Data Privacy Day + 4 Not So Obvious Privacy Tips
Comments: 7 - Date: November 13th, 2008 - Categories: Privacy
Take out your calendars for the new year! Intel is sponsoring its second Data Privacy Day on January 28, 2009. Data Privacy Day, which is sponsored by a combination of tech companies, government organizations, and academic groups, aims to facilitate discussions on privacy, especially with regards to teenagers and social networking sites. The three-part framework includes educational materials, events, and government involvement. It was also nice to see the Digital Natives project, which has been active in all three of the above components, under their resources for data privacy issues.
I was most interested in the educational materials for teenagers that were presented Data Privacy Day. They bring up some important points, and I’d like to add some of my own thoughts to them here. I’ve have tried to pick out tips about privacy that may not come across as immediately obvious. None of them are myth-busting, per se, but they probably aren’t things we think about the minute we hit the tempting “Sign Up” button. Since the material on Data Privacy Day mostly focuses on privacy on social networking sites, I’ll draw on some examples with Facebook, which I have the most personal experience in.
1. Treat what you put online as permanent.
It’s easy to think of digital content as ephemeral, mutable, and easily edited, which is true except for caching. Search engines take snapshots of websites and makes these snapshots, rather than the live website, searchable. That means that anything you post that gets cached will show up in a Google search even if you later remove the content. Google caches are updated every so often – usually in a span of a few weeks – but you have limited control in the intermittent time. Even when pages and Google caches are updated, old webpages may still be archived and accessed on places like the Internet Archive. (Note: Here are Google’s policies on excluding pages from its cache and search results. Most of this information applies to other search engines as well.). Aside from automated archives, other users can of course copy and save your content to display on their own sites. The bottom line is: Once it’s online, it’s out of your hands.
2. Default settings usually allow sharing.
Privacy, as works at almost all social networking sites, is opt-in rather than opt-out process. From the point of view of a social networking site, it’s always in their advantage for their users to share as much as possible. Unfortunately, this means that people who are least aware are also the ones most at risk. Settings can be sneaky or complicated. On Facebook, you can have strong, custom privacy settings enabled, but when you join a new network – a regional network for example, which are often the largest and most open – none of those custom settings apply. It is important to be vigilant and take affirmative steps to be aware of your own privacy settings.
3. Companies usually reserve the right to change their privacy policies without notice.
Remember when Facebook came out with Newsfeed? Or ads that tied your name to online purchases on third-party sites? Facebook didn’t tell its users about the changes until they were live, and these changes were strictly opt-out only. (Not to mention that the initial privacy controls in both cases were either nonexistent or insufficient.) Facebook’s own privacy policy also says, buried in the middle of pages of text, “We reserve the right to change our Privacy Policy and our Terms of Use at any time.” and, “We encourage you to refer to this policy on an ongoing basis so that you understand our current privacy policy.”
4. A closed network is only as private as the people in it.
As I said in number 1, any content that is put online is no longer completely in your hands. To take Facebook as an example again, it’s easy to think of Facebook as semi-private because it requires a log in to access the site and is not indexed by search engines. But that doesn’t mean that photos on Facebook are strictly accessible only to friends or networks based on privacy settings. All it takes is a simple right click and “Copy Image Location,” which gets you an URL linking to a Facebook photo that can be copied and sent to anyone. Essentially, if leaked, anyone can see a Facebook photo.
This post is not supposed to come across as alarmist– it’s just crucial to think of privacy as something for which we have to be proactive. Privacy isn’t the default mode of the Internet – the Internet does, after all, serve to connect people – so it is also important to understand the privacy implications of all our actions online. Data Privacy Day does well to play a part in this educational process.
– Sarah Zhang
Comment by Saqib Ali - November 13, 2008 @ 9:52 pm
What IS privacy?
The following are some notes from Dr. Helen Nissebaum’s lecture at Berkeley:
Privacy is not secrecy but rather appropriate flow of information.
# “Privacy is the right to control information about and access to oneself.” – Regan, P. M. (1995). Legislating Privacy: Technology, Social Values, and Public Policy. University of North Carolina Press.
