TED | 多少APP正在窥视你的隐私?
你真的读过你使用的应用程序的条款和条件吗?芬恩 · 迈尔斯塔德(Finn Myrstad)和他的团队在挪威消费者委员会(Norwegian Consumer Council)工作,他们花了将近一天半的时间来阅读一台普通手机上所有应用程序的条款。在谈到科技公司欺骗用户的惊人方式时,迈尔斯塔德分享了关于你同意让公司收集的个人信息的见解,以及他们如何以你无法想象的规模使用你的数据。(演讲者:Finn Myrstad)
英文演讲稿(译文源自网络,仅供参考)
Do you remember when you were a child, you probably had a favorite toy that was a constant companion, like Christopher Robin had Winnie the Pooh, and your imagination fueled endless adventures? What could be more innocent than that? Well, let me introduce you to my friend Cayla.
你还记得童年时期,你可能有一个钟爱的玩具与你形影不离,就像克里斯多夫·罗宾有小熊维尼一样,以及你那充满无尽冒险的想象力吗?还有什么比这个更天真的呢?让我向你们介绍我的朋友凯拉。
Cayla was voted toy of the year in countries around the world. She connects to the internet and uses speech recognition technology to answer your child's questions, respond just like a friend. But the power doesn't lie with your child's imagination. It actually lies with the company harvesting masses of personal information while your family is innocently chatting away in the safety of their home, a dangerously false sense of security. This case sounded alarm bells for me, as it is my job to protect consumers' rights in my country.
凯拉是全球各个国家投票选出的年度玩具。她能与互联网连接并使用语音识别技术来回答孩子们的问题,就像一个朋友一样。但权力并不在你孩子的想象力中。它其实在于公司所收集的海量个人信息上,你的家人在安全的家中闲聊时,这其实是一种对于安全感的危险错觉。这个案子给我敲响了警钟,因为我的工作是保护我们国家消费者的权益。
And with billions of devices such as cars, energy meters and even vacuum cleaners expected to come online by 2020, we thought this was a case worth investigating further. Because what was Cayla doing with all the interesting things she was learning? Did she have another friend she was loyal to and shared her information with?
随着到2020年,数十亿诸如汽车,能源仪表,甚至吸尘器那样的设备投入使用,我们认为这个案例值得深入调查。我们很好奇,凯拉用她所学到的所有有趣的东西,到底做了些什么呢?她有没有另一个忠实的朋友,分享她的信息?
Yes, you guessed right. She did. In order to play with Cayla, you need to download an app to access all her features. Parents must consent to the terms being changed without notice. The recordings of the child, her friends and family, can be used for targeted advertising. And all this information can be shared with unnamed third parties.
是的,你猜对了,她有的。要跟凯拉玩耍,你需要下载一个APP来获取她所有的功能。家长必须同意更改条款而毋须另行通知。孩子们,她的好友和家人的录音,可以被用于定向广告。并且所有这些信息都可以与未具名的第三方分享。
Enough? Not quite. Anyone with a smartphone can connect to Cayla within a certain distance. When we confronted the company that made and programmed Cayla, they issued a series of statements that one had to be an IT expert in order to breach the security. Shall we fact-check that statement and live hack Cayla together? Here she is.
就这些了?其实还不止。任何有智能手机的人在一定的距离内都可以连接到凯拉。当我们与制造和开发凯拉的公司对峙时,他们发表了一系列的声明称只有IT专家才能破坏其安全性。我们要不要一起核实一下这份声明,直播一下如何“劫持”凯拉?这就是她。
Cayla is equipped with a Bluetooth device which can transmit up to 60 feet, a bit less if there's a wall between. That means I, or any stranger, can connect to the doll while being outside the room where Cayla and her friends are. And to illustrate this, I'm going to turn Cayla on now. Let's see, one, two, three. There. She's on. And I asked a colleague to stand outside with his smartphone, and he's connected, and to make this a bit creepier ...
