Wearable gadget

Identity and Anonymity

In the coming years most of us will be carrying or wearing smart technology. How to manage the digital trails we emit in everyday interactions? We need solutions that can protect both our identity and our right to anonymity  Read More

Unexpected social connections

In the past couple of weeks there have been a series of articles raising concerns about the amount of personal data being published to online social networks and the potential for it to be used for ill intent.

There are two different scenarios people should consider before sharing personal information:

  1. Would I mind if a complete stranger knew that information?
  2. Do I mind what any of my ‘friends’ do with the information?

If the answer is Yes to either question think twice before putting that personal information online at all. That’s not to say sharing is inherently good or bad. But once you have shared information with anyone, you have lost control of it. If you answered ‘No’ to question two above, you answered ‘No’ to both.

Social Network Connections

Here is a simple scenario using Facebook. In the image above, the green buddy is you. The blue buddies are your ‘friends’. The red buddies represent everyone else with Internet access.

You set up your privacy settings so that only friends can see your personal information. Anyone who is on Facebook but not a friend will only see your name, nothing else. That’s your decision.  Sounds sensible. Sounds under control.

But if one of your friends decides to share information with their friends or third party applications, they may handover your personal information as well. It can be done in complete innocence and for good intentions – ‘I want to send birthday cards to my friends’, ‘Are any of my friends nearby to meet up with?’, ‘I’m interested in this group, I’ll add my friends to it as well’, ‘Has anybody in my network bought this <insert name of any item>?’ In the right context, all great stuff. But information about you has now been handed over to and stored somewhere beyond your control. The same applies to every application or web site that you allow to connect to your Facebook profile. Do you read all the terms and conditions, the notes about agreeing to data being stored indefinitely or granting access to other third parties?

It is not just you who decides how secure your personal information is. If you decide to share it with them, all your friends get to decide too. As do all the apps and web sites you connect to. And if you’re one of Facebook’s social butterflies, everyone gets to decide.

This doesn’t mean you should head straight to Facebook and switch everything off (too late for existing content anyway) but if you are going to participate in online social networks and care about what happens to your personal data, it’s a good idea to keep track of privacy settings and changes to policies.

If you’re not paying for a product, you’re not the customer, you are the product being sold. – Andrew Lewis

For Facebook and every application/advertising tool that uses it, it is in their best interests to get you to share your personal information. They will make it as easy and seamless to do as possible. And many will make it difficult or inconvenient to change those default settings to be more private. So think long and hard about what you want to share with anyone. And question whether having different privacy policies for everyone versus ‘friends’ actually means anything. A simpler (and more reliable) approach is to either share something with nobody or share with everybody.

A hassle, yes. But massive online social networks are still a young concept on the Internet meaning lessons will be learned the hard way. And everyone with a Facebook account can count themselves as one of the testers.


Lessons from Facebook’s experiments

[Update] Adding links and references as they bubble up on this topic…

There has been a range of news recently about Facebook’s latest approach to users’ privacy.

Wired has an article – Facebook’s Gone Rogue; It’s Time for an Open Alternative – explaining the concern being raised by many. By default, Facebook is now connecting and publishing every piece of data you choose to share on the platform. You may think you are only sharing your photos with your friends and family, but you are granting permission for Facebook to share your content with everyone and anyone on the Internet.

Robert Scoble has an article – Much ado about privacy on Facebook – with the counter argument. That we’re kidding ourselves if we ever thought anything we share on a computer, especially one connected to a network, is private. Facebook is just exploiting that which others have exploited less visibly (or easily – and that’s the key difference) in the past, and in the process helping people find what they need in ways Google never can.

