Update 20180128 Being open about data privacy.md

sources/talk/20180128 Being open about data privacy.md

@@ -33,42 +33,54 @@ What is important about the GDPR, though, is that it doesn't apply just to Europ
 通用数据保护条例的重要之处是他并不仅仅适用于欧洲的公司，如果你是阿根廷人，日本人，美国人或者是俄罗斯的公司而且你正在收集涉及到欧盟居民的数据，你就要受到这个条例的约束管辖。
 
 "Pah!" you may say,1 "I'm not based in the EU: what can they do to me?" The answer is simple: If you want to continue doing any business in the EU, you'd better comply, because if you breach GDPR rules, you could be liable for up to four percent of your global revenues. Yes, that's global revenues: not just revenues in a particular country in Europe or across the EU, not just profits, but global revenues. Those are the sorts of numbers that should lead you to talk to your legal team, who will direct you to your exec team, who will almost immediately direct you to your IT group to make sure you're compliant in pretty short order.
-
-
+“哼!” 你可能会这样说，“我的业务不在欧洲：他们能对我有啥约束？” 答案很简答：如果你想继续在欧盟做任何生意，你做好遵守，因为一旦你违反了通用数据保护条例的规则，你将会受到你全球总收入百分之四的惩罚。是的，你没听错，是全球总收入不是仅仅在欧盟某一国家的的收入，也不只是净利润，而是全球总收入。这将会让你去叮嘱告知你的法律团队，他们就会知会你的这个团队，同时也会立即去指引你的IT团队，确保你在相当短的时间内是符合要求的。
 
 This may seem like it's not particularly relevant to non-EU citizens, but it is. For most companies, it's going to be simpler and more efficient to implement the same protection measures for data associated with all customers, partners, and employees they deal with, rather than just targeting specific measures at EU citizens. This has got to be a good thing.2
-
+看上去这和欧盟之外的城市没有什么相关性，但其实不然，对大多数公司来说，对所有的他们的顾客、合作伙伴以及员工实行同样的数据保护措施是件既简单又有效的事情，
+而不是只是在欧盟的城市实施，这将会是一件很有利的事情。
 However, just because GDPR will soon be applied to organisations across the globe doesn't mean that everything's fine and dandy3: it's not. We give away information about ourselves all the time--and permission for companies to use it.
+然而，数据通用保护条例不久将在全球实施并不意味着一切都会变的很美好：事实并非如此，我们一直在丢弃关于我们自己的信息--而且允许公司去使用它。
 
 There's a telling (though disputed) saying: "If you're not paying, you're the product." What this suggests is that if you're not paying for a service, then somebody else is paying to use your data. Do you pay to use Facebook? Twitter? Gmail? How do you think they make their money? Well, partly through advertising, and some might argue that's a service they provide to you, but actually that's them using your data to get money from the advertisers. You're not really a customer of advertising--it's only once you buy something from the advertiser that you become their customer, but until you do, the relationship is between the the owner of the advertising platform and the advertiser.
-
+有一句话是这么说的（尽管很争议）：“如果你没有在付费，那么你就是产品。”这句话的意识就是如果你没有为某一项服务付费，那么其他的人就在付费使用你的数据。
+你有付费使用Facebook、推特？谷歌邮箱？你觉得他们是如何赚钱的？大部分是通过广告，一些人会争论到他们那时他们向你提供的一项服务，但事实上是他们在利用你的数据从广告商里获取收益。你不是一个真正的广告的顾客-只有当你从看了广告后买了他们的商品之后你才变成了他们的顾，但直到这个发生之前，都是广告平台和广告商的关系。
 Some of these services allow you to pay to reduce or remove advertising (Spotify is a good example), but on the other hand, advertising may be enabled even for services that you think you do pay for (Amazon is apparently working to allow adverts via Alexa, for instance). Unless we want to start paying to use all of these "free" services, we need to be aware of what we're giving up, and making some choices about what we expose and what we don't.
-
+有些服务是允许你通过付费来消除广告的（流媒体音乐平台声破天就是这样的），但从另一方面来讲，即使你认为付费的服务也可以启用广告（列如，亚马逊正在允许通过Alexa广告）除非我们想要开始为这些所有的免费服务付费，我们需要清除我们所放弃的，而且在我们想要揭发和不想的里面做一些选择。
 ### Who's the customer?
+### 谁是顾客？
 
 There's another issue around data that should be exercising us, and it's a direct consequence of the amounts of data that are being generated. There are many organisations out there--including "public" ones like universities, hospitals, or government departments4--who generate enormous quantities of data all the time, and who just don't have the capacity to store it. It would be a different matter if this data didn't have long-term value, but it does, as the tools for handling Big Data are developing, and organisations are realising they can be mining this now and in the future.
-
+关于数据的另一个问题一直在困扰着我们，它是产生的数据量的直接结果。有许多组织一直在产生巨量的数据，包括公共的组织比如大学、医院或者是政府部门4--
+而且他们没有能力去储存这些数据。如果这些数据没有长久的价值也就没什么要紧的，但事实正好相反，随着处理大数据的工具正在开发中，而且这些组织也认识到他们现在以及在不久的将来将能够去开采这些。
 The problem they face, though, as the amount of data increases and their capacity to store it fails to keep up, is what to do with it. Luckily--and I use this word with a very heavy dose of irony,5 big corporations are stepping in to help them. "Give us your data," they say, "and we'll host it for free. We'll even let you use the data you collected when you want to!" Sounds like a great deal, yes? A fantastic example of big corporations6 taking a philanthropic stance and helping out public organisations that have collected all of that lovely data about us.
+然而他们面临的是，随着数据的增长和存储量的不足他们是如何处理的。幸运--E而且我是带有讽刺意味的使用了这个词，5大公司正在介入去帮助他们。“把你们的数据给我们，”他们说，“我们将免费保存。我们甚至让你随时能够使用你所收集到的数据！”这听起来很棒，是吗？这是大公司的一个极具代表性的列子，站在慈善的立场上帮助公共组织管理他们收集到的关于我们的数据。
 
