Security, Privacy, and Policy in a Web 2.0 World: Privacy

Privacy in a Web 2.0 World

Along with security, the introduction of the Web 2.0 has produced a number of user privacy issues. As has been mentioned, many Web 2.0 applications are dependent on user contribution. Such contributions reveal individual pieces of information about the user. When these individual pieces coalesce a number of additional conclusions regarding the user can be deduced. This sorting of relevant user data is often referred to as data mining. Data mining techniques are commonly used by enterprises to improve business and organizational intelligence, however often done so unbeknownst to the user. Data mining can also be used perniciously by those wishing to fraudulently pose as someone else.

Many also feel data mining imposes on one’s privacy and challenges our individual civil liberties. Just recently the National Security Agency (NSA) has been criticized for warrantless surveillance and unlawfully obtaining phone records from a number of large scale telecommunication companies in efforts to combat terrorism. These records were used as tools to devise connections regarding possible terrorist activity. However, many privacy advocates feel this government effort overstepped its boundaries and jeopardized the constitutional rights of U.S citizens. The NSA warrantless surveillance controversy made it blatantly apparent how powerful data mining is and the degree to which it can affect an individual’s privacy.

The coming of Web 2.0 has also spawned a number of new online communities called social networking sites. A social networking service develops on online community for those who share interests and who are intrigued to explore the interests of others. Such Web applications are composed of various mediums for users to interact including messaging, email, chat, blogging, discussion groups, and video or file sharing. These social networking sites generally leave users the option to disclose as much information regarding themselves as they like. As a result, many users are revealing too much personal information not consciously acknowledging the number of potential problems that may arise.

Daniel Solove, a law professor at the George Washington University Law School, discusses in depth a number of significant privacy issues induced by Web 2.0 social networking sites and the evolution of the information age. In his “Taxonomy of Privacy” paper he focuses on four main privacy issues including information collection, information processing, information dissemination, and information invasion followed by the individual problems associated with each primary issue. Some of the main problems that arise corresponding with the Web 2.0 world include unknowledgeable surveillance, uniquely identifying information, secondary use, disclosure and exposure, blackmail, and distortion.

Unknowledgeable surveillance simply refers to the observation of an individual by a third party without informing or obtaining proper consent from the target individual. Instances of unknowledgeable surveillance that become public such as the government’s warrantless surveillance controversy install fear, anxiety, and discomfort in individuals. What if a similar scenario such as the NSA controversy were to take place in the Web 2.0 world?

As we know, many Web 2.0 applications are dependent upon the contribution of user data. What if, hypothetically, these Web 2.0 organizations began to unknowingly share and amalgamate user data from their individual user data pools? They’d be able to data mine immense sums of user data and learn significant information about individual users including their habits, likes, dislikes, vices, etc. But wouldn’t these organizations have to acknowledge this was going on and inform users in their privacy policy? Yes, but chances are it’d be done so inconspicuously. Besides, these organizations regulate themselves so who knows if they’re actually following through with there privacy policy verbatim. Also, how many individuals do you know that actually take the time to read over an organization’s privacy policy before making an account and contributing to the site?

The next privacy issue surrounds exchanging and protecting uniquely identifying information. Uniquely identifying information refers to any form or forms of information that directly correspond to a single individual. Obvious examples include credit card and social security numbers because they are unique to a single individual. Solove states that such identification material “enable us to attempt to verify identity—that the person accessing his/her records is indeed the owner of the account or the subject of the records.” Such uniquely identifying information is very powerful and often sought after by cyber criminals.

In today’s Web 2.0 world users may expose information that can be used to uniquely identify themselves. Social networking sites like MySpace and Facebook leave it to an individual user’s intuition in determining what personal information to publish. It’s conceivable to believe that some of this information disclosed could be rapaciously used to carry out acts of fraud, blackmail or stalking. It’s important for such Web 2.0 sites to protect there users and make sure they don’t reveal too much personal information.

The next Web 2.0 privacy issue worthy of discussion is that of “secondary use”. Solove defines secondary use as “the use of data for purposes unrelated to the purposes for which the data was initially collected without the data subject’s consent.” It is most commonly associated with targeted advertising. In today’s Web 2.0 world a user may submit or contribute some form of data that may reflect his/her particular interests. That user data may be sold or distributed to a third party in order to customize advertisements to better entice the user as a potential consumer.

Instances of secondary use can cause a number of problems. “It creates a dignitary harm, as it involves using information in ways to which a person does not consent and might not find desirable. Secondary uses thwart people’s expectations about how the data they give out will be used” (Solove 520). As a result, users may submit falsified information if they suspect there information will be re-used for other purposes. Such contributions of inaccurate data take away from the beauty and resulting benefits of Web 2.0 application use.

The last privacy issue worth looking at is the concept of distortion. Distortion is defined as “the manipulation of the way a person is perceived and judged by others, and involves the victim being inaccurately exposed to the public” (Solove 547). Inaccurate user data, whether it is submitted by a user or a user’s peers, can dramatically influence the way in which society views an individual. In many cases distortion can result in embarrassment, humiliation, and harm to one’s reputation.

It isn’t difficult to see what potential role distortion of user information can play in our Web 2.0 world. On Facebook or MySpace, if inaccurate data is out there regarding an individual it is accessible to a vast number of other members in the community. Web 2.0 increases the speed at which information can be disseminated meaning an individual’s distorted information can spread rapidly. This makes it very difficult for users to fix their data and get the correct information out there. Users must be careful and monitor the way in which their information is shown and portrayed. It is important to understand that once information is out in cyberspace there’s no turning back.