Robert has a point. However the picture is a little more complicated. Not everyone wants to share their entire life online with everyone else and every organisation on the planet. Some people have very good and legitimate reasons not to. You could argue that such people simply shouldn’t be on Facebook. But in the past, it wasn’t a problem – the default behaviour in Facebook’s privacy policy was that information would only be shared amongst your network, which could be as large or small as you choose it to be. And your content stayed within the walls of Facebook unless you chose to opt-in to third party applications. That has now all changed and Facebook does not make deleting anything easy. Even if you choose to leave, if your ‘friends’ have already shared your content or tagged their own content with your name then your identity will continue to persist without you. And if you choose to stay, for certain content it is now all or nothing – if you try to opt-out of sharing with everyone then it will be removed from your profile and friends will no longer see it either.

Facebook is transitioning from a site for building social networks between friends to being one giant social network. A new mesh of connected personalised data is being created that has never before been possible. And that mesh is being shared with whatever organisations Facebook chooses to do business with. At the same time as we are seeing new tools arise that can mine massive amounts of data for patterns and profiling… We don’t yet know what all the implications – good and bad – will be. And whilst Robert highlights the good, history tells us there will also be bad. This is a live experiment that over 400 million people (and that’s just the active users) unknowingly volunteered to participate in.

Related Blog Posts


Other posts of interest on this topic:

March News and Links

Here’s a selection of links shared during February via Google Reader, Delicious and Twitter. Organised into the usual overlapping categories: Systems and the bits and pieces that make them work.Hot topic this month- games and reputation starting to be examined seriously as social media rumbles on into the workplace. Enjoy!





…and finally, finishing with the usual bit of fun. Well two bits this month as couldn’t decide between them:

1. Dilbert highlights a painful reality for too many projects


2. Why companies needn’t worry too much about how people blog – stuff usually catches up with you and lessons are often best remembered when learned the hard way…

I know what you bought last summer

The rumblings over Facebook banning Robert Scoble have opened up all sorts of conversations about who owns or controls your data – see also: Data as currency. One issue that has been highlighted is how easy it is for people to scrape enough information about you to form an identity. Scoble was running an automated script to pull out contact details by the thousand.

Yesterday, another related article cropped up on Techmeme – Sears Exposes Customer Purchase History. It appears that Sears added a feature on their web site where you could look up your purchase history. All you had to do was enter your name, address and telephone number. Trouble is, whilst you had to have an account and login to the site, you could then enter anybody’s name, address and telephone number to view their purchases. Somebody forgot to restrict access to only purchases associated with the authenticated user. Since the news became public, Sears have disabled the feature to sort it out.

But it does raise yet another warning about how easy it is for companies to accidentally make too much information public, be it downloading database records to a CD or making those records available online. Mash-up poor (or missing) security controls with automated scripts to gather contact details and our criminal friends won’t need to go phishing for dinner.

Data as currency

During the past 24 hours, there has been a flurry of discussion about Facebook banning Robert Scoble. Robert was running an automated script to scrape his ‘friends’ contact information (5,000 of them) out of Facebook. The script was being tested on behalf of Plaxo, an online address book that can automatically update contact details.

I think Facebook was correct in having a process that detected suspect behaviour and automatically disabled it. If only the HMRC could have implemented something similar, 25 million people in the UK wouldn’t be wondering if they are going to be the victims of identity fraud…

But the debate that is really kicking off is who owns the data that was being scraped – the service that stores it, the individual who posted it, or the ‘friend’ who has been given access to view it. This will be an ongoing argument for 2008 and Facebook will not have a monopoly on headlines. The Financial Times ran an article just before Christmas – The devil in the details – that explored the effects and cost of privacy breaches as more and more personal data is stored online. One particularly interesting scenario highlighted how government agencies are using data as currency:

¨While you can obtain [Transport for London’s Oyster Card] over the counter without providing personal de­tails, you can get a refund on a lost card only if you have given your name and address. So to get full economic value from an essential service, you must hand over your data. Is this informed consent, or de facto coercion?¨

It’s an interesting development. In the past, you would have just needed to produce a valid receipt to get a refund.

Related links:

Same But Different

[Update: 28th Dec] Link updated as the author has moved the post.