 Sadly, philanthropy isn't the only reason. These hosting deals come with a price: in exchange for agreeing to host the data, these corporations get to sell access to it to third parties. And do you think the public organisations, or those whose data is collected, will get a say in who these third parties are or how they will use it? I'll leave this as an exercise for the reader.7
-
+不幸的是，慈善不是唯一的理由。他们是附有条件的：作为同意保存数据的交换条件，这些公司得到了将数据访问权限出售非第三方的权利。你认为公共组织，或者是被收集数据的人在数据被出售使用权使给第三方在他们如何使用上面能有发言权啊？我将把这个问题当做一个练习留给读者。7
 ### Open and positive
+### 开放和积极
 
 It's not all bad news, however. There's a growing "open data" movement among governments to encourage departments to make much of their data available to the public and other bodies for free. In some cases, this is being specifically legislated. Many voluntary organisations--particularly those receiving public funding--are starting to do the same. There are glimmerings of interest even from commercial organisations. What's more, there are techniques becoming available, such as those around differential privacy and multi-party computation, that are beginning to allow us to mine data across data sets without revealing too much about individuals--a computing problem that has historically been much less tractable than you might otherwise expect.
-
+然而并不只有坏消息。政府中有一项在逐渐发展起来的“开放数据”运动鼓励部门能够将免费开放他们的数据给公众或者其他组织。这项行动目前正在被实施立法。许多
+支援组织--尤其是那些收到公共基金的--正在开始推动同样的活动。即使商业组织也有些许的兴趣。而且，在技术上已经可行了，例如围绕不同的隐私和多方计算上，正在允许我们根据数据设置和不揭露太多关于个人的前提下开采数据--一个历史上的计算问题比你想象的要容易处理的多。
 What does this all mean to us? Well, I've written before on Opensource.com about the [commonwealth of open source][4], and I'm increasingly convinced that we need to look beyond just software to other areas: hardware, organisations, and, relevant to this discussion, data. Let's imagine that you're a company (A) that provides a service to another company, a customer (B).8 There are four different types of data in play:
-
-  1. Data that's fully open: visible to A, B, and the rest of the world
-  2. Data that's known, shared, and confidential: visible to A and B, but nobody else
-  3. Data that's company-confidential: visible to A, but not B
-  4. Data that's customer-confidential: visible to B, but not A
-
+这些对我们来说意味着什么呢？我之前在网站Opensource.com上写过关于[开源的共享福利][4],而且我越来越相信我们需要把我们的视野从软件拓展到其他区域：硬件，组织，和这次讨论有关的，数据。让我们假设一下你是A公司要提向另一家公司提供一项服务，客户B。在游戏中有四种不同类型的数据：
+  1. Data that's fully open: visible to A, B, and the rest of the world
+  1. 数据完全开放:对A和B都是可得到的，世界上任何人都可以得到
+  2. Data that's known, shared, and confidential: visible to A and B, but nobody else
+  2. 数据是已知的，共享的，和机密的：A和B可得到，但其他人不能得到。
+  3. Data that's company-confidential: visible to A, but not B
+  3. 数据是公司级别上保密的：A公司可以得到，但B顾客不能
+  4. Data that's customer-confidential: visible to B, but not A
+  4. 数据是顾客级别保密的：B顾客可以得到，但A公司不能
 
 
 First of all, maybe we should be a bit more open about data and default to putting it into bucket 1. That data--on self-driving cars, voice recognition, mineral deposits, demographic statistics--could be enormously useful if it were available to everyone.9 Also, wouldn't it be great if we could find ways to make the data in buckets 2, 3, and 4--or at least some of it--available in bucket 1, whilst still keeping the details confidential? That's the hope for some of these new techniques being researched. They're a way off, though, so don't get too excited, and in the meantime, start thinking about making more of your data open by default.
-
+首先，也许我们对数据应该更开放些，将数据默认放到选项一中。如果那些数据对所有人开放--在无人驾驶、语音识别，矿藏以及人口数据统计会有相当大的作用的，9
+如果我们能够找到方法将数据放到选项2，3和4中，不是很好嘛--或者至少它们中的一些--在选项一中是可以实现的，同时仍将细节保密？这就是研究这些新技术的希望。
+然而又很长的路要走，所以不要太兴奋，同时，开始考虑将你的的一些数据默认开放。
 ### Some concrete steps
-
+### 一些具体的措施
 So, what can we do around data privacy and being open? Here are a few concrete steps that occurred to me: please use the comments to contribute more.
 
   * Check to see whether your organisation is taking GDPR seriously. If it isn't, push for it.