Law firm fudges mailing list privacy and its own reputation

I received an interesting email this morning referring me to an email which a local law firm distributed to subscribers of its property-related mailing list. Ordinarily that isn’t the sort of thing which would garner much interest from me – property law is somewhat outside my usual scope. What caught my eye is the way this law firm emailed this particular issue. It listed every email address in the mailing list in the “To” field and the result is something like this:

BBMLaw mailing list

If you are wondering what the blue fuzz is, it is a partial screen shot of the distribution list, zoomed out to obscure the individual email addresses. The recipient whose response to the law firm was forwarded to me along with the original email had the following to say in his reply to the firm (this is a direct quote):

I find it extra-ordinary that your firm has revealed the private contact details of 1378 of your clients.

I am not a lawyer but I am pretty sure as a law firm that this is a MASSIVE breach of ethics and I certainly NEVER wish to be affiliated with your firm again. I am horrified my personal email address has been revealed by your firm to every person on this mailing list. There are VERY VERY VERY strict rules as to the data protection of your clients’ information but it seems your firm has opted to ignore these basic rules.

If this is how you treat my private email address goodness knowshow else you are treating your clients information!!!

The massive conflicts this emailcould create is shocking and I ask your firm to kindly remove my email address with immediate effect and not to EVER contact me again!

This blunder raises a number of legal issues. The one issue raised in the quote is legal professional privilege (commonly known as attorney-client privilege) which vests in attorneys’ clients. This privilege places restrictions on what information attorneys can disclose about their clients and the work they are doing. What is a concern about this email is that it potentially discloses information about the firm’s clients through their email addresses. That said, names of clients may not fall under legal professional privilege although this depends on the nature of the work being done for the client and any contractual restrictions between the client and the attorney.

Disclosing email addresses and, indirectly, clients’ identities may be a breach of confidentiality which is an implied term of an attorney’s contract with his or her client; a breach of non-disclosure provisions where the client has required the attorney to sign a non-disclosure agreement protecting its identity from disclosure.

Another concern is the simple disclosure of the recipients’ email addresses to each other. The mailing list apparently contains roughly 1 378 recipients and some of those recipients may prefer that their email addresses not be disclosed to each other. I hope the firm’s privacy policy covers this sort of disclosure and can sympathise with recipients who, like the recipient I quoted, are dismayed that their personal information could so easily be disseminated.

Of course this doesn’t reflect well on the firm itself which could easily lose a number of clients outraged at this blunder. The firm could also suffer reputational harm should these recipients discuss the blunder with their colleagues, friends and other parties. This disclosure could also easily undermine what must have been a fair amount of work that went into the database’s compilation and any goodwill the firm garnered through its publication in the time it has been distributed.

Leaving aside questions of confidentiality (and they are potentially very serious), not taking care to protect an email database from this sort of public disclosure could have equally serious privacy and reputational consequences for an organisation. I certainly would not want to be the firm’s directors when clients start calling about this.

Developing effective privacy policies

Overton Bernard with surveying equipmentPrivacy is a hot topic this year, perhaps even more so than last year. The Protection of Personal Information Bill is slowly making its way through Parliament and will, when it is finally passed and signed into law, have quite a profound effect on our privacy law as well as how privacy and personal information is perceived by the general public and Business. The anticipated Act will be the first coherent piece of privacy law, certainly in a post-Constitution South Africa and will give the right to privacy much needed substance.

I’ve written about privacy a number of times in the past and about the central issues and considerations when it comes to developing a sound approach to personal information. The Protection of Personal Information Bill will, when passed, require structures, policies and procedures to be established within organisations to ensure and monitor compliance with the Act. This process takes some time given that an organisation typically collects and processes personal information both internally and externally and must have policies in place to address both.

Privacy and personal information protection is rapidly becoming an urgent theme for organisations who have laboured under the misapprehension that, prior to this Bill, South Africa has lacked a body of privacy law and those organisations could act with impunity when it comes to how they approach personal information. It feels a little like financial institutions’ rush to sign up as many credit card customers as they could before the National Credit Act went into force a few years ago. What many of these organisations (and, regrettably, some of my colleagues) forget is that both our Interim and Final Constitutions have privacy rights entrenched by their respective Bills of Rights and our courts have developed a body of privacy law at common law which is reinforced by the Protection of Personal Information Bill.

