Saturday, March 12, 2011

Social Networking Privacy Policies Won't Cut It

Last week I blogged about the gradual erosion of privacy rights in the digital world.  This week I’d like to follow up with why privacy in a social networking setting is a double-edged sword and how to address some of the major issues associated with it.

Let’s say you are a cat fancier, but you live in a part of the world where no one close to you shares your passion (I know, unlikely—we’re talking cute cats after all—but stay with me for a bit).  While surfing the web one day you happen upon a wonderful website, www.catsbook.com, where cat fanciers from all over the world can share stories and cute pictures of their cats. You wonder if any of your old cat-fancying friends from back home are on the site, so you do a quick search. Lo and behold all some of them are indeed there.  “What a great place,” you think to yourself, “where do I sign up!”  So you cheerfully press the “Join Now” button and are taken to a page that asks you to put all of your personal information online: your name, your cat’s name(s), your address, your email address, your phone number, how long you’ve been interested in cats, and so on.  You begin to wonder: “why do they need all this information?” and perhaps “what are they going to do with it?”  So, acting with an abundance of caution, you go to the privacy settings page and carefully make every bit of information “private.”

Weeks later you wonder why no one you know has tried to “cat friend” you.  In a blinding epiphany, you realize that by making all your information private, no one who might be trying to find you as a “cat friend” will be able to do so.  So, acting with an abundance of enthusiasm, you go back to the privacy settings page and cheerfully make all your information public.

The results are almost instantaneous.  Within seconds dozens of people like you are reaching out as potential new “cat friends.”  Then you notice you have 128 new email messages in your inbox from companies with cat products that they are sure you can’t wait to buy.  Then your phone begins to ring. The first few calls are from some of the same companies offering you an exclusive chance to buy their cat products at a deep discount.  After a while, the calls change from cat product companies, to dog product companies, then to pet product companies, then to Nigerian estate officers.

And thus the double edged sword of privacy in a social network environment becomes evident.  If you are overly pessimistic and make all your information private, no one that you would *like* to be able to find you can do so; if you are overly optimistic and make all your information public, everyone can find you. Both the people you *want* to find you and lots of people you *don’t* want to find you.

The big problem with privacy isn’t so much that people are foolishly putting personal information on the web: that’s sort of the point when you are dealing with social networking. The problem is with the owners of the social networking sites (who control the data), and with the organizations (and governmental agencies) that can access that data.  As long as organizations are able to sell your personal information without your permission, and as long as organizations that buy it (or find it online) are allowed to use your personal information for whatever reasons they want to, society is going to have major issues with privacy. 

An annoying phone call from a cat-care company in the middle of the night is annoying.  Being denied insurance because of a study that links the genes favoring cat ownership with major diseases (just kidding…there aren’t any…I hope) is slightly beyond annoying. It should be illegal. And thus the solution presents itself: true privacy protection isn’t about organizations using your information. It’s about organizations, public and private, *misusing* your information for purposes you do not approve of. Organizations and governments misusing your data shouldn’t just be frowned on, it should be illegal.

To be fair, many misuses of data are already illegal, depending on which part of the world you live in. For further information, I highly recommend an article published this week by technology writer Bob Sullivan Why should I care about digital privacy?

No comments:

Post a Comment