IT Security’s dirty little “Pulchinella Secret”

The European Identity Conference EIC, which recently ended here in Munich, had many highlights, but for me personally the very best was the keynote by the Italian psychologist Dr. Emilio Mordini, CEO of the Centre for Science, Society and Citizenship CSSC in Rome, which he describes as a leading independent research centre specializing in advice on political, ethical and social issues raised by emerging technologies. His topic was “Secrecy in the Post Wikileaks Era“, in itself a fascinating subject, but where it got really entertaining and thought-provoking was when he turned to the subject of the „segreto di Pulcinella“, or Pulchinella Secrets.

Pulchinella, we all learned, is a bumbling, clownish figure from the Italian “commedia dell’arte”, a traditional folksy form of theatre that began in Italy in the mid-16th century and which is characterized by masked “types” performing often improvised performances based on sketches or scenarios. According to Wikipedia, “arte” does not refer to “art” as we currently consider the word, but rather to that which is made by “artigiani” (artisans).

Pulchinella, it seems, is incapable of keeping a secret. In one popular piece, one of the actors tells him one, but enjoins him not to tell anyone else, because it’s a secret, see? Of course, poor Pulchinella immediately goes to one player after the other and tells him or her the secret, but makes them promise not to tell anyone else. In the end, everyone – including the audience – knows exactly what the secret is all about, only everyone acts as though they don’t have a clue which leads to some rather hillarious complications.

Life is full of Pulchinella Secrets, Professor Mordini says. In fact, we need them to maintain both our sanity and to keep society from falling apart. In a village, he says, everybody knows everything about everyone else.

Take location, for instance. In a village, everybody knows where you are at any given time. Old Georgio is out plowing the back forty, and Isabella is in the haystack with young Giovanni. Back then, nobody had to worry about their iPhone broadcasting their location data to all and sundry; the others already knew!

Or how about identification? Everybody in the village knew that Tony was the richest farmer and Guiseppe the village idiot, Martha the biggest gossip and Christine the village whore. Everyone had his or her pigeonhole into which to neatly fit, and everyone was comfortable with that.

But here’s the rub: While everyone knew everything about everybody, nobody talked about it (at least not in public). Instead, everyone acted as though they didn’t know where you are, who you are and what you are doing. This is the secret of peaceful life in a village; it is Pulchinella’s Secret.

Secrets, Mordini says, are not really secret in the sense that they are unknown or unknowable, but because they are labeled as secret. “This doesn’t imply that they are truly  unknown, and in fact their value does not dwell in their being known or unknown”, he maintains, “but rather they have value because they contribute to create power relations.”
From this, he derives what he describes as the “Four Laws of Secrecy in the Information Society”:

  • First, all secrets in the information society are Pulcinella’s Secrets. Nothing is really unknown. We just pretend they are.
  • Second, Pulcinella Secrets are not trivial secrets. They can be even critical because what makes a secret relevant is not only its status as being either known or unknown, but the role that it plays in shaping social and power relations among individuals and groups.
  • Thirdly, the value of information lies in its usage, not in any abstract property or the degree to which it is known. The value devolves to those who get to use this information first.
  • Finally, secret are only kept if someone has enough power to make others act as though they had no knowledge about that particular piece of information.

All this may sound highly theoretical, but for those of us involved in data protection and IT security, it has a number of very profound implications which Mordini smilingly presented to the assembled cream of the Identity & Access Management industry.
For instance, if all secrets are Pulchinella’s Secrets, thinking that we can actually keep data from leaking is a fallacy. All IT can do is make sure we know who knows, so instead of docking things down, we should be more concerned about managing access rights. Or, as Mordini puts it, “We need to rethink all our classification systems which are the cornerstone of the overall secrecy system.”

In any case, strong data protection and security are often illusory and in fact probably useless, he says. His conclusion? “Data are insecure by default”, he bluntly states – so don’t spend  too much energy and resources protecting databases; instead devote your time and spend energy to increasing your control over your data by making them always  traceable – and erasable!

This last term, of course, is Mordini’s charmingly inoffensive Italian way of lobbing a hand grenade into the market for CRM and user profiling. “The true power of the individual in the Information Age is not to remember and to be remembered, but to forget and to be forgotten”, he says, and he believes that this is also the key for controlling secrets in IT systems.

I wish we had been able to give him more time to elaborate on that final parting shot, but sadly keynote time at EIC is precious and no one gets more than half an hour. Should the Obama administration have the right (and the ability) to make the Wikileaks documents go away? Should consumers he given a kind of “digital eraser” to delete, for instance, traces of their shopping habits from eCommerce websites? Should teenagers be able to remove the pictures someone took of them at last-night’s drunken binge and then posted on Facebook? Where does free will end and censorship start? And is transparency in itself a good thing, or do we just simply have to get used to it? How will homo sapiens as a species continue to evolve in a world in which anything and everything is public knowledge.

Perhaps the secret really does lie in Pulchinella’s special brand of discretion: Just act as though you didn’t know, then everything’s okay. At least in a village – and possibly even in a global one.

PS: The same day I listened to Professor Mordinis wonderful speech, my wife and I went around to our local pizza place for dinner, and I got into a discussion with the owner about politics in Italy and especially about the ongoing sex scandal surrounding the current prime minister. “So Berlusconi like young girls”, il patrone said, “who would have thought? It’s just a segreto di Pulchinella!” I was dumbfounded? How could this guy, who to my certain knowledge did not attend the European Identit Conference, possibly know about Pulchinella’s Secrets? “Where I come from in our small village near Napoli, everybody knows about Pulchinella’s Secrets”, he told me. “After all, Pulchinella, he was born in our village, capisci – you unnershtan?”

Dieser Beitrag wurde unter Das digitale Ich, Internet & Co. abgelegt und mit , , , , verschlagwortet. Setze ein Lesezeichen auf den Permalink.

Kommentar verfassen

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.