Hal Finney, Privacy, and the ALS Ice Bucket Challenge

As I’ve mentioned before, I like to read the obituaries in the print edition of the New York Times — the physical act of turning the pages draws my attention to stories that I wouldn’t necessarily click online.  Monday, I read an obituary for cryptographer Hal Finney, who died last week at age 58 from amyotrophic lateral sclerosis (also known as ALS and Lou Gehrig’s Disease). The combination of Finney’s job and his cause of death caught my eye because both privacy issues and ALS have been headline news lately.

Finney’s interest in encrypting online content dated back to 1991, when he became a key developer on a volunteer software project called Pretty Good Privacy. Times obituary writer Nathaniel Popper explained:

“P.G.P. aimed to make it possible for people everywhere to encrypt electronic communication in a way that could not be read by anyone other than the intended recipient.”

Finney and his colleagues were prescient to raise concerns about online privacy 23 years ago, though Finney’s big worry was that corporations and governments would spy on people. We now know that it’s not only the likes of Facebook and the National Security Agency that we need to fear, as evidenced by this weekend’s leak of nude photos stolen from famous women, including actresses Jennifer Lawrence and Kirsten Dunst.  Regarding the legal issues raised by the leak,  the FBI has said:

“The FBI is aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter.”

On the technical side, there was initial concern that the photo thefts occurred due to a hack of Apple’s iCloud storage system. However, Apple said its investigation revealed no systemic problem but rather a targeted attack on specific “user names, passwords and security questions.” Ah, passwords! Who can deal with them?  Too-easily-broken, they offer only the illusion of security. (In 2011, Lifehacker published a piece called, “The Only Secure Password Is the One You Can’t Remember.”) Experts have been calling for alternatives to passwords for years, but, last month, Slate argued that the other options, including biometrics, could be equally problematic or even worse. In Finney’s obituary, the Times noted that P.G.P. “used relatively new innovations in encryption that are still thought to be invulnerable to code breakers.” To me, personalized encryption sounds more and more appealing.  That way a gal could give in to her significant other’s importuning for nudes and know that if her photo was seen by anyone else, there could be only one person responsible.

By the way, I think its absurd to blame the victims of the photo leaks by saying that the targeted women were “asking for it” by taking photos for their own personal use. People get so worked up about naked bodies that they lose sight of the fact that what happened to the celebrities with their photos can happen to anyone with any kind of information that is not meant for wide distribution.  In fact, yesterday afternoon, Home Depot announced it was investigating after cybersecurity blogger Brian Krebs reported signs that the company may have experienced a huge security breach potentially resulting in tens of millions of credit card and debit card numbers being stolen. Were people who shopped at Home Depot asking for it by using plastic to pay for things? Dang! Maybe we should be walking around with stacks of cash from now on. But wait! Carrying all that cash could make us tempting to muggers. Seriously, if we make the victims more responsible for criminals’ actions than the criminals are, we won’t be able to leave our houses, either virtually or physically.

Speaking of money issues, Hal Finney was also an early user of and developer of virtual currency Bitcoin, which, the Times said, used some of the same encryption tools as P.G.P. and could potentially allow users to spend and earn money online anonymously. The leaker of the celebrity photos tried to benefit from that work by soliciting payment for the stolen photos via Bitcoin … only to come to the realization that it’s hard to get people to pay for something you’ve already given them for free. As the leaker should have known from his own behavior, technology is often no match for human nature.

In the end, a different kind of technology kept Hal Finney alive. He died when he was taken off life support, his wife told the Times. He had been paralyzed by ALS, a disease of which there has been heightened awareness due to this summer’s Ice Bucket Challenge. According to the often-ignored/forgotten rules of the challenge, you had to donate to the ALS Association within 24 hours of being challenged or be doused with ice water … and then hopefully donate anyway. (I chose to donate only.)