凯拉装备有蓝牙设备,传输距离可以达到60英尺,如果有墙阻挡就少点。这意味着,我或任何陌生人在凯拉和她朋友的家门口就能连接上她。为了演示这个过程,我现在把凯拉开机。让我们看看,1,2,3.好了,她开机了,我之前让一位同事拿着他的智能手机站在门外,现在他连上了,为了加点恐怖的气氛…
let's see what kids could hear Cayla say in the safety of their room.
让我们看看孩子们会在他们安全的家中听到凯拉说什么。
Man: Hi. My name is Cayla. What is yours?
男:嗨,我叫凯拉,你的名字呢?
Finn Myrstad: Uh, Finn.
芬恩:芬恩。
Man: Is your mom close by?
男:你妈妈在旁边吗?
FM: Uh, no, she's in the store.
芬恩:不在,她在店里。
Man: Ah. Do you want to come out and play with me?
男:啊,你想出来跟我一起玩耍吗?
FM: That's a great idea.
芬恩:真是好主意呀。
Man: Ah, great.
男:好呀。
FM: I'm going to turn Cayla off now.
芬恩:我现在要关掉凯拉了。
We needed no password or to circumvent any other type of security to do this. We published a report in 20 countries around the world, exposing this significant security flaw and many other problematic issues. So what happened? Cayla was banned in Germany, taken off the shelves by Amazon and Wal-Mart, and she's now peacefully resting at the German Spy Museum in Berlin.
我们无须任何密码或规避任何其他安全措施就可以做到。我们在全球20个国家发布了一份报告,曝光了这种明显的安全漏洞和很多其他问题。后来怎么样了呢?凯拉在德国被禁止出售,被亚马逊和沃尔玛下架,现在她正平静地呆在柏林的德国间谍博物馆。
However, Cayla was also for sale in stores around the world for more than a year after we published our report. What we uncovered is that there are few rules to protect us and the ones we have are not being properly enforced. We need to get the security and privacy of these devices right before they enter the market, because what is the point of locking a house with a key if anyone can enter it through a connected device?
然而,在我们报告发布前,凯拉已经在全球各地的商店出售超过一年。我们所揭示的是,很少有规则能够保护我们,并且有的规则往往也得不到很好的执行。在它们进入市场时,我们需要让这些设备具备可靠的安全和隐私功能,因为如果任何人都可以通过一个联网设备进来,用钥匙锁门的意义又何在?
You may well think, "This will not happen to me. I will just stay away from these flawed devices." But that won't keep you safe, because simply by connecting to the internet, you are put in an impossible take-it-or-leave-it position.
你可能会觉得,“这没发生在我身上。我只需要远离这些有缺陷的设备就好。”但这无法保证你的安全,因为只是通过连接上互联网,你就不可避免地被置于要么接受,要么走人的境地。
Let me show you. Like most of you, I have dozens of apps on my phone, and used properly, they can make our lives easier, more convenient and maybe even healthier. But have we been lulled into a false sense of security? It starts simply by ticking a box. Yes, we say, I've read the terms. But have you really read the terms?
给大家看看。像很多人一样,我手机上有几十个应用,使用得当,它们可以让我们生活更轻松,更便捷,甚至可能更健康。但我们是否被一种虚假的安全感蒙蔽了呢?它开始于简单勾选一个方框开始。是的,我们会说,我已经阅读过这些条款。但你真的阅读了这些条款吗?
Are you sure they didn't look too long and your phone was running out of battery, and the last time you tried they were impossible to understand, and you needed to use the service now? And now, the power imbalance is established, because we have agreed to our personal information being gathered and used on a scale we could never imagine.
你确定它们不是看起来太长,你的手机快没电了,你最后一次尝试时,它们非常晦涩难懂,而且你需要立刻使用这个服务?目前,权力的不平衡已经建立,因为我们同意让对方收集我们的个人信息,并用于我们无法想象的规模层面。
This is why my colleagues and I decided to take a deeper look at this. We set out to read the terms of popular apps on an average phone. And to show the world how unrealistic it is to expect consumers to actually read the terms, we printed them, more than 900 pages, and sat down in our office and read them out loud ourselves, streaming the experiment live on our websites.