In any event, the sooner organisations develop effective privacy policies the better. It is helpful to consider current best practices and draw on these examples when framing privacy policies. One company which has an appealing approach to its privacy policy is the location service, Foursquare, which not only has a very accessible privacy policy but has also compiled a handy guide to privacy and personal information in the context of its service. Foursquare’s approach to privacy is remarkable because of the lengths the company goes to educate its users about the privacy implications of using its service. Foursquare’s efforts include:

These documents are presented in plain language and the emphasis is on accessibility by non-lawyers (in other words, a minimum amount of jargon) and transparency about Foursquare’s practices and how it collects and processes your personal information. This approach is essential because for users to give their informed consent to have their personal information collected and processed, they must understand exactly what that entails and be put in a position where they can make an informed decision whether to use that service.

Facebook wants to expose your phone number and address

Facebook took a controversial step over the weekend that has privacy advocates concerned, again. The social network is now making users’ mobile phone numbers and addresses accessible to applications as distinct categories of personal information. Alternatively, as Jeff Bowen‘s blog post on the Facebook Developer blog put it:

We are now making a user’s address and mobile phone number accessible as part of the User Graph object. Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions. These permissions must be explicitly granted to your application by the user via our standard permissions dialogs.

Facebook received a fair amount of criticism about this move and, earlier today, announced, also on the Facebook Developer blog, that it would suspend this new functionality while it works to address users’ concerns:

Over the weekend, we got some useful feedback that we could make people more clearly aware of when they are granting access to this data. We agree, and we are making changes to help ensure you only share this information when you intend to do so. We’ll be working to launch these updates as soon as possible, and will be temporarily disabling this feature until those changes are ready. We look forward to re-enabling this improved feature in the next few weeks.

That said, these additional fields are likely to still be exposed to applications in some form or another once Facebook finds its way through this privacy minefield.

Why the concern?

Essentially Facebook proposed adding your mobile phone number and address fields to the categories of personal information developers could access if you granted the appropriate permissions to their applications. If you have been using Facebook for an appreciable period of time, you have probably encountered the Facebook permissions dialogue box along the lines of the one above. This is the mechanism by which applications secure your permission as a Facebook user to access your personal information contained in your Facebook profile.

These permissions tend to include access to your Wall, your friends’ lists, your name and profile photo. Where you give an application permission to access your personal information it is often used to give you a certain experience. For example, granting CNN access to your Facebook profile using Facebook Connect or the Open Graph API functionality gives CNN the ability to show you which of your friends read and recommended an article and publishes your comments about an article on your Wall. This functionality has some social value as friends’ recommendations may be relevant to you and highlight something you may not have discovered on your own. The challenges have been whether users are sufficiently educated about how using this functionality affects their privacy and whether they have adequate tools to do this.

ReadWriteWeb published a post yesterday titled “Facebook & Identity: The Continued Push Toward Becoming Your One True Login” (the title itself nicely summarizes why Facebook is doing this in the first place) which explores objections to Facebook’s plans and these objections largely focus on a perennial theme in Facebook privacy complaints: the degree to which users have meaningful control over their personal information.

Lack of granular control over profile information

One of the problems is how Facebook gives users the option to grant access to their profile information. The permissions are typically all or nothing and users are faced with a stark choice: agree to share their profile information and gain access to the application or refuse and lose out on the experience the application promises. Elias Bizannes summarized the issue quite nicely for RRW when he said the following:

“Something bugs me about the Facebook connect privacy options,” said Bizannes. “When you connect, you see what permissions you have to give, but you don’t have an option there to deny individual permissions.”

Facebook’s response to this criticism is that applications should only request the information they require at a bare minimum to do what they propose to do. Giving users the opportunity to pick and choose which categories of personal information to grant access to would mean that these applications would be hobbled and would not be able to fulfill their purpose. In the event an application mis-uses profile information or asks for more information than it requires, users have the option of revoking the application’s permissions. Its not clear to me whether revoking an application’s permissions would remove all traces of a users’ profile information from the developer’s control (I’m not familiar with how the profile information is passed to developers using the API) or whether the developer will still be left with the profile information passed along when permission was granted to the application.

