Towards Socially-Responsible Management of Personal Information in Social Networks


Published on

Slide deck for presentation at BlogTalk 2009 in Jeju. Co-located with Lift Asia 09
6th International Conference on Social Software Jeju, Korea, 15-16 September 2009

Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • 09/23/09
  • Towards Socially-Responsible Management of Personal Information in Social Networks

    1. 1. Towards Socially-Responsible Management of Personal Information in Social Networks BlogTalk Asia, Sept 2009 BlogTalk Asia 2009 Jeju, South Korea Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems [email_address]
    2. 2. Outline <ul><ul><li>Introduction and Context </li></ul></ul><ul><ul><li>Motivation and Problem Statement </li></ul></ul><ul><ul><li>Two Important Problems </li></ul></ul><ul><ul><li>Proposition for Managed Personal Information </li></ul></ul><ul><ul><li>Design Overview </li></ul></ul><ul><ul><li>Conclusion and Discussion </li></ul></ul>
    3. 3. Introduction and Context <ul><ul><li>Social Networks and Services </li></ul></ul>
    4. 4. Introduction and Context <ul><ul><li>Personal Information </li></ul></ul><ul><ul><ul><li>Different from Personally Identifying Information (PII) </li></ul></ul></ul><ul><ul><ul><ul><li>Subject to legal frameworks in most countries </li></ul></ul></ul></ul><ul><ul><ul><li>Increasingly shared on social networks </li></ul></ul></ul><ul><ul><ul><ul><li>Blurring boundaries between private and public life </li></ul></ul></ul></ul><ul><li>Legitimate concern (i.e., rights) over our information in terms of lifetime, usage purposes, access, etc. </li></ul>
    5. 5. Problems and Issues <ul><ul><li>Publish / share once, publish / share forever </li></ul></ul><ul><ul><ul><li>Indexing and searching </li></ul></ul></ul><ul><ul><li>Who “owns” and manages YOUR information (SLAs) ? Raging debates. </li></ul></ul><ul><ul><ul><li>Who’s information is it ? </li></ul></ul></ul><ul><ul><ul><li>Do you retain control ? </li></ul></ul></ul><ul><ul><li>Semantic searching capabilities </li></ul></ul>
    6. 6. The Right to Forget <ul><ul><li>Right to Forget : fundamental human right threatened by the digital nature of information (i.e., searchable) </li></ul></ul><ul><ul><li>Traditional Media (i.e., non digital) “Memory” erodes over time </li></ul></ul><ul><ul><ul><li>Labor and cost intensive </li></ul></ul></ul><ul><ul><li>Digital Media , requires explicit human intervention to “make forget” information (Rouvroy, 2007) </li></ul></ul>
    7. 7. Anonymity and Privacy <ul><ul><li>Anonymity and Privacy are fundamental to social networking </li></ul></ul><ul><ul><ul><li>It’s not a “bug”, it’s a feature ! </li></ul></ul></ul><ul><ul><ul><li>It’s not schizophrenia ! </li></ul></ul></ul><ul><ul><ul><ul><li>Multiple legitimate personas (e.g., work, family, communities, etc.) </li></ul></ul></ul></ul><ul><ul><ul><li>How do we deal with it in a socially-responsible and ethically sustainable way ? </li></ul></ul></ul><ul><ul><ul><ul><li>Cyber bullying (e.g., Akple in Korea) </li></ul></ul></ul></ul><ul><ul><li>Requires traceability and accountability of information (i.e., managed information) </li></ul></ul>
    8. 8. Key Question <ul><ul><li>Is Privacy and personal information threatened by current social networking services ? </li></ul></ul><ul><ul><li>We contend there is a need for Managed Personal Information </li></ul></ul><ul><ul><ul><li>Socially-responsible and sustainable </li></ul></ul></ul><ul><li>How can we retain an acceptable (by all) level of control over our personal information ? </li></ul>
    9. 9. Proposition <ul><ul><li>Personal Information should be augmented with a layer accounting for its management </li></ul></ul><ul><ul><li>Alongside other metadata increasingly used in addressing the semantic dimension of our electronic services </li></ul></ul>