这就是我和同事们决定去深入研究这个问题的原因。我们开始阅读一台普通手机上热门应用的条款。并且向世界展示,让消费者去阅读这些条款是多么的不切实际,我们把这些条款打印出来,总长度超过了900页纸,然后坐在办公室里大声朗读,并在我们的网站上直播这个实验。
As you can see, it took quite a long time. It took us 31hours, 49 minutes and 11 seconds to read the terms on an average phone. That is longer than a movie marathon of the "Harry Potter" movies and the "Godfather" movies combined.
很显然,需要花很长的时间。我们花了31个小时,49分钟11秒才阅读完一台普通手机上的条款。这比《哈利波特》和《教父》系列电影加起来还长。
And reading is one thing. Understanding is another story. That would have taken us much, much longer. And this is a real problem, because companies have argued for 20 to 30 years against regulating the internet better, because users have consented to the terms and conditions.
阅读是一回事,理解则是另外一码事。这会需要我们更多更多的时间。这是一个切实存在的问题,因为这些公司争执了20-30年,反对更好地监管互联网,因为用户已经同意了这些条款和条件。
As we've shown with this experiment, achieving informed consent is close to impossible. Do you think it's fair to put the burden of responsibility on the consumer? I don't. I think we should demand less take-it-or-leave-it and more understandable terms before we agree to them.
正如我们在这个实验中展示的,获得知情同意几乎是不可能的。你认为让消费者承担责任是公平的吗?我不认同。我认为我们应该要求减少要么接受要么放弃,在我们同意前给出更多可理解的条款。
Thank you.
谢谢。
Now, I would like to tell you a story about love. Some of the world's most popular apps are dating apps, an industry now worth more than, or close to, three billion dollars a year. And of course, we're OK sharing our intimate details with our other half. But who else is snooping, saving and sharing our information while we are baring our souls? My team and I decided to investigate this. And in order to understand the issue from all angles and to truly do a thorough job, I realized I had to download one of the world's most popular dating apps myself.
现在我想讲一个关于爱的故事。一些世界上最流行的应用是相亲应用,这个行业现在价值超过或接近,一年30亿美元。当然,我们可以与另一半分享我们的私密细节。但当我们在坦白灵魂时,还有谁在窥探,保存和分享我们的信息呢?我和团队打算对此展开调查。为了从各个角度了解这个问题并认真做好工作,我意识到我得亲自下载一款世界上最流行的相亲软件。
So I went home to my wife ...
所以我回家问我老婆…
who I had just married. "Is it OK if I establish a profile on a very popular dating app for purely scientific purposes?"
我们刚结婚不久。“纯粹为了科学研究,我可以在一个非常流行的相亲软件上建立个人档案吗?”
This is what we found. Hidden behind them a in menu was a pre ticked box that gave the dating company access to all my personal pictures on Facebook, in my case more than 2,000 of them, and some were quite personal. And to make matters worse, when we read the terms and conditions, we discovered the following, and I'm going to need to take out my reading glasses for this one. And I'm going to read it for you, because this is complicated. All right.
于是我们发现了这个。隐藏在主菜单后面的是一个预先标记好的格子,让这个相亲公司可以获取我在Facebook上的所有个人照片,我个人有超过2千张照片,其中有些相当私密。并且更糟糕的是,当我阅读条款时,我们发现了下面的内容,我需要掏出老花镜才能看清。我打算给大家阅读一下,因为太复杂了。好的。
"By posting content" -- and content refers to your pictures, chat and other interactions in the dating service -- "as a part of the service, you automatically grant to the company, its affiliates, licensees and successors an irrevocable" -- which means you can't change your mind
“发布内容”——内容指你的照片,聊天记录和其他在相亲服务上的互动;“作为服务的一部分,你自动授予公司,及其关联方,被许可方或继任公司不可撤销,”——意思是你不能改变主意;
"perpetual" -- which means forever -- "nonexclusive, transferrable, sublicensable, fully paid-up, worldwide right and license to use, copy, store, perform, display, reproduce, record, play, adapt, modify and distribute the content, prepare derivative works of the content, or incorporate the content into other works and grant and authorize sublicenses of the foregoing in any media now known or here after created."