# “Privacy is not simply an absence of information about us in the minds of others; rather it is the control we have over information about ourselves.” – Fried, C. (1984). Privacy (a moral analysis). In F. D. Schoeman, Philosophical Dimensions of Privacy (pp. 203-222). Cambridge University Press
# “Privacy is the claim of individuals, groups or institutions to determine for themselves when, how, and to what extent information about them is communicated to others. …..privacy is the voluntary and temporary withdrawal of a person from the general society through physical or psychological means, either in a state of solitude or small-group intimacy or, when among larger groups, in a condition of anonymity or reserve.” – Alan F. Westin, Privacy and Freedom (New York, NY: Atheneum, 1967).
# “A loss of privacy occurs as others obtain information about an individual, pay attention to him, or gain access to him. These three elements of secrecy, anonymity, and solitude are distinct and independent, but interrelated, and the complex concept of privacy is richer than any definition centered around only one of them.” – Gavison, R. (1984). Privacy and the Limits of Law. In F. D. Schoeman, Philosophical Dimensions of Privacy (pp. 346-404). Cambridge University Press.
# “Privacy is a limitation of others’ access to an individual through information, attention, or physical proximity.” – Ruth Gavison
# Common Law Right to Privacy (as defined by Samuel Warren and Louis Brandeis, 1890): An individual’s right of determining, ordinarily, to what extent his thoughts, sentiments, and emotions shall be communicated to others.
Pingback by DIY Web Hub » Blog Archive » Some Data Privacy Tips from the Digital Natives blog - November 20, 2008 @ 12:23 pm
[…] Natives, a website and blog at Harvard University, has a good post with some tips on how to think about privacy in using the […]
Comment by Club Penguin - November 21, 2008 @ 7:07 pm
#1 is something people overlook ALL the time. They don’t understand that those controversial pictures they posted, for example, are usually downloaded to someone’s computer or copied around the Internet just as quick as they realize they want to delete them. There are copies of things all over the net. I am always cautious of what I post and where I post it. Most of the time before I post something I asked myself the question if I really want this being able to come back to me. People just don’t use common sense anymore.
Pingback by diy web hub » Blog Archive » Data Privacy Tips from the Digital Natives blog - December 9, 2008 @ 12:17 am
[…] Natives, a website and blog at Harvard University, has a good post with some tips on how to think about privacy in using the […]
Comment by John Franks - January 28, 2009 @ 6:31 pm
Data Privacy Day? No wonder breaches continue and increase. It should be Data Privacy Millennium. Price Waterhouse Cooper and Carnegie-Mellon’s CyLab have recent surveys that show the senior executive class to be, basically, clueless regarding IT risk and its tie to overall enterprise (business) risk. Data breaches and thefts are due to a lagging business culture – absent a new eCulture, breaches will, and continue to, increase. As CIO, I look for ways to help my business and IT teams further their education. Check your local library: A book that is required reading is “I.T. WARS: Managing the Business-Technology Weave in the New Millennium.” It also helps outside agencies understand your values and practices.
The author, David Scott, has an interview that is a great exposure: www dot businessforum dot com/DScott_02 dot html –
The book came to us as a tip from an intern who attended a course at University of Wisconsin, where the book is an MBA text. It has helped us to understand that, while various systems of security are important, no system can overcome laxity, ignorance, or deliberate intent to harm. Necessary is a sustained culture and awareness; an efficient prism through which every activity is viewed from a security perspective prior to action.
In the realm of risk, unmanaged possibilities become probabilities – read the book BEFORE you suffer a bad outcome.
Pingback by diy web hub: learning + templates + other resources for diy web design » Blog Archive » Data Privacy Tips from the Digital Natives blog - March 2, 2009 @ 8:18 pm
[…] Natives, a website and blog at Harvard University, has a good post with some tips on how to think about privacy in using the […]
Comment by elottery - March 7, 2009 @ 1:59 pm
Theres that many personal sites online nowadays its hard to sometimes realise what you are atually putting online, alot of bookmarking sites for example, some less experienced internet users dont realise they are leaving online content.