Google has been in the news over the past couple of days, introducing a feature that has upset a few people by opening up their ‘shared’ news items to everyone in their contacts list (as opposed to them notifying selected users to view their shared items). Check out the following link for a quick overview (bit of an extreme and inaccurate title, but hey ho) – Google Reader shares private data, ruins Christmas. One of the comments highlighted within the post is interesting from a different perspective:

¨Please fix this and let us OPT IN to who we want to share with… Don’t make me leave my Google apps¨

If you are using Google services, you get the same set of applications regardless of whether its for personal or business use. Chances are, you will use those applications in different ways depending on context. But it easy to forget what context you are in when everything looks the same. This has happened before…

Back in the early 90s, I was a local area networking (LAN) newbie, starting out with Novell NetWare 2.2. At the time, my lucky users had Windows 3.1 on their desktops. (If you remember GPFs, you’ll know just how lucky they were.) The network server sat in the office and nobody ever dared touch it. It was different. Physically, it looked the same (because it was, from a hardware perspective – aside from a whopping double the RAM at 8Mb). But the monitor displayed gobbledygook that looked nothing like the software on their desktop PCs.

After a couple of years, a mandate from above and beyond (ours was a small satellite office, HQ was in a land far far away) resulted in a network migration to Windows NT. When I first started to learn about NT, I hated it. For one simple reason. It looked just like Windows on the desktop. I could no longer risk leaving the server in the office. If someone was stuck with a GPF on their own computer, they might go and try using the network server, not realising it wasn’t just another desktop PC. If there was a problem with the network and I wasn’t around, the more ambitious users would have a go at fixing it. It looked similar to their desktop PC – the icons looked familiar – and they often figured the same trick of doing a reboot ought to sort it out… Thank goodness nobody had mobile phones back then, I could carry on at college blissfully unaware and sort out the mess the next morning. When the Finance Dept had enough of not being able to access accounts because somebody had crashed the network again, we converted a kitchen area over the weekend and, from that day forward, servers have been kept locked up in server rooms.

The Google-gate that has occurred over Christmas (and ditto for Beacon-gate that Facebook caused earlier this month) is history repeating itself. The challenge this time around is that business is being mixed with pleasure, providing plenty of opportunities for trouble and strife.

Google introduced a new feature to its Google Reader service – connecting Google Reader with Gmail. Anybody who had chosen to share items in Google Reader discovered that the items were now being shared with everyone in their Gmail contacts list. People have been upset because their Gmail contacts list contains a mix of contacts – friends, family, business, occasional communications etc. They are the same, but different. People didn’t consider ‘share’ to mean ‘share with everyone’.

Any software company that produces tools to be used in different contexts needs to be sensitive to the differences. And we. as users of those tools, need to be equally sensitive to the similarities. When you decide to ‘share’ something, it is no longer private. Yes, you ought to be able to opt in/out of new features when they are introduced. But web-based services make beta testers out of us all. Like it or not, you can’t choose to wait for service pack 3 to avoid unexpected outcomes. And if you use the same tool for both business and pleasure, be prepared for the two to mix…

*GPF = General Protection Fault, a regular occurrence in Windows 3.1 that would freeze the machine (this was back when there was no multi-tasking – if your computer was printing, you couldn’t even play Solitaire whilst you waited)

Security challenges in Web 2.0

An interesting blog post has highlighted how Gmail accounts can be hacked – Google Email Hijack Technique. Aside from the issue that it appears quite easy for someone/thing who knows what they are doing to start snooping on your email (more than slightly worrying), the blog post highlights a new security challenge for anyone beginning to rely on hosting data in ‘the cloud’ – i.e. stored on remote data centres and accessed using online services. Think Gmail, Flickr, YouTube, Facebook, Office Live, MySpace, LiveJournal, SalesForce

