Pulchinella revisited

Do you want to know a secret?
Do you want to know a secret?

There are two reasons why I decided to repost this article from my private blog here at DEF. One is that I just discovered that Emilio Mordini is a fellow member of DEF, so I may get to see him again sometime soon and swap memories of EIC 2011, where I first heard him tell the story of Pulchinella’s famous secret. The other is that Kaspersky Labs announced today that they have found out that NSA has been embedding spyware for years in the firmware of computers. If true, it means that we must assume no computer in the world is safe from snooping, since virus scanners can’t see into the persistent memories of PCs where the firmware lives.

Who would have thought, as Emilio would probably ask with a typical Italian shrug of the shoulders. And more importantly: What does this mean for IT security, privacy and lots of other stuff  we here at DEF concern ourselves with. That said, here’s the post in full:

The European Identity Conference EIC, which recently ended here in Munich, had many highlights, but for me personally the very best was the keynote by the Italian psychologist Dr. Emilio Mordini, CEO of the Centre for Science, Society and Citizenship CSSC in Rome, which he describes as a leading independent research centre specializing in advice on political, ethical and social issues raised by emerging technologies. His topic was “Secrecy in the Post Wikileaks Era“, in itself a fascinating subject, but where it got really entertaining and thought-provoking was when he turned to the subject of the „segreto di Pulcinella“, or Pulchinella Secrets.

Pulchinella, we all learned, is a bumbling, clownish figure from the Italian “commedia dell’arte”, a traditional folksy form of theatre that began in Italy in the mid-16th century and which is characterized by masked “types” performing often improvised performances based on sketches or scenarios. According to Wikipedia, “arte” does not refer to “art” as we currently consider the word, but rather to that which is made by “artigiani” (artisans).

Pulchinella, it seems, is incapable of keeping a secret. In one popular piece, one of the actors tells him one, but enjoins him not to tell anyone else, because it’s a secret, see? Of course, poor Pulchinella immediately goes to one player after the other and tells him or her the secret, but makes them promise not to tell anyone else. In the end, everyone – including the audience – knows exactly what the secret is all about, only everyone acts as though they don’t have a clue which leads to some rather hillarious complications.

Life is full of Pulchinella Secrets, Professor Mordini says. In fact, we need them to maintain both our sanity and to keep society from falling apart. In a village, he says, everybody knows everything about everyone else.

Take location, for instance. In a village, everybody knows where you are at any given time. Old Georgio is out plowing the back forty, and Isabella is in the haystack with young Giovanni. Back then, nobody had to worry about their iPhone broadcasting their location data to all and sundry; the others already knew!

Or how about identification? Everybody in the village knew that Tony was the richest farmer and Guiseppe the village idiot, Martha the biggest gossip and Christine the village whore. Everyone had his or her pigeonhole into which to neatly fit, and everyone was comfortable with that.

But here’s the rub: While everyone knew everything about everybody, nobody talked about it (at least not in public). Instead, everyone acted as though they didn’t know where you are, who you are and what you are doing. This is the secret of peaceful life in a village; it is Pulchinella’s Secret.

Secrets, Mordini says, are not really secret in the sense that they are unknown or unknowable, but because they are labeled as secret. “This doesn’t imply that they are truly  unknown, and in fact their value does not dwell in their being known or unknown”, he maintains, “but rather they have value because they contribute to create power relations.”
From this, he derives what he describes as the “Four Laws of Secrecy in the Information Society”:

  • First, all secrets in the information society are Pulcinella’s Secrets. Nothing is really unknown. We just pretend they are.
  • Second, Pulcinella Secrets are not trivial secrets. They can be even critical because what makes a secret relevant is not only its status as being either known or unknown, but the role that it plays in shaping social and power relations among individuals and groups.
  • Thirdly, the value of information lies in its usage, not in any abstract property or the degree to which it is known. The value devolves to those who get to use this information first.
  • Finally, secret are only kept if someone has enough power to make others act as though they had no knowledge about that particular piece of information.

All this may sound highly theoretical, but for those of us involved in data protection and IT security, it has a number of very profound implications which Mordini smilingly presented to the assembled cream of the Identity & Access Management industry.
For instance, if all secrets are Pulchinella’s Secrets, thinking that we can actually keep data from leaking is a fallacy. All IT can do is make sure we know who knows, so instead of docking things down, we should be more concerned about managing access rights. Or, as Mordini puts it, “We need to rethink all our classification systems which are the cornerstone of the overall secrecy system.”

