About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« “Location-based” login protection | Main | Travel advisory »

Moving to Privacy 3.0

By Dave Birch posted Feb 25 2010 at 8:52 PM

[Dave Birch] A typically excellent piece from Jan Chipchase that I've continued to think about again and again since reading it. Commenting on the Facebook privacy stories that have were around recently, he asked whether the Facebook privacy "moment" is:

their Microsoft Moment, that point where the internal perception of themselves starts to significantly, negatively diverge from the public perception? Or will we look back on it as more akin to the iMac Floppy Moment where Apple launched said computer without, gasp, a floppy drive.

[From History's New Gatekeepers - Jan Chipchase - Future Perfect]

The idea that Facebook is the crucible in which new notions of identity and privacy are being forged is, I think, true to some extent. First of all, let's remind ourselves where the fuss started.

To make privacy simpler, Facebook's controls will be changed to permit sharing with three groups: "only friends," "friends of friends," or "everyone."

[From How Facebook's New Privacy Changes Will Affect You - NYTimes.com]

Never mind whether you think these changes were good or bad, the point I want to raise is that they shape young persons very ideas of privacy. In a funny way, for the coming cyber cohort, Facebook's privacy settings are privacy. We struggle with notions of privacy because our brains still think in terms of index cards, databases and junk mail but my eldest son's generation (Generation Whatever) do not: their notions of privacy are founded in social networking. They have no problem using "unfriend" as a verb.

But what are they doing? They may have taken on board the facebookisation of identity, but I'm not convinced they understand the googleisation. I can see that replacing old ideas about identity with an identity model that is based on relationships makes sense and is a good basis for developing the necessary paradigm, but the idea of identity as digital footprint, defining a persona as the sum total of all of the data about them, doesn't seem right. The issue may be something about control, as the future privacy paradigm will rest on a more active version of privacy than the simple ability to be left alone.

It's hard to think about this sort of thing, because it isn't the individual elements of the footprint that are important, it's the connection and processing of them to learn things that were not meant to be public, if you see what I mean. I may choose to let the public know Fact A and my friends know Fact B, not realising that knowing Fact A and Fact B will mean that some of my friends can deduce Fact C, which is something I wanted to keep to myself.

Many people approach the privacy problems arising from the collection and use of personal data from the angle of Orwell's 1984 Big Brother metaphor, which focuses on the harms of surveillance (social control, inhibiting free speech etc) - but in fact most collected personal data isn't sensitive in itself, its collection wouldn't inhibit free speech, and most people wouldn't care very much about its being collected.

[From Tech and Law: "I've got nothing to hide", rebutted - summary of Solove's paper]

Because can control relationships (because we can unfriend) we have an active privacy, but because we can't control how our collected (largely not sensitive) data can be trawled to create (potential sensitive) new data, we have a passive privacy. So what? Well, active privacy we need to educate people about but then leave them alone to determine how they want to use it, but passive privacy needs some form of regulation. I have no idea how this might work, so for the time being I'll stick to not using my real name on Facebook.

I wish my bank would do this for me, by the way. I'd really like Barclays to give me my banking persona -- let's call it motorhead!barclays.co.uk to revive an ancient notation -- so that I could use it to access all sorts of financial services. Then an evil spy trawling through data would find dave!birches.org doing some things and motorhead!barclays.co.uk doing some other things but only me and Barclays would know that these digital identities link to the same real identity. A more effective privacy management scheme then anything regulators might come up with, and an effective anti-churn play for Barclays as well.

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]


TrackBack URL for this entry:

Listed below are links to weblogs that reference Moving to Privacy 3.0:


The banking example you use is interesting. Sounds a bit back to the future ie like tried and tested Swiss numbered account system.

The comments to this entry are closed.