    10. 10. Moving forward: Design Overview <ul><ul><li>DRM </li></ul></ul><ul><ul><ul><li>Highly controversial but a necessary evil likely to stay </li></ul></ul></ul><ul><ul><li>Exception Management </li></ul></ul><ul><ul><ul><li>An accountable approach to deal with the lack of flexibility of DRM </li></ul></ul></ul><ul><ul><ul><li>A socially-responsible (yet economically viable) alternative to the deceptive approaches of current DRM systems </li></ul></ul></ul>
    11. 11. Digital Rights Management (DRM) <ul><li>What is DRM ? </li></ul><ul><ul><li>Technology allowing to cryptographically associate usage rules to digital content </li></ul></ul><ul><ul><li>Rules govern the usage of content </li></ul></ul><ul><ul><li>Content is persistently protected wherever it resides </li></ul></ul><ul><li>Examples : </li></ul><ul><ul><li>Recipients of an email cannot FORWARD, PRINT, COPY the email </li></ul></ul><ul><ul><li>A document EXPIRES on September 16, 2009 and can only be accessed, in READ ONLY , by BlogTalk and Lift Asia attendees </li></ul></ul><ul><ul><li>CEO delegates to CCO the right to also manage policies provided an audit trace is logged, etc. </li></ul></ul><ul><li>Where is it used ? </li></ul><ul><ul><li>Initially fueled by the Media & Entertainment </li></ul></ul><ul><ul><li>Since 2003 : Enterprise sector fueled by corporate scandals (Enron, etc.), compliance issues, regulatory frameworks, etc. </li></ul></ul><ul><ul><li>Software and gaming industries </li></ul></ul>
    12. 12. Rethinking & Redesigning DRM: Exception Management <ul><li>Acknowledge the Central role of the User and User Experience </li></ul><ul><ul><li>Reinstate Users in their roles & rights </li></ul></ul><ul><ul><li>Presumption of innocence & the burden of proof </li></ul></ul><ul><li>Fundamental guiding principle : Feltens’ “ Copyright Balance ” principle (Felten, 2005) </li></ul><ul><ul><li>“ Since lawful use, including fair use, of copyrighted works is in the public interest, a user wishing to make lawful use of copyrighted material should not be prevented from doing so by any DRM system.” </li></ul></ul>
    13. 13. Rethinking & Redesigning DRM (cont.) <ul><li>Exception Management in DRM environments, mixing water with fire ? </li></ul><ul><ul><li>Reversing the distrust assumption puts the user “ in charge ”, facing his responsibilities </li></ul></ul><ul><ul><li>Allow users to make Exception Claims , granting them Short Lived Licenses based on some form of logging and monitoring </li></ul></ul><ul><ul><li>Use Credentials as tokens for logging to detect and monitor abuses </li></ul></ul><ul><ul><li>Credential are Revocable in order to deal with abuse and misuse situations </li></ul></ul><ul><ul><li>Mutually acknowledged need for managed content while allowing all actors a smooth usability experience </li></ul></ul>
    14. 14. Putting the pieces together <ul><ul><li>Augmenting information with usage rights appears to be a promising path towards : </li></ul></ul><ul><ul><ul><li>Socially-Responsible management of personal information in social networks and services </li></ul></ul></ul><ul><ul><li>Enabling Exception Management may offer the much needed flexibility lacking in traditional rights management environments </li></ul></ul><ul><ul><li>Much work remains to be done </li></ul></ul>
    15. 15. Conclusion <ul><ul><li>Call for Action ! We need to innovate </li></ul></ul><ul><ul><li>Co-creation of value: </li></ul></ul><ul><ul><ul><li>Requires a transdisciplinary approach (law, business, sociology, ethics, engineering, design, etc.) </li></ul></ul></ul><ul><ul><ul><li>Involving all the stakeholders </li></ul></ul></ul><ul><ul><li>Engineering is “easy”, getting it “right” in a mutual socially responsible way is hard but a great societal challenge </li></ul></ul>
    16. 16. Questions - Discussion <ul><li>귀하의 관심에 감사드립니다 </li></ul><ul><li>Thank you </li></ul>Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems [email_address]