A skeptical look at the world of online privacy, including:
- What does privacy mean?
- How is data collected?
- What kind of data is collected?
- How is this data uses?
- Relevant laws
- Tools to protect privacy
A Skeptical Approach to Online Privacy Sam Hogarth @samhogyWill Macdonald @PPUKScuzz
Privacy “The right to be left alone”Samuel Warren, Louis Brandeis – The Right to Privacy (1890), Olmstead v. United States, 277 U.S. 438 (1928)
Privacy“Privacy, is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.” Alan Westin – Privacy and Freedom (1967)
Privacy Is Dead“People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.”Mark Zuckerberg - http://crunchies2010.techcrunch.com (2010)
Digital Footprints Metadata about a user,generated through the use of technology.
Collecting Footprints• Opt-in: • Part of the service agreement / nature of technology. • User explicitly chooses to publish content.• Opt-out: • Gathered without a user’s explicit consent. Data collection is mandatory.
Using Digital Footprints• Personalisation: • Search results • Web sites and content• Recommendations of: • Products • Services• Improvement of services• Law enforcement and security
Concerns• There is a legitimate need for anonymity.• Is the data secure?• What story will the data tell in 10 years?• What story will the data tell that is not true, but backed up by facts?
Semantic dataLinking events and photos to locations
Facebook: 2005 (Default Settings)Info available to all members of Facebook:• Name• Gender• Networks• Profile Picturehttp://mattmckeon.com/facebook-privacy
Facebook: 2010 (Default Settings)Info available to the entire Internet:• Name • Likes• Gender • Profile Data• Networks • Friends• Profile Picture • Photos• Wall Postshttp://mattmckeon.com/facebook-privacy
“Frictionless Sharing”Data is shared publicly by default.Facebook integrates with 3rd-party applications.
“Ambient social networking” Always-on services
Protecting PrivacyLaws and tools to protect your data
Laws & RegulationsData Protection Directive (EU) • Consumers must give “unambiguous” consent. • Data must only be used for the purposes stated during collection, and not redirected to other purposes. • Data collected must have a reasonable relationship to the purposes for which it is collected.
Upcoming Laws & Regulations• “The right to be forgotten” (EU)• Privacy Bill of Rights (US) • Respect for context • Transparency in privacy policies • Don’t collect more information than is needed
ToolsFind out about web browser add-ons and mobile phone apps which can restrict access to sensitive data at: samhogy.co.uk/privacy-toolkit
Conclusions Data is a commodity. It should be treated as such.Users should err on the side of caution.
Conclusions“New privacy laws should emphasize usage restrictions to guard against unfair discrimination based on personal information, even if it is publicly available.”Daniel Weitzman – Beyond Secrecy: New Privacy Protection Strategies for Open Information Spaces (2007)