Tag Archive for 'Privacy'

Platform growth over user privacy

Published on January 18, 2011 in DataPortability, Privacy and social computing, with 0 Comments. Tags: , , .

Facebook announced that data about yourself (like your phone number) would now be shared with applications. Since the announcement, they've backed down (and good work to ReadWriteWeb for raising awareness of this).

I've been quoted in RWW and other places as saying the following:

“Users should have the ability to decide upfront what data they permit, not after the handshake has been made where both Facebook and the app developer take advantage of the fact most users don’t know how to manage application privacy or revoke individual permissions,” Bizannes told the website. “Data Portability is about privacy-respecting interoperability and Facebook has failed in this regard."

Let me explain what I mean by that:

This first screenshot is what users can do with applications. Facebook offers you the ability to manage your privacy, where you even have the ability to revoke individual data authorisations that are not considered necessary. Not as granular as I'd like it (my "basic information" is not something I share equally with "everyone", such as apps who can show that data outside of Facebook where "everyone" actually is "everyone"), but it's a nice start.

http:__www.facebook.com_settings_?tab=applications

This second screenshot, is what it looks like when you initiate the relationship with the application. Again, it's great because of the disclosure and communicates a lot very simply.
Request for Permission

But what the problem is, is that the first screenshot should be what you see in place of the second screenshot. While Facebook is giving you the ability to manage your privacy, it is actually paying lipservice to it. Not many people are aware that they can manage their application privacy, as it's buried in a part of the site people seldom use.

The reason why Facebook doesn't offer this ability upfront is for a very simple reason: people wouldn't accept apps. When given a yes or no option, users think "screw it" and hit yes. But what if they did this handshake, they were able to tick off what data they allowed or didn't allow? Why are all these permissions required upfront, when I can later deactivate certain permissions?

Don't worry, its not that hard to answer. User privacy doesn't help with revenue revenue growth in as much as application growth which creates engagement. Being a company, I can't blame Facebook for pursuing this approach. But I do blame them when they pay lipservice to the world and they rightfully should be called out for it.

Manipulating numbers that don’t mean anything

Published on June 7, 2010 in social computing, with 0 Comments. Tags: , , , .

Erick Schonfeld wrote a post today saying all the hoopla over Facebook's privacy isn't justified. I disagree for two reasons.

1) Awareness.
When Facebook announced their new changes, I tweeted why the hell no one was complaining. Chris Saad and I then wrote one of the first (if not the first) posts that criticised the Facebook move. CNN referenced our post and the entire industry has now gone over the top complaining.

Why didn't anyone from the major blogs critique the announcement immediately? Why the time lag? For the simple fact there wasn't awareness - people hadn't thought about it deeply. And to validate my point, check this recent exchange with a friend in Iran when I asked him how the people of Iran felt about the changes. He had no idea, and when he found out - he got annoyed.

2) The monopoly effect
I love Facebook as a service. But I will also admit, nothing compares to it - I love it for the sole fact it's the best at what it does. If there was genuine competition with the company, that offered a compelling alternative - I wouldn't feel as compelled to use it. They win me over due to great technology and user experience, but I'm not loyal to them because of that.

I think Facebook has some security right now because no one is in their class. But they will be matched one day, and I think the reaction would be very different. Rather than tolerate it, people would move away. And whilst Facebook can lock my data and think they own me like I'm their slave, the reality is my data is useless with time - what they need is permanent access to me, and to have that, they need to ensure my relationships with them is permanently ahead of the curve.

An invention that could transform online privacy and media

Published on July 21, 2009 in DataPortability and Innovation, with 0 Comments. Tags: , , , , , .

The University of Washington announced today of an invention that allows digital information to expire and "self-destruct". After a set time period, electronic communications such as e-mail, Facebook posts, word documents, and chat messages would automatically be deleted and becoming irretrievable. Not even the sender will be able the retrieve them, and any copy of the message (like backup tapes) will also have the information unavilable.

GmailEncapsulated

Vanish is designed to give people control over the lifetime of personal data stored on the web or in the cloud. All copies of Vanish encrypted data — even archived or cached copies — will become permanently unreadable at a specific time, without any action on the part of a person, third party or centralised service.

As the New York Times notes, the technology of being able to destruct digital data is nothing new. However this particular implementation uses a novel way that combines a time limit and more uniquely, peer-to-peer file sharing that degrades a "key" over time. Its been made available as open source on the Mozilla Firefox browser. Details of the technical implementation can be found on the team's press release, which includes a demo video.

FacebookEncapsulated

Implications
Advances like this could have a huge impact on the world, from controlling unauthorised assess to information to reinforcing content-creators copyright. Scenario's where this technology could benefit

  • Content. As I've argued in the past, news derives its value from how quickly it can be accessed. However, legacy news items can also have value as an archive. By controlling the distribution of unique content like news, publishers have a way of controlling usage of their product - so that they can subsequently monetise the news if used for a different purpose (ie, companies researching the past for information as opposed to being informed by the latest news for day to day decision making)
  • Identity. Over at the DataPortability Project, we are in the finishing touches of creating our conceptial overview for a standard set of EULA and ToS that companies can adopt. This means, having companies respect your rights to your personal information in a standardised way - think how the Creative Commons has done for your content creations. An important conceptual decision we made, is that a person should have the right to delete their personal information and content - as true portability of your data is more than just reusing it in a different content. Technologies like this allow consumers to control their personal information, despite the fact they may not have possession, as their data resides in the cloud.
  • Security. Communications between people is so that we can inform each other in the 'now'. This new world with the Internet capturing all of our conversations (such as chat logs and emails threads) is having us lose control of our privacy. The ability to have chat transcripts and email discussions automatically expire is a big step forward. Better still, if a company's internal documents are leaked (as was the case with Twitter recently), it can rely on more avenues to limit damage beyond using the court system that would issue injunctions.

GoogleDocsEncapsulated

There's a lot more work to be performed on technologies like this. Implementation issues aside, the inline encryption of the information doesn't make this look sexy. But with a few user interface tweaks, it gives us a strong insight into real solutions for present day problems with the digital age. Even if we simply get companies like Facebook, Google, Microsoft ad Yahoo to agree on a common standard, it will transform the online world dramatically.