Upload
stijn-bannier
View
783
Download
5
Embed Size (px)
DESCRIPTION
Presentation for IAMCR 2010.
Citation preview
Online information revelation and privacy. Moving from opt-out to opt-in?
19 July 2010, IAMCR, Braga, PortugalChris Vleugels, Griet Verhenneman, Stijn Bannier
Web 3.0 has arrived
• User-generated and machine-generated content• Personalised information & recommendations
Opportunity for efficiency but threat to privacy?
• Cases: Facebook’s privacy policy vs. Flemish research project CUPID
Online information revelation and privacy.Moving from opt-in to opt-out?
• Interdisciplinary research project in cooperation with industry and academics
• Supported by IBBT
• Seeks innovative solutions to aggregate, categorize, personalize and distribute enriched cultural information
The concept of privacy
Is the end of privacy near?
"The age of privacy is over” Zuckerberg (Facebook)
Is the end of privacy near?
“You already have zero privacy, get over it” McNealy (Sun Microsystems)
Is the end of privacy near?
“It is just as difficult to live in a self-made hell of privacy as it is to live in a self made hell of
publicity” Micheal Hutchence (INXS)
Is the end of privacy near?
“Privacy is not hiding behind screens when we do something naughty or embarrassing, privacy
is intrinsic to liberty” Scheinder (security technologist)
Is the end of privacy near?
“Privacy is not something I’m merely entitled to, it’s a prerequisite”
Marlon Brando (actor)
Is the end of privacy near?
“It was said of me that I suffered from an Obsessional Privacy.
I can only suppose it must be true”Dirk Bogarde (actor and author)
Facebook’s evolving privacy policy
• Main idea: connecting people• With friends• With interests
• Promise privacy of the user at the center• Default setting: strictly limited to approved friends
• However throughout the years• FB Beacon, FB Connect, Transition tool, Open Graph
• => Forcing users to accept opt-out services
Facebook’s evolving default privacy settings
Reactions on Facebook
Pages
Groups
Reactions on Facebook
Petition
Tools
All these initiatives represent a small minority of the FB community
Initiators are not the average Facebook users, but privacy organisations
Other indicators
Quit Facebook Day 31/05
Figures revealed by Facebook
A third of Facebook users customized their privacy settings after the policy changes in December 2009 (transition tool)
More open, closed or no change at all?
Alive or not, but still protected
“I am surprised by this sudden change of policy. I can’t understand that, because it is in the interest of social network
sites to give users control of their privacy” Vivianne Reding
“It is unacceptable that the company [facebook nvdr.] fundamentally changed the default settings to the detriment of
the user” Article 29 Working Party
Alive or not, but still protected
Europe guarantees protection of personal data through the Data Protection Directive (46/95 EC)
Social Network Sites do process personal data
• Personal = relating to identified or identifiable natural persons
• Processing = any operation or set of operations performed upon personal data
The Data Protection Directive is based on 4 principles:
• Proportionality
• Finality
• Transparancy
• Legitimacy
Data Protection Principles
Proportionality and Finality:
need to know NOT nice to know
✗ No one can collect data for the purpose of collecting
Data Protection Principles
Transparancy:
Fair processing THROUGH a guaranteed minimum level of information
✗ Unaware users are vulnerable users
Data Protection Principles
Legality:
processing after NOT before user consent
✗ Consent = opt-in ≠ opt-out
Moving from opt-out to opt-in
• A user-centered privacy approach• In control & ability to tweak• Transparent recommendation engine
• Gives a justification of the recommendations and profile use and creates greater commitment
• Leads to knowledge, trust and involvement with complex data flows
• CUPID’s cultural profile as a personal tool to structure an experienced abundance of event information
To conclude: Trading of privacy for personalisation?
• Facebook’s opt-out model guarantees the largest possible database … as it is a profit-organisation
• CUPID shows that privacy-friendly personalization services and social networks compliant with European Data Protection principles are possible and may be appreciated
• In a user-driven and participatory media environment consumer awareness, media literacy and self-protection are important in order to exercise power • Opt-in can further enhance users’ power• Allow changes to settings after consenting!
Thanks for listening!
[email protected]@law.kuleuven.be