Privacy

Preparation

If you’re planning to do slides, you’ll need to set them up for Present sections and anything else you want to cover.

Summary

Present

There are two privacy issues with social media tools.

The first is people posting information online about themselves. This is something you need to address by educating people.

The second is the RE program posting information online about members in the program. This you need to address with a privacy statement.

Privacy of the individual

Present

Privacy is a serious thing, but privacy issues with social media are often brushed off. Ditto for identity theft issues.

Think about the questions your bank asks you for security confirmation? Think about questions accounts you have for various web-sites ask you if you forget your password.

  • your mother’s maiden name
  • the name of your first crush
  • the town you were born in
  • the year you graduated high school
  • your birth date
  • the last four digits of your social security number

Are you putting the answers to these questions online? If someone culls all the information you’ve put online and couples it with information governments and other corporations are putting online, how easy is it for someone to steal your identity?

How much behavioral information does a corporation need to target ads to you that are scarily relevant? How does this affect how you consume things? How does this affect how other people consume things?

When your kids are Internet-age, what will they learn from their parents, relatives, and peers and their online accounts? Do you want all this information known? Can you guarantee you don’t want this information known in the future?

Do you know what information about you social media sites are sharing and selling?

Do you know what the social media site will do with your information in 10 years? 20 years?

Do you know how social media sites you’re using will change their privacy policy with little or no input from you? [1]

The issue with privacy is really two fold:

  1. control - once a piece of data is out there, you effectively have no control over what happens to it
  2. anonymity - once it’s out there, anyone can see it and track it back to you–all you need is one “friend” who links to it with your name

When using a site you don’t control, it’s best to assume that your data is as good as public and use the site accordingly. Why do this when sites usually have privacy controls? For more on that, see the chapter on control, dependency and changes.

[1]http://gawker.com/5426176/facebooks-great-betrayal

Privacy statements

Present

As an institution, if you’re putting people’s information online, you should have a privacy statement that explicitly states what data the institution collects, where it stores that data, who has access to the data, and how the data is used.

For an example of such a statement, see the UUA’s Privacy and Data Security statement [2].

As a side note, it’s not uncommon for people to say something along the lines of, “Well, the information is all out there already, so we don’t have to worry about privacy.” The “everyone else is doing it” excuse fails here just like it does everywhere else.

[2]http://www.uua.org/leaders/dataservices/131222.shtml

Activity: Articles

Either pick an article in the Resources and articles section or find an article online that deals with privacy problems with social media web-sites.

Read the article.

Discuss the article with the group.

Activity: Setting up a policy that accounts for privacy

Use PiratePad to write a privacy statement that addresses privacy issues.

Resources and articles

http://arstechnica.com/tech-policy/news/2010/02/google-works-to-clean-up-buzz-privacy-mess-after-launch.ars
Google works to clean up Buzz privacy mess after launch
http://arstechnica.com/tech-policy/news/2010/02/brief-facebook-glitch-sent-private-messages-to-wrong-users.ars
Brief Facebook glitch sent private messages to wrong users
http://arstechnica.com/tech-policy/news/2010/03/bringing-us-privacy-law-into-the-cloud-computing-era.ars
Bringing US privacy law into the cloud computing era
http://techcrunch.com/2009/11/05/massive-facebook-and-myspace-flash-vulnerability-exposes-user-data/
Massive Facebook and MySpace Flash vulnerability exposes user data
http://theharmonyguy.com/2010/04/10/facebook-platform-vulnerability-enabled-silent-data-harvesting/
Facebook platform vulnerability enabled silent data harvesting
http://www.nytimes.com/2010/04/09/education/09cyberkids.html?_r=1
Teaching children about using the Internet and the misconception that just because they’re using the Internet all alone in a room, that doesn’t mean that what they’re expressing online isn’t public and viewable by everyone.
http://www.networkworld.com/news/2010/042010-google-youtube-government-data.html
Google, YouTube received 10,000 government requests for user data
http://arstechnica.com/tech-policy/news/2010/04/facebook-privacy-changes-get-senatorial-ftc-attention.ars
Senators complain about Facebook privacy changes
http://www.eff.org/deeplinks/2010/05/things-you-need-know-about-facebook
Six things you need to know about Facebook connections
http://www.zephoria.org/thoughts/archives/2010/05/14/facebook-and-radical-transparency-a-rant.html
Danah Boyd rants about Facebook in regards to privacy issues with social media.
http://healyourchurchwebsite.com/2006/02/20/why-your-church-needs-a-privacy-statement/
Why your church needs a privacy policy
http://www.uua.org/leaders/dataservices/131222.shtml
UUA privacy and data security policy