When viruses first appeared, the primary method of spread was through infected disks. People had a habit of leaving floppy disks in computers. When the computer was next switched on, a virus would copy across from the floppy disk (way back when, the floppy disk drive was the first item read when your computer started up and the most common form of network for file sharing). Your computer would start to behave oddly as files became corrupted and you lost all your data. People, through training, threats and learning the hard way through experience, began to get better at not leaving disks inserted in computers when they switched off. But it didn’t matter because the threat changed…

Along came email and networks. New ways of hacking accounts, crashing computers and corrupting data arose that no longer relied on a floppy disk to spread the havoc. And new challenges appeared – spam overwhelming inboxes, phishing scams persuading people to willingly hand over bank details. Whilst some attacks were purely web-based (fake sites pretending to be your friendly bank), the majority of attacks still focused on taking control of your computer and doing bad stuff with it. But having a computer crash has become less of a worry as more data is being uploaded onto the web. Our need to have our data available regardless of the device we happen to be using means our devices are more resistent to damage. If your computer gets hacked, wipe it and rebuild it, then re-sync with your online services. And so the threat changes again…

The Gmail exploit doesn’t care about your computer, or your mobile phone or whatever device you choose to use. It lives in ‘the cloud’, hacking directly into the online services that are hosting your data. If Gmail gets hacked, what do you do? You can’t just format and rebuild, as has worked in the past with computers. You don’t control the service or the computers where your data is stored. Instead, you have to trust Google (or whichever service provider you happen to be using) to fix the issue. It’s a different dynamic and one that will need to be considered by any organisation planning to switch from local servers to fully hosted services.

Technorati tags: Web 2.0; Enterprise 2.0; Gmail

Who controls your data

There is a bit of a furore going on over a piece of code being leaked to the web that enables you to crack HD-DVDs. However, one of the blog posts/news articles includes a snippet of information that I am more interested in, because it highlights a big flaw in the strategy for moving your data into the Internet cloud. Snippet from a blog on Wired, documenting a takedown notice from Google to someone using their Google Notebook application (bold highlighting is mine):

… Google has been notified, according to the terms of the Digital Millennium Copyright Act (DMCA), that content in your notebook Google Notebook Entry allegedly infringes upon the copyrights of others. The particular section of your notebook in question is the section covering www.digg.com/users/entangledstate/news/dugg

…. If you do not do this within the next 3 days (by 4/30/07), we will be forced to remove your entire notebook. If we did not do so, we would be subject to aclaim of copyright infringement, regardless of its merits. We can reinstate this content into your blog upon receipt of a counter notification pursuant to sections 512(g)(2) and (3)of the DMCA…

Back in March, I wrote a post – Google and Microsoft looking alike – talking about Google’s strategy for getting us to use their online services for storing our data. If they are happy to act as big brother on behalf of people who use the DCMA as an easy form of censorship, will we be comfortable to hand over the keys to our information?

Take a simple scenario. I use Gmail for email. Someone sends me an email containing content that might infringe copyright. Google receives a notification from the copyright owner and issues notices similar to the one above with 3 days to comply. I happen to be on holiday and don’t check my email, so have not even read the allegeded offending email, let alone seen the takedown notice. When I return to work, my entire Gmail account has been deleted. What if I ran my entire business using Google services? Would they all be deleted too? Hmmm…

I last blogged about the DMCA in January 2006 – Post and be damned. The NewScientist magazine had published an article examining the use of the DMCA as a form of censorship. One study found that 47% of takedown notices concerned material that would likely have been deemed fair use. However, the DMCA enables content owners to issue takedown notices without having to go to court, placing the onus on the individual to legally challenge them. Targeting the Internet Service Providers (ISPs) has proven effective – they will simply remove the content unless the individual web site owner is prepared to finance a legal challenge to the notice. Picking on Google (and any other player in the web software/services playground) makes it even easier. Google can simply shrug and say ‘we have to do this or else we would be subject to a claim’. But the impact on the individual or organisation targeted is now even bigger. You don’t just lose your web site, you could lose your entire ability to do business if you rely on web-based services…