This presentation, given in both the Canberra and Adelaide Social Media conferences by Akolade, provides a view on the dangers and mitigations for privacy concerns when government agencies use social media
4. What is privacy about?
• An individual’s control of their own virtual
personal space by,
• limiting when, where and how
organisations can collect, make
use of, or share personal data,
• without the permission of the
individuals involved.
Why?
Because information = power
Our society views individuals as the most important rights
holders in most situations
(this isn’t common to all societies) Source: http://lizprovasi.wordpress.com/2012/04/01/personal-space/
5. Privacy has grey edges
• Each individual has different privacy tolerances.
• The right and expectation to privacy varies on the
situation and the parties involved.
Privacy is constantly changing
• More personal data is captured and stored every day.
• Globalisation brings different privacy regimes into conflict.
• Digital channels challenge rights to privacy.
• Evidence of a generational shift in privacy views.
6. Can we mirror offline privacy online?
Partially, but not completely
Nor do people want it…
8. Social media versus NPPs
1: Collection
Is it collecting personal information if a person voluntarily provides it on your
Facebook page?
If an individual talks about someone else in your forum, do you have to ask
the second person’s permission to capture it?
2: Use and disclosure
When someone Likes your Facebook page, is that consent for them to
receive updates from that page?
3: Data quality
How can an organisation verify that information about an individual provided
via a social media channel is accurate, complete and up-to-date?
4: Data security
How can an organisation secure data held in a third-party system (social
network, forum, group, etc)?
9. Social media versus NPPs
5: Openness
How does your organisation keep track of what information it holds about an
individual across a number of social networks, when the individual may use
different identities?
6: Access and correction
How can an organisation give individuals access to information held about
them, when some is stored behind administration logins?
8: Anonymity
How can an organisation support anonymous transactions when services
like Facebook and Google Plus enforce identity (part of their service)?
9: Transborder data flows
How do organisations keep data within a jurisdiction when social networks
are cloud based?
10: Sensitive information
How do organisations avoid collecting it on social networks without consent?
10.
11. The answer:
Reasonable and practicable
For example:
1.3 At or before the time (or, if that is not practicable, as soon as
practicable after) an organisation collects personal information
about an individual from the individual, the organisation must take
reasonable steps to ensure that the individual is aware of….
12. Clarify internal versus external risks
Differentiate online platform risks versus your organisation’s
use of these platforms.
13. To minimise privacy risks
• Understand the National Privacy Principles (NPPs),
particularly relating to ‘practicable’ and ‘reasonable’
steps (you can’t control everything).
• Understand the privacy framework for the online
services you plan to use (try them out first).
• Provide alternate avenues for engagement and contact,
so people can select for their own privacy concerns.
• Provide clear context – what terms are participants
bound by (social network, your own).
• Communicate how personal information will be captured
and used.
• Moderate privacy breaches and offer alternative paths
to people wishing personal and specific information.
19. Online infrastructure pyramid
Campaign/
project practice
Guidance and training
Strategy & framework
Social media policy
Agency instructions and policies
Government policies and guidelines
Legislation and international agreements
20. Online infrastructure pyramid
Branch/
Team
Campaign/
project practice
Guidance and training
Whole
of
agency Strategy & framework
Social media policy
Agency instructions and policies
Whole of Government policies and guidelines
Governmen
t
Legislation and international agreements