One of the big problems is that abuses of this level of access to users’ profile information have occurred. These are worrying because of the detailed picture Facebook has of its users which makes Facebook extremely attractive to advertisers. Facebook knows who your friends are, where you live, what your interests are, where you spend your time and so on. This information gives advertisers the ability to target their ads pretty accurately and with a greater likelihood of a positive response. The dangers of giving developers access to such valuable stores of personal information was demonstrated by a company called Rapleaf last year.

Centralized identity

Chris Saad, a co-founder of the Data Portability Project, took issue with Facebook’s approach to identity, namely that it intends placing itself at the centre of your online experience with your Facebook profile as your core identity:

The problem is that Facebook has architected the whole thing from the beginning to be an exclusive hub and spoke relationship with them rather than a peer to peer relationship on the open web.

When you couple concerns about how much of your profile information developers have access to, the all-or-nothing approach to permissions and a centralized identity used to access an increasing number of social sites or sites with social capability care of the Open Graph API, you begin to appreciate both the value of a Facebook profile to advertisers (with a corresponding benefit to Facebook itself which relies of advertising revenue for a significant share of its income) and the risks to users’ privacy if they don’t fully appreciate that their activities on Facebook and on the broader Web may expose more of their personal information than they may intend.

To aggravate matters, Facebook’s privacy policy has frequently been criticized as being too complex for most users to understand, as are the privacy controls Facebook gives users to help them manage their privacy settings. Of course, changes to Facebook’s privacy policy has historically made managing privacy settings even more complex.

What now?

Fortunately, Facebook has decided to return to the drawing board and rethink how it proposes making users’ phone numbers and addresses available to developers in light of criticism it received over the weekend.

The nature of the profile information in question necessitates that Facebook take great care safeguarding this personal information when giving users the option to make it available to developers. While some people may not be too concerned about their mobile number being passed along to third parties, a person’s home address is particularly sensitive information.

While there may be value in being able to pass along your address and mobile phone number in more controlled circumstances to third party providers (you may want a retailer to know where to ship a purchase to you or get in touch with you to respond to a query); it is essential that this information is protected from abuse by unscrupulous third parties as well as from Facebook’s own tendency to change its privacy practices and expose more personal information than users initially anticipated.

While we can only hope that Facebook acts responsibly, users should also take responsibility for the personal information they make available on their profiles. If you are deeply concerned about Facebook passing along your phone number and home address, remove that information from your profile! I have often recommended that when it comes to personal information that people decide, in advance, which categories of personal information are most sensitive and to never publish that information online. This sensitive personal information may include home addresses, identity numbers, phone numbers, children’s schools and so on. That applies to Facebook as much as it applies to any online platform or service. You should assume that anything you publish online could be compromised and shared without your consent, regardless of Facebook’s best efforts to safeguard your information.

Facebook’s sleight of hand with Groups and profile information downloads

Facebook announced a number of changes on the 6th which signified a privacy and personal information control about-turn by the biggest online social network on the planet. I previously commented that Facebook has become something of a privacy fiend recently. Why did I say this? Here are a few reasons and approaches that concerned me from a privacy perspective:

  • Facebook makes determinations how users should be sharing their information or what the current trends are;
  • It then changes its privacy policy and terms of use to achieve these perceived changes to how personal information is handled; and
  • Facebook then opens users’ personal information up by default to align with its determinations of what the trends are or how it believes we should handle our personal information.

Since then, Facebook changed how much control users have over how much of their profile information is shared on the site by improving the privacy settings page. This was a welcome change coming on the heels of its latest push for even greater publicity.

Profile information downloads

Facebook’s announcements yesterday included two pretty substantial features or products. The first is a new feature which enables users to download all (everything except what users may have removed from their profiles beforehand) their profile information. This includes messages, updates and content. The feature will apparently compress everything into a zipfile and make it available for download. If you happen to use Facebook as your photo sharing website this could work out to a fair sized file (I am not sure if you can pick which categories of data to export). This is a good feature and it addresses one of the complaints about Facebook, namely that it has been very difficult to get your profile data out of the site. That said, Facebook still hasn’t made it easy for users to readily export their profile information to another social service as a data stream (I stand to be corrected here but I haven’t seen options like this in my profile).