In any case, strong data protection and security are often illusory and in fact probably useless, he says. His conclusion? “Data are insecure by default”, he bluntly states – so don’t spend  too much energy and resources protecting databases; instead devote your time and spend energy to increasing your control over your data by making them always  traceable – and erasable!

This last term, of course, is Mordini’s charmingly inoffensive Italian way of lobbing a hand grenade into the market for CRM and user profiling. “The true power of the individual in the Information Age is not to remember and to be remembered, but to forget and to be forgotten”, he says, and he believes that this is also the key for controlling secrets in IT systems.

I wish we had been able to give him more time to elaborate on that final parting shot, but sadly keynote time at EIC is precious and no one gets more than half an hour. Should the Obama administration have the right (and the ability) to make the Wikileaks documents go away? Should consumers he given a kind of “digital eraser” to delete, for instance, traces of their shopping habits from eCommerce websites? Should teenagers be able to remove the pictures someone took of them at last-night’s drunken binge and then posted on Facebook? Where does free will end and censorship start? And is transparency in itself a good thing, or do we just simply have to get used to it? How will homo sapiens as a species continue to evolve in a world in which anything and everything is public knowledge.

Perhaps the secret really does lie in Pulchinella’s special brand of discretion: Just act as though you didn’t know, then everything’s okay. At least in a village – and possibly even in a global one.

PS: The same day I listened to Professor Mordinis wonderful speech, my wife and I went around to our local pizza place for dinner, and I got into a discussion with the owner about politics in Italy and especially about the ongoing sex scandal surrounding the current prime minister. “So Berlusconi like young girls”, il patrone said, “who would have thought? It’s just a segreto di Pulchinella!” I was dumbfounded? How could this guy, who to my certain knowledge did not attend the European Identit Conference, possibly know about Pulchinella’s Secrets? “Where I come from in our small village near Napoli, everybody knows about Pulchinella’s Secrets”, he told me. “After all, Pulchinella, he was born in our village, capisci – you unnershtan?”

6 thoughts on “Pulchinella revisited

  1. TGKerr (@DirtyDigger4) February 17, 2015 / 11:25 pm

    Secrets? No worries, Mal Turnbull will look after ours. I’ve got a couple of quibbles with his “digital transformation”, though. One is with “transformation”. I’m with that, except for incidents like my embarrassment at the till yesterday. The purchase cost $1500. OK, the first thousand went straight out of my debit account, with a swipe and the PIN I know by heart. The balance was to go on one of my credit cards, both Chip & PIN. Couldn’t remember the PIN. Flunk. Try second card. Success, but I wasn’t confident.
    Look, Malcolm Turnbull, when most of us are using 2-factor authentication, come back and convince us to chuck all our identities into your DTO.
    The second quibble is with “digital”. John Hopoate comes to mind.

    Like

  2. malcolmoz February 21, 2015 / 5:30 am

    Tim – I wish I had read your original blog in 2011. I have been developing thinking along the lines of the Punchinello Secret for years, but never elucidated it anywhere near so elegantly.

    I am still digesting your conclusion that “All IT can do is make sure we know who knows, so instead of docking things down, we should be more concerned about managing access rights.” Not sure that I entirely agree, but it is certainly a very good point. I will think more.

    Like

  3. Tim Cole February 21, 2015 / 10:19 am

    Actually, we should sit down and discuss this with our fellow member Emilio Mordini, who first told me the story of Pulchinella (it’s “a”, BTW, not “o” – even though Pulchinella is male. Go figure…)

    Liked by 1 person

  4. malcolmoz February 22, 2015 / 9:43 pm

    Ah. I struggled with ‘a’ vs ‘o’. I also thought it was ‘a’ but my spellchecker insisted on ‘o’ and of course, spellcheckers are infallible so I went with it. More fool me.

    And yes, I am really looking forward to meeting both of you and taking this discussion further. In the digital world, we may have to re-learn some social norms that are deeply ingrained in the real/old/meat world & the Pulchinella helps us conceive that.

    To put it another way, “Just because we can, Should we?” Hence my interest in whether ethical frameworks and processes have application in analytics etc and in the effort by the Accountability Foundation that is the subject of one of my other blogs here: it may or may not be the right framework, but it is a better attempt than any other I have seen and provides us with a straw-man starting point.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s