Whenever a bit of pop culture goes viral, whether it is Miley Cyrus twerking or scores of celebrities being doused in cold water,  there are people who will wring their hands and predict the worst possible outcome. I think something about the sight of folks having fun sets them off.  In the case of the Ice Bucket Challenge, complaints have ranged from “We’re wasting too much water!” (Really? Take it out of my untouched pool-filling/lawn-watering quota!) to “I personally am already aware of ALS, so raising awareness must be a waste of time” to “Some people aren’t becoming any more aware of ALS so it’s all useless.” Actually, the figures make it very clear that as a fundraising effort, the challenge was far from useless. The ALS Association raised over $100 million in a month, compared to $2.8 million raised in the same period the previous year.

The good news about the money brought out another kind of worrier — the type that doesn’t really understand how charities are run and is all too ready to believe in conspiracies. Here’s something that I saw on my Twitter timeline.

I wondered whether the tweeter was thinking that if only 7% was spent on research, 93% was spent on salaries and the like. Well! This kind of stuff is easily checked. Before I donated to ALSA, I looked it up on Charity Navigator, which is the largest evaluator of nonprofits. The Better Business Bureau and CharityWatch also rate charities. All three agencies look at how charities spend their money, among other issues. Of course, if you have a question about a charity’s financial priorities, you can go directly to the organization’s website. Before you start reviewing the financial reports, I recommend reading the mission statement so that you know what the funds are being raised for in the first place. The ALSA mission statement makes it clear that the organization doesn’t limit itself to funding research. Public awareness and support for current ALS patients are also key goals.

From the ALSA website. Click to see the original page.

It took me mere seconds to find the ALSA annual report (for the year ended Jan. 31, 2012) that contained the 7% figure or, to be more precise, 7.71%. The same report showed that nearly 64% of funds went to other program activities.

“Other program activities” included 34 centers that provide medical care to ALS patients. I’d call that a worthy expenditure. It should be noted that spending priorities can change from year to year. More recent financial information —  for the fiscal year ended Jan. 31, 2014 — is here, showing 28% of ALSA’s funds were spent on research. I expect the next several years will show wildly different results as the organization figures how to best allocate its unexpected windfall. I wouldn’t expect or want the organization to spend all the Ice Bucket money at once.

So, in honor of Hal Finney, a smart guy who understood the Internet, I ask you to do check out original sources before panicking. You don’t have to go to the library. Just your search bar. It’s easy, I promise.

Finally, I want to mention a few other complaints generated by the Ice Bucket Challenge, like the claims that ALSA’s success is taking money from other charities; Matthew Herper of Forbes argues against that here. And I see that the founder of another worthy ALS charity feels left out, even though, without the interest generated by the Ice Bucket Challenge, he wouldn’t have gotten the op-ed space to write about feeling left out (plus his group did its own challenge). This makes me think of one time I was worrying aloud about some nonsense to MrB and MrB gently pointed out that I seemed determined to find a cloud when all I had was silver linings. This situation with ASLA feels similar, and I’m betting that Hal Finney would be on MrB’s side. First of all, Finney’s Times obituary included the information that “his body was immediately prepared for cryonic preservation by the Alcor Life Extension Foundation in Scottsdale, Ariz., according to his wishes.” (This was something he decided to do in 1992, long before his ALS diagnosis, and he stuck with it.) That’s a sign of an optimistic personality!

Also, the obit said that in recent years, Finney could move only the muscles in his face. He used a computer that tracked eye movements to communicate and write Bitcoin-related software and, last year, he wrote on a Bitcoin website:

“I’m pretty lucky over all … Even with the A.L.S., my life is very satisfying.”

I don’t know if it was intentional, but his words echo the sentiments of baseball player Lou Gehrig’s retirement speech, in which Gehrig called himself “the luckiest man on the face of the earth” despite his diagnosis of ALS, the disease that would kill him and become forever associated with his name.

If Finney and Gehrig could call themselves lucky in the face of this devastating disease, doesn’t it seem a little silly for the rest of us be unhappy that $100 million was raised to help people like them? Right now, I see nothing but silver linings.