“永久的”——意思是永远——“非排他、可转让、可附带许可、完全付费、在全球范围内的使用、复制、存储、执行、显示、复制、录制、播放、改编、修改和分发内容以及内容的派生作品的权利和许可,或将内容合并到其他作品中,并在任何已知或以后创建的媒体中授予和授权上述转授许可。”
That basically means that all your dating history and everything related to it can be used for any purpose for all time. Just imagine your children seeing your sassy dating photos in a birth control ad 20 years from now.
这基本上意味着你所有的相亲历史以及任何与之有关的一切东西可以一直被用于任何目的。想象一下,你的孩子在20年后的节育广告中会看到你时髦的约会照。
But seriously, though --
但说真的——
What might these commercial practices mean to you? For example, financial loss: based on your web browsing history, algorithms might decide whether you will get a mortgage or not. Subconscious manipulation: companies can analyze your emotions based on your photos and chats, targeting you with ads when you are at your most vulnerable.
这些商业惯例对你意味着什么?比如,财务损失:基于你的网站浏览历史,算法可能决定你能否该获得贷款。潜意识操纵:公司可以通过你的照片和聊天分析你的情绪,在你最脆弱时投放针对你的定向广告。
Discrimination: a fitness app can sell your data to a health insurance company, preventing you from getting coverage in the future. All of this is happening in the world today.
歧视:健身应用可以把你的数据卖给健康保险公司,让你将来获得保险困难重重。所有这一切都发生在今天的世界中。
But of course, not all uses of data are malign. Some are just flawed or need more work, and some are truly great. And there is some good news as well. The dating companies changed their policies globally after we filed a legal complaint. But organizations such as mine that fight for consumers' rights can't be everywhere.
但当然,并非所有的数据使用都是有害的。有些只是缺陷,或者需要更多的工作,有些则真的很棒。这里也有一些好消息。在我们提出诉讼后,这个交友公司改变了他们的全球政策。但像我们这样为消费者权益斗争的组织不是到处都有。
Nor can consumers fix this on their own, because if we know that something innocent we said will come back to haunt us, we will stop speaking. If we know that we are being watched and monitored, we will change our behavior. And if we can't control who has our data and how it is being used, we have lost the control of our lives.
消费者也无法独自修复这个问题,因为假如我们知道我们的一些无心之言会反过来困扰我们,我们就会停止发声。如果我们知道自己正在被关注和监控,就会改变自身的行为。如果我们无法控制谁拥有我们的数据,以及数据如何被使用,我们就失去了对自己生活的控制。
The stories I have told you today are not random examples. They are everywhere, and they are a sign that things need to change. And how can we achieve that change? Well, companies need to realize that by prioritizing privacy and security, they can build trust and loyalty to their users. Governments must create a safer internet by ensuring enforcement and up-to-date rules. And us, the citizens? We can use our voice to remind the world that technology can only truly benefit society if it respects basic rights.
我今天告诉你们的故事并不是随机的案例。它们无处不在,它们标志着是时候该改变现状了。我们如何才能实现这种改变?公司需要认识到应该以隐私和安全为先,在此基础上培养用户的信任和忠诚。政府必须通过监督执行和更新规则去构建一个更安全的互联网。而我们这些公民呢?我们可以用自己的声音去提醒世界,科技只有在尊重基本权利的基础上,才能真正让全社会受益。
Thank you so much.(Applause)
谢谢大家。(鼓掌)
合辑 | TED演讲视频全集 - [ 220集 ]
英曲 | "听歌曲 学英语"经典英文歌曲
听写 | 英语听写系列教程:1- 215
听说 | 英语听说训练教程:1- 294
合辑 | 外教社杯外语教学大赛课例
合辑 | 听故事学英语系列:40+部名著
网络资源,仅供学习交流