” “March,” or “four” or the initials “N,” “C,” “A,” or “A” without paying somebody a royalty, so I won’t). 

The article turned out not to be what I thought it might be about.

When I first saw the headline, I thought it might somehow be a crowdsourcing project to find out what a perfect tournament bracket would look like going into the tournament (after all, filling out a perfect bracket after the tournament is a trivial exercise).  That seemed like a mildly interesting idea but ultimately a futile one: we don’t award titles based on how people *think* teams are going to do, but how they *actually* do.  As the old saying goes, “that’s why you play the games.” So what do you do with a crowdsourced bracket where the crowd picks the winners?

Why else fill out a bracket?  The article presented a strategy for betting (ok, not “betting” betting, but more like “winning the office pool” betting, since “betting” is illegal in a lot of places).  The idea, originally put forward by author Mark McClusky last year, is to figure out what that ideal bracket is—the one with all the favorites identified—and use some basic statistical analysis to figure out how to bet (ahem, position) against it.  In other words, if the idea of the office pool is to pick more winners than everyone else, it would be good to pick some teams that have a reasonable chance of winning, but are not the favorites.  That way, if you are right, your picks vault ahead of the “crowd” that picked the “likely” winners.

Of course, in a year where there are no upsets (which isn’t very likely) you’ll undoubtedly lose.  All the players who pick the favorites will all tie for the top spot and have to split the pool.  Kind of like playing Hurley’s lottery numbers from LOST and winning. (You would think not very many would have played those numbers in January 2011, since LOST went off the air last year. You would be wrong. Over nine thousand people hit the New York Mega Millions jackpot with those numbers this January: they all split the total pot, of course, and received a whopping $150)

Of course, using crowdsourcing to set odds is not new: if you’ve ever been to a horse race or dog race, that’s how the odds are calculated.  The horse (or dog) that most people have picked to win is the favorite, with the long odds on the horse (or dog) that the fewest people have picked to win.  (Which, by the way, is why most movies or TV shows that show someone winning a fortune by making a big bet on an underdog are bogus: if you bet a million dollars on a million-to-one long shot, you just made that long shot into the new favorite, and *if* it wins you won’t get much more than your bet back.)

In any case, I thought it was an interesting way to use the wisdom of the crowds to bet (er, position) against the crowd.  A high-risk, high-reward strategy to be sure, but an interesting one.

And for the record, this year I’m picking Kansas University to win the national championship (to be fair, I pick them every year). I didn’t attend KU, but I lived near Lawrence for nearly 30 years and know a lot of people that did. So Rock Chalk! Jayhawk! Go KU!

Saturday, March 12, 2011

Social Networking Privacy Policies Won't Cut It

Last week I blogged about the gradual erosion of privacy rights in the digital world.  This week I’d like to follow up with why privacy in a social networking setting is a double-edged sword and how to address some of the major issues associated with it.

Let’s say you are a cat fancier, but you live in a part of the world where no one close to you shares your passion (I know, unlikely—we’re talking cute cats after all—but stay with me for a bit).  While surfing the web one day you happen upon a wonderful website, www.catsbook.com, where cat fanciers from all over the world can share stories and cute pictures of their cats. You wonder if any of your old cat-fancying friends from back home are on the site, so you do a quick search. Lo and behold all some of them are indeed there.  “What a great place,” you think to yourself, “where do I sign up!”  So you cheerfully press the “Join Now” button and are taken to a page that asks you to put all of your personal information online: your name, your cat’s name(s), your address, your email address, your phone number, how long you’ve been interested in cats, and so on.  You begin to wonder: “why do they need all this information?” and perhaps “what are they going to do with it?”  So, acting with an abundance of caution, you go to the privacy settings page and carefully make every bit of information “private.”

Weeks later you wonder why no one you know has tried to “cat friend” you.  In a blinding epiphany, you realize that by making all your information private, no one who might be trying to find you as a “cat friend” will be able to do so.  So, acting with an abundance of enthusiasm, you go back to the privacy settings page and cheerfully make all your information public.