New Facebook Groups

Another new product which Facebook announced, with much excitement, is a new Groups product (All Facebook has a terrific post about Facebook Groups which you should take a look at). This is a complete rewrite of the old Groups and is intended to help users segment their Facebook friends better according to social groups. Groups is also the most controversial of the new features/products. It is designed to replace the underutilized list functionality which Mark Zuckerberg said most users just haven’t taken advantage of as well as a way to create more specific communities of interest which are analogous to groups we have seen on services like Yahoo! Groups and perhaps even Google Groups.

While much was said about how Facebook Groups will enable users to better keep in touch with their friends, contextually, people who have started to encounter the new product have complained about how they are being included in Groups without first opting in to the Groups in the first place. As I understand the new Groups product, the underlying algorithms and/or group creators’ friend selections will help populate groups with members who appear to be appropriate members of those groups. In theory the algorithms should add your actual family members to your family groups, university friends to the university groups and so on (I am still a little unsure about this aspect of Groups but Mark Zuckerberg did mention the role algorithms play in his presentation). In another All Facebook post highlighting the problems with the new Facebook Groups, Nick O’Neill pointed out the following:

There have been a number of complaints from users, most significantly that group membership is now opt-out. That means your friends can instantly subscribe you to noisy Facebook groups. If you woke up today and had a bunch of notifications, the main reason is probably that you were subscribed to groups by your friends who thought they were being kind. The problem is that I need to manually go in an unsubscribe from all the notifications I receive from noisy groups because my friends have added to them. This is more work for me to do!

The problem with this approach is that users will find themselves pulled into Facebook Groups they may still prefer to be left out of. The old Groups and (current) Pages still require users to opt-in to be part of the Groups or Pages. The new Groups changes that option and forces users to opt-out of the Groups they don’t wish to be part of. Why is this such a problem? Well, one of the ways the new Groups product works is as a sort of mailing list:

When a group member posts to the group, everyone in the group will receive a notification about that post. Now I won’t have to guess anymore about whether my parents saw the pictures I posted of their grandkids; when I post in my family group, I’ll know that they’ve been notified about it and that only they will see it. Since information posted in my new groups is only visible to group members by default, I can feel confident about who sees what I post.

Another concern is that group members can’t hide the new group chat functionality. As Nick points out:

Yesterday, many users quickly realized that group chat is annoying as hell … especially if you are a member of a large group. Suddenly your browser tab is flashing every couple of seconds to let you know that someone else has posted a message. The only way to shut off a group chat room at this point is to shut off chat all together. In other words, there’s way too much noise. My guess is that Facebook will make it possible to hide a room’s chat at some point.

Conversely, I’ve found that by popping out the Facebook chat it can suddenly become manageable in that you can hide the chat window behind other browsers. Something about this doesn’t feel right though.

What strikes me is how disingenuous Facebook has been about Groups and how, despite its emphasis on improved user control over their privacy and profile information, Facebook is up to its old tricks again. Take a look at this video introducing Groups. Do you see any indication that users could be added to groups without their consent and practically spammed until they either give in or opt-out?

A number of other high profile personalities have similarly criticized Facebook for its blunder. Mathew Ingram mentioned a number of responses in his GigaOm post. Here are a few of the reactions:

p>Anil Dash, founder of Expert Labs, said Thursday morning on Twitter: “Oh, Facebook. I wanted to like groups, but now I’m on 50 unwanted email lists. More incompetent defaults, or an attempt to undermine email?” Others complained about a deluge of auto-add emails from Facebook Groups, including Daniel Victor, the online community manager for TED.com, who said Thursday: “I’d rather be invited than added to a group on Facebook. Woke up with 45 unexpected e-mail notifications today. Spammer’s dream.” Among those who also weren’t impressed with the rollout were technology blogger Dwight Silverman and Socialtext co-founder Adina Levin, who said that the current implementation of the Groups feature “has some serious social design flaws.”.

Jason Calacanis has been a pretty vocal critic for some time now and his email to Zuckerberg and Facebook COO Sheryl Sandberg is worth reading too.

