Liars & Outliers: Enabling The Trust That Society Needs To Thrive
by Bruce Schneier

Wiley 2012.
ISBN 978-1-118-14330-8 . USD 15.18 (pre-order), Table of Contents

Reviewed by  Richard Austin   January 19, 2012 

Schneier's latest book is a wide-ranging exploration of the trust that both enables and supports the functioning of a group (whether a family, tribe, society or civilization). It is not an information security book and the publisher has aptly positioned it in the "Current Affairs/Sociology" category. As might be expected, the book is well written and researched (the references and notes make up a third of its length).

Trust is explored in the context of a variety of societal dilemmas - situations where an actor (a person, corporation, etc) must make a choice between their interest and competing interests of the group that contains them. Defectors (the "liars and outliers" of the title) are those that choose not to follow (or defect from) the norms of the group. Defectors can sometimes be reprehensible people such as thieves and confidence tricksters and sometimes admirable people such as abolitionists fighting a social norm of slavery.

The trust model starts with moral and reputational factors which operate in the arena of individuals and small groups. These are quite effective when actors are familiar with one another but falter when scaling to larger groups such a society or civilization. To deal with the increasing scale (numbers of actors, geographical separation, high mobility, etc), institutional factors (e.g., laws and punishments) and security mechanisms (e.g., police forces and militaries) come into play.

Technology is one of the main factors increasing the scale of social interactions that challenge our traditional and familiar tactics for creating and evaluating trust. For example, an interaction over the web can transparently cross cultural and geographical boundaries and pose perplexing conundrums of how trust (who we're talking to, the reliability of their communications, etc) can be established and maintained.

Chapter 15, "How Societal Pressures Fail", is an absolute gem and suggests plausible explanations for many of the troublesome issues that arise when actors interact in complex ways and have the ability to exploit natural delays in the system (e.g., if a particular tactic can generate a profit of $10,000 per month with an expected 9 months before the tactic is detected and a $5,000 sanction is imposed, it can be quite profitable to defect).

After exploring the trust model, how it works, and how it fails (or can be made to fail), Schneier suggests a list of tactics for improving the "trustability" of our interactions ranging from understanding the societal dilemmas operating in particular contexts to increasing transparency. While they sound trite in isolation, taken in the overall context of Schneier's examination, they form good advice on how to improve the situation.

The book is not without its controversies. Some will question the suggested genetic basis for many of the behaviors (rather than "there's a gene for that", it might be the case that the genetic basis rather enables emergence of the behaviors). Sometimes the assumption that technological advancement and improvement is a monotonically increasing up-and-to-the-right function seems to ignore the fact that a substantial portion of the world population is locked in a grim struggle to obtain the basics of food, water and shelter. Though a minor point suggested in the end notes, many of us will disagree that the time of representational democracy is over or that the next development in human civilization is to join the queue for assimilation into the "group mind".

Controversies aside, this book deserves to be read. Its exploration of trust, its development, nurturing, manipulation and failure is sorely needed as a background to many of the issues faced by individuals and the societies they form. It's a trite truism, but if we do not understand the basis of the problem, we will eternally focus on treating the symptoms of the underlying disease. Schneier has done the community a great service by presenting a masterful exploration of the issue of trust.

Before beginning life as an educator and independent cybersecurity consultant, Richard Austin ( spent 30+ years in the IT industry in positions ranging from software developer to security architect. He welcomes your thoughts and comments at raustin2 at spsu dot edu