The results are almost instantaneous.  Within seconds dozens of people like you are reaching out as potential new “cat friends.”  Then you notice you have 128 new email messages in your inbox from companies with cat products that they are sure you can’t wait to buy.  Then your phone begins to ring. The first few calls are from some of the same companies offering you an exclusive chance to buy their cat products at a deep discount.  After a while, the calls change from cat product companies, to dog product companies, then to pet product companies, then to Nigerian estate officers.

And thus the double edged sword of privacy in a social network environment becomes evident.  If you are overly pessimistic and make all your information private, no one that you would *like* to be able to find you can do so; if you are overly optimistic and make all your information public, everyone can find you. Both the people you *want* to find you and lots of people you *don’t* want to find you.

The big problem with privacy isn’t so much that people are foolishly putting personal information on the web: that’s sort of the point when you are dealing with social networking. The problem is with the owners of the social networking sites (who control the data), and with the organizations (and governmental agencies) that can access that data.  As long as organizations are able to sell your personal information without your permission, and as long as organizations that buy it (or find it online) are allowed to use your personal information for whatever reasons they want to, society is going to have major issues with privacy. 

An annoying phone call from a cat-care company in the middle of the night is annoying.  Being denied insurance because of a study that links the genes favoring cat ownership with major diseases (just kidding…there aren’t any…I hope) is slightly beyond annoying. It should be illegal. And thus the solution presents itself: true privacy protection isn’t about organizations using your information. It’s about organizations, public and private, *misusing* your information for purposes you do not approve of. Organizations and governments misusing your data shouldn’t just be frowned on, it should be illegal.

To be fair, many misuses of data are already illegal, depending on which part of the world you live in. For further information, I highly recommend an article published this week by technology writer Bob Sullivan Why should I care about digital privacy?

Thursday, March 3, 2011

Privacy in the Age of Social Networking

When telephone systems began to assign phone numbers to households in the last century, a number of people objected to having their phone numbers (and addresses) published.  Thus the concept of the “unlisted number” was born: the phone company would publish your name, address and phone number unless you asked them (and paid them extra) not to.

The definition of what information is considered “public” and what is considered “private” is one that is constantly evolving.  Consider for instance the ongoing flap between some communities (as well as the EU) and Google Streetview: does having a picture of your house online—taken from a public road and showing no more than any member of the public would see from the same location—constitute an invasion of privacy? (It should be noted that Google will indeed “unlist” your home’s photo if you ask them to.)  The lines are so fuzzy that both the US and the EU publish guidelines on what is considered “public” and what is considered “private” data, mostly in an attempt to stem the huge problem of identity theft.

In the era of Facebook, Twitter, LinkedIn and so many other online social networks, many of us voluntarily put a lot of information online that might otherwise be considered private: who we are dating, who we are socializing with, where we are going to dinner, what kind of pets we own, what kind of music we like, what politicians we vote for, etc.  In some respects that’s precisely why these sites are so popular: they enable us to have (often) intimate conversations with groups of people that we want to keep in touch with.  We expect that these social networks will respect our privacy settings and only share the information as widely as we have designated: I might not care if my circle of friends knew I was attending a certain function, but I might not want co-workers or my employer to know.

If you aren’t already concerned about the amount of information you put online and how it might be (mis)used, you might be after hearing about Robert Collins’ recent experience.  During a job interview with the Maryland Department of Corrections, Robert was asked to divulge his Facebook password. Not asked if he had a Facebook account, mind you, or to identify which “Robert Collins” was him on Facebook.  They. Asked. For. His. Password. Needless to say, he was understandably shocked that they asked. And not knowing what the right thing to do was, he gave it to them, and then sat stunned (I would have to imagine) while the logged in *as him* and looked at all of his posts, as well as the posts of his Facebook friends.

It goes without saying that this should concern you (it certainly concerns the ACLU).  I certainly assume that if I’m applying for a job, all the information I’ve put online for the public to see is fair game for my prospective employer to look at (and if I’m stupid enough to put things on Facebook that would disqualify me for a job, then I have no right to be upset if an employer finds it).  But should employers (either in the public or private sector) have any right to request the keys to your Facebook account? 

To me, it’s not far removed from asking for the keys to your house so that they can come in and poke around.  After all, the argument goes, if you aren’t doing anything wrong, you don’t have anything to worry about.  Here’s a tip: if anyone ever uses that phrase, you can assume someone is about to invade your privacy. Probably illegally.