So where does this leave Facebook users? Well, for now it seems that as Groups rolls out to Facebook’s 500+ million users, more and more people will find themselves inundated with emails from groups they have been opted into. In South Africa this presents a real challenge because, as I have mentioned previously, our changing privacy legislation is requiring a shift from opt-out mailing options to opt-in. This potentially places Facebook at odds with the law from a consumer protection and privacy perspective largely because Facebook’s privacy policy does seem to include consents to be spammed the way Groups spams users who are subsumed into the application. The closest the Facebook privacy policy comes to dealing with Groups is what it says about the Facebook Platform and 3rd party applications:

4.  Information You Share With Third Parties.

Facebook Platform.  As mentioned above, we do not own or operate the applications or websites that use Facebook Platform. That means that when you use those applications and websites you are making your Facebook information available to someone other than Facebook. Prior to allowing them to access any information about you, we require them to agree to terms that limit their use of your information (which you can read about in Section 9 of our Statement of Rights and Responsibilities) and we use technical measures to ensure that they only obtain authorized information.  To learn more about Platform, visit our About Platformpage.

Connecting with an Application or Website.  When you connect with an application or website it will have access to General Information about you.  The term General Information includes your and your friends’ names, profile pictures, gender, user IDs, connections, and any content shared using the Everyone privacy setting.  We may also make information about the location of your computer or access device and your age available to applications and websites in order to help them implement appropriate security measures and control the distribution of age-appropriate content.  If the application or website wants to access any other data, it will have to ask for your permission.

We give you tools to control how your information is shared with applications and websites that use Platform.  For example, you can block all platform applications and websites completely or block specific applications from accessing your information by visiting your Applications and Websites privacy setting or the specific  application’s “About” page.  You can also use your privacy settingsto limit which of your information is available to “everyone”.

The trick with Groups, though, is that it isn’t a 3rd party application. It is a Facebook application and users can’t remove it like they can 3rd party applications. That leaves users in a position where they can (and probably will) be co-opted into Groups whether they like it or not and associated with Groups created by other users, regardless of whether they want to be part of those groups initially (users can opt-out of these groups but consider what that would involve if even half your Facebook friends added you to a group). The EFF addressed this in their recommendation to Facebook in a post titled “Facebook Moves Closer to EFF Bill of Privacy Rights” (I don’t share the EFF’s optimism):

Recommendation 3: As a strong proponent of the power of anonymous and pseudonymous speech, EFF further recommends that Facebook also allow for another category of groups: anonymous groups. There are many people, such as violence survivors or HIV positive individuals or religious groups, who may want to have a group discussion without revealing their identities. Facebook should enhance the Groups feature by allowing for the creation of groups where the membership list is secret from members (i.e. just available to the group’s administrators, if anyone), and where group members can interact using pseudonyms rather than their real names.

Our longstanding concern for anonymous speech aside, though, EFF is very pleased with today’s Groups revamp, which we hope will provide users with a powerful new tool for managing their privacy on the Facebook site.

Bottom line with Groups is that the opt-out nature of Groups and users apparent inability to pre-approve their addition to other users’ groups is problematic. The big question is whether users will care about this abuse of their profile information beyond the inconvenience of having to opt-out of all the groups they are added to? My guess is probably not and that is based on the relatively small opposition to Facebook privacy abuses in the past by users. It is still something to be borne in mind, though.

Applications and privacy

The third big announcement was an improved dashboard where users can better control how applications make use of their profile information. Facebook has shifted the responsibility for privacy issues relating to 3rd party applications to 3rd party developers and this new dashboard gives users more information about what personal information these applications use. Ironically Facebook gives users more control and information over 3rd party applications although it leaves it up to them (and requires them) to develop and abide by their own privacy policies and processes.

Like the ability to download your profile information, this is a very positive step. Anything that gives users better control over their personal information and how applications use that personal information is a good thing all around. Better information about how this personal information is used is an essential component of informed consent which is, in turn, the goal of a good privacy policy.

Rounding it all up

Facebook took very positive steps with two of the three new features/products it announced. At the same time it reiterated its complete failure to appreciate the need to give users meaningful control over other aspects of their profile information when it comes to Groups. This does seem to be a fairly typical approach, though. It may be motivated by a genuine desire to bring users into the Groups fold and show them the benefits of the product but just as Google fumbled doing a similar thing with Google Buzz when it launched, Facebook has messed this one up quite badly. what remains to be seen is whether Facebook will act quickly to address these concerns or will simply ignore the vocal minority like it usually does.

