• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Towards Socially-Responsible Management of Personal Information in Social Networks
 

Towards Socially-Responsible Management of Personal Information in Social Networks

on

  • 1,250 views

Slide deck for presentation at BlogTalk 2009 in Jeju. Co-located with Lift Asia 09

Slide deck for presentation at BlogTalk 2009 in Jeju. Co-located with Lift Asia 09
6th International Conference on Social Software Jeju, Korea, 15-16 September 2009

Statistics

Views

Total Views
1,250
Views on SlideShare
1,248
Embed Views
2

Actions

Likes
0
Downloads
10
Comments
0

1 Embed 2

http://www.linkedin.com 2

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09

Towards Socially-Responsible Management of Personal Information in Social Networks Towards Socially-Responsible Management of Personal Information in Social Networks Presentation Transcript

  • Towards Socially-Responsible Management of Personal Information in Social Networks BlogTalk Asia, Sept 2009 BlogTalk Asia 2009 Jeju, South Korea Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems [email_address] http://jean-henry.com/
  • Outline
      • Introduction and Context
      • Motivation and Problem Statement
      • Two Important Problems
      • Proposition for Managed Personal Information
      • Design Overview
      • Conclusion and Discussion
  • Introduction and Context
      • Social Networks and Services
  • Introduction and Context
      • Personal Information
        • Different from Personally Identifying Information (PII)
          • Subject to legal frameworks in most countries
        • Increasingly shared on social networks
          • Blurring boundaries between private and public life
    • Legitimate concern (i.e., rights) over our information in terms of lifetime, usage purposes, access, etc.
  • Problems and Issues
      • Publish / share once, publish / share forever
        • Indexing and searching
      • Who “owns” and manages YOUR information (SLAs) ? Raging debates.
        • Who’s information is it ?
        • Do you retain control ?
      • Semantic searching capabilities
  • The Right to Forget
      • Right to Forget : fundamental human right threatened by the digital nature of information (i.e., searchable)
      • Traditional Media (i.e., non digital) “Memory” erodes over time
        • Labor and cost intensive
      • Digital Media , requires explicit human intervention to “make forget” information (Rouvroy, 2007)
  • Anonymity and Privacy
      • Anonymity and Privacy are fundamental to social networking
        • It’s not a “bug”, it’s a feature !
        • It’s not schizophrenia !
          • Multiple legitimate personas (e.g., work, family, communities, etc.)
        • How do we deal with it in a socially-responsible and ethically sustainable way ?
          • Cyber bullying (e.g., Akple in Korea)
      • Requires traceability and accountability of information (i.e., managed information)
  • Key Question
      • Is Privacy and personal information threatened by current social networking services ?
      • We contend there is a need for Managed Personal Information
        • Socially-responsible and sustainable
    • How can we retain an acceptable (by all) level of control over our personal information ?
  • Proposition
      • Personal Information should be augmented with a layer accounting for its management
      • Alongside other metadata increasingly used in addressing the semantic dimension of our electronic services
  • Moving forward: Design Overview
      • DRM
        • Highly controversial but a necessary evil likely to stay
      • Exception Management
        • An accountable approach to deal with the lack of flexibility of DRM
        • A socially-responsible (yet economically viable) alternative to the deceptive approaches of current DRM systems
  • Digital Rights Management (DRM)
    • What is DRM ?
      • Technology allowing to cryptographically associate usage rules to digital content
      • Rules govern the usage of content
      • Content is persistently protected wherever it resides
    • Examples :
      • Recipients of an email cannot FORWARD, PRINT, COPY the email
      • A document EXPIRES on September 16, 2009 and can only be accessed, in READ ONLY , by BlogTalk and Lift Asia attendees
      • CEO delegates to CCO the right to also manage policies provided an audit trace is logged, etc.
    • Where is it used ?
      • Initially fueled by the Media & Entertainment
      • Since 2003 : Enterprise sector fueled by corporate scandals (Enron, etc.), compliance issues, regulatory frameworks, etc.
      • Software and gaming industries
  • Rethinking & Redesigning DRM: Exception Management
    • Acknowledge the Central role of the User and User Experience
      • Reinstate Users in their roles & rights
      • Presumption of innocence & the burden of proof
    • Fundamental guiding principle : Feltens’ “ Copyright Balance ” principle (Felten, 2005)
      • “ Since lawful use, including fair use, of copyrighted works is in the public interest, a user wishing to make lawful use of copyrighted material should not be prevented from doing so by any DRM system.”
  • Rethinking & Redesigning DRM (cont.)
    • Exception Management in DRM environments, mixing water with fire ?
      • Reversing the distrust assumption puts the user “ in charge ”, facing his responsibilities
      • Allow users to make Exception Claims , granting them Short Lived Licenses based on some form of logging and monitoring
      • Use Credentials as tokens for logging to detect and monitor abuses
      • Credential are Revocable in order to deal with abuse and misuse situations
      • Mutually acknowledged need for managed content while allowing all actors a smooth usability experience
  • Putting the pieces together
      • Augmenting information with usage rights appears to be a promising path towards :
        • Socially-Responsible management of personal information in social networks and services
      • Enabling Exception Management may offer the much needed flexibility lacking in traditional rights management environments
      • Much work remains to be done
  • Conclusion
      • Call for Action ! We need to innovate
      • Co-creation of value:
        • Requires a transdisciplinary approach (law, business, sociology, ethics, engineering, design, etc.)
        • Involving all the stakeholders
      • Engineering is “easy”, getting it “right” in a mutual socially responsible way is hard but a great societal challenge
  • Questions - Discussion
    • 귀하의 관심에 감사드립니다
    • Thank you
    Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems [email_address] http://jean-henry.com/