Lessons learned from Google’s Transparency Report

Google makes a number of people nervous when it comes to personal information and has made its share of mistakes. That said, Google has also made significant strides in giving its users greater control over their personal information on its servers. While users have a pretty good idea what personal information Google has collected from them and have options when it comes to getting that personal information out of Google’s services, the one area which Google has remained somewhat opaque about is what personal information Google has been giving government agencies behind the scenes … at least until now.

What many people may not realise is that Google can be compelled to hand over users’ personal information to a variety of government agencies, worldwide. This may be in terms of local regulatory or law enforcement mechanisms. Google’s privacy policy deals with this and states that it may hand over your personal information when faced with such requests:

Google only shares personal information with other companies or individuals outside of Google in the following limited circumstances:

  • We have your consent. We require opt-in consent for the sharing of any sensitive personal information.
  • We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures.
  • We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of Google, its users or the public as required or permitted by law.

This is not unique to Google and you will find that virtually all companies that take privacy policies seriously will have provisions that inform you about their obligations to hand over personal information in these circumstances.

While Google is required to comply with many of these requests, it has taken a rather bold decision not to hide these requests from its users and, in fact, to expose these requests in an aggregated form to its users through what it calls its Transparency Report. This initiative makes sure that users know which countries make requests of Google and how Google generally responds to these requests:

Transparency Report - Government Requests

The Transparency Report also reveals how much traffic its various services receive. This data can be broken down by region too:

Transparency Report - Traffic

Online privacy is a tough challenge to meet and Google has made its share of mistakes. That said, the search giant is also at the cutting edge when it comes to giving users better information about what it does with their personal information. This latest initiative reminded me of the recent PigSpotter debate and subsequent reports how local law enforcement is dealing with the PigSpotter phenomenon – poorly. The Transparency Report seems to stand in stark contrast to efforts to clamp down on PigSpotter by, among other things, reportedly conducting illegal searches of motorists’ mobile phones for hints of their involvement in the PigSpotter phenomenon. It also stands in stark contrast to the South African government’s efforts to implement its controversial Protection of Information Bill which will likely take media freedom back at least two decades and cripple the right to freedom of expression for the sake of avoiding the embarrassment of having politicians’ failings exposed in the press.

Google’s Transparency Report is a reminder of the need for a degree of transparency and the accountability that transparency brings. It is also a reminder that companies like Google can still be required to hand over personal information to government agencies which may not share Google’s respect for your personal information (its only fair to note that my perception of Google’s respect for privacy is not universal and there are valid criticisms of Google’s handling of personal information). We can only hope that this spirit of transparency and respect for privacy visibly filters through to our government agencies and authorities.

As an aside but on a related note, take a look at this video if you are curious about Google’s approach to privacy generally. Also be sure to take a look at Google’s Privacy Centre for more information.

Privacy is about choice

The recent controversy about Facebook’s privacy settings and the (once again) updated privacy controls highlighted both misconceptions about what privacy is and what it isn’t in the context of the social Web. The new controls are aimed primarily at making managing Facebook privacy settings a little easier to manage. This is about being able to control –

  • what personal information is published;
  • how much personal information is published;
  • where your personal information is published;
  • who can see which personal information; and
  • how long that personal information is made available.

Privacy has become more about informational self-determination – each person’s ability to decide what becomes of their personal information. Facebook has been a bit of a cowboy with users’ personal information for some time now and the primary concern, as I see it, is that Facebook has decided, from time to time, to expose more of users’ profile information to the public Web and make that level of disclosure a new default. It has also progressively changed its privacy policy to allow for greater transparency. What it has done is severely limit users’ choices to the point where their choice has become whether to include information on their profiles or not, bearing in mind that any of their personal information could suddenly be made public.

A number of the Web’s more prominent pundits seemed to focus on the “privacy as secrecy” issue and missed what I believe is the more important point: privacy on the social Web is about choice, not secrecy. I talked about what I called the “privacy myth” in a post I published last year where I explored this idea in some detail. Its worth repeating a point I made in that post here:

In this context, privacy online becomes an exercise of identity management rather than a question of total control. When it comes to identity management the emphasis shifts from controlling whether and how much personal information is published to asserting a claim over personal information about you in an effort to create a more cohesive and accurate identity online. One of the reasons to do this is to reduce the risk of identity theft by providing a readily ascertainable body of information that represents you and which you have asserted is about you. A good example of a service that helps people do this is ClaimID which gives users an opportunity to state which websites, services and published information is linked to them and how.

When it comes to “privacy as secrecy”, users’ choices become pretty binary: either publish information or don’t. Facebook has taught us that even the biggest social services can be untrustworthy and any personal information you publish can be exposed when the company changes its policy. Of course that personal information could also be exposed through glitches, caching services, profiling efforts and aggregation services and functions. The point is that anything published online can be made more public than you may have wished or intended so a wiser approach is to decide, in advance, which personal information absolutely can’t become public and that personal information must never be published online. This sort of personal information may (and arguably should) include the following:

  • your home address;
  • your childern’s school;
  • your identity number (although disclosing full birthdays erodes this); and
  • credit card and other sensitive banking information.

Beyond that personal information which you hold most dear, you should assume that everything else could be made public without your specific consent and without you being made aware of it. That isn’t to say you shouldn’t still take advantage of your preferred social service’s privacy settings – you should.

FB privacy controls

Make a point of investigating these privacy controls. Ideally they should be intelligible, subject to clear privacy policies and guidelines. Facebook has failed here too with an overly complex privacy policy and privacy framework. It is trying to remedy this with its new Privacy Guide but I wonder if it isn’t adding more layers of complexity. Facebook, and perhaps other social services, has a vested interest in exposing as much personal information as they can. It increases the value of the service to other users. Imagine how appealing Facebook would be if you couldn’t find your friends because their basic personal information was restricted from public view. These interests can often be at odds with users’ preferences so it becomes really important to make sure you understand the relevant privacy controls and adjust them to suit your preferences.

The time may come when users’ choice is whether to remain on a social network or not. A number of people publicly terminated their Facebook profiles recently after the controversy following the F8 conference. I was tempted to delete my profile too but the problem with that is that doing so would remove you from one of the biggest social ecosystems online today. Facebook reportedly has around 500 million active users. That is a powerful network to be part of and removing yourself from it altogether is a pretty drastic step. That said, Facebook still has a long way to go to regain users’ trust (mine included) so the prudent course of action is to be more guarded about what you publish and how public you make that information.

Fortunately the new privacy controls do seem to give users more control over their personal information. That level of control extends to personal information Facebook previously deemed to be public by default as well as applications which can access users’ profile information. It was an important turning point for Facebook and a healthy reminder that Mark Zuckerberg doesn’t know best. Users are the best arbiters of how their personal information should be handled and what should be done with it. Services like Facebook shouldn’t interfere with users’ right to choose. Doing so makes profound inroads into users’ privacy.


Image credit: “Is this how the web looks to Facebook?” by Robert Scoble, released under a Creative Commons Attribution 2.0 license

Manto v Sunday Times judgment a victory for free press

The judgment handed down last Friday has been hailed as a victory for the Health Minister by some publications and as a victory for the Sunday Times by others. Neither party is able to declare an outright victory in this matter. The Minister was successful in having her medical records returned to her or her hospital on the basis that they were unlawfully obtained. On the other hand, the paper was given the go ahead to report on the matter based on notes taken by the journalists and information given by their (lawful) sources.

This judgment was, however, a great success for the press and freedom of expression. The relief the Minister sought was, in addition to return of her medical records, that the paper be interdicted from publishing their comments based on her medical records. The judge had the following to say as he began to address this claim:

Freedom of the press does not mean that the press is free to ruin a reputation or break a confidence, or to pollute the cause of justice or to do anything that is unlawful. However freedom of the press does mean that there should be no censorship. No unreasonable restraint should be placed on the press as to what they should publish.

The judge dealt with the tension between the freedom of the press which has its support in the freedom of expression and the Minister’s right to privacy and dignity. He also commented on the fact that the Minister, as a public figure, is subject to greater scrutiny than a person who is not a public figure although the judge drew a distinction between the press delving into the Minister’s activities as they pertain to her public office and her personal life that is unrelated to her position in the public eye. Just because you are a public figure does not mean that every aspect of your life is an open book to the press.

Because the Constitution is the standard by which all law in South Africa is to be measured, cases such as this one will almost inevitably involve a balancing of rights and Constitutional imperatives. This is a great judgment to read if you are interested in how this balancing is achieved, particularly in this area.