The Connection between Trust and Privacy in Social Networking
At Krowdthink we have spent a long time trying to determine the answer to this question. The answer is that no-one should really trust any online service completely because no-one can guarantee security of your data. However that does not undermine the value in building a company and product that aspires to being trusted. Trust is the missing component in our online engagements today – especially in social networking. Is our social network persona who we are in real life? Of course not – in the same way who I present myself as down the pub having a beer differs to whom I present myself as at work. But social networks in particular are building profiles of us that go deeper than what we present and are capable of determining our psyche over time, really determining who we are – empowering the commercial entity behind the social network with valuable insights to sell on – usually via advertising – except as soon as we click an advert we have confirmed that we meet that profile. That’s scary….especially as we don’t know who received that insight about us nor how they plan to use it. Lets not also forget those profiling us cannot guarantee the security of the data being held on us either. There is good reason why a hacked Facebook account sells for between 3 and 6 times more than a hacked bank account.
So what’s the role of privacy in achieving a potentially trustworthy (note not trusted) social network? To answer that you have to get into how privacy is managed in our daily lives, online or offline. It is ultimately about control. Control of what information I share with whom, when and where. Its an understanding that those with whom I share information can in turn be trusted and to what extent – and its also about knowing I can visit a recourse (tell them off, dismiss them as a friend etc) upon someone who violates those implicit bounds of trust that were given when information was shared, with both parties knowing this and consequence for both then motivation is in place to ensure appropriate use of information shared. In social networking terms – the right to delete is that power of recourse, or in other words a mean to remedy when data shared is used inappropriately by the social network service provider (data = profit for the social network business models du jour), or that I wish to change that information posted because it no longer reflects who I am.
But there are other issues – the issue of meta-data is the main one – when engaging online I leave clues as to who I am that have little to do with the content I post. When I connect, with whom, how often, who else is involved in the conversation etc etc. All this provides insights if its recorded, insights we are somewhat unaware are being collected. So a trustworthy social network would minimise this information. In fact in general data minimisation is the only defence against the hacker – store the least data needed to deliver the service to the end user. Make other social networks more interesting targets. Basically make the security walls high and the value of whats on the other side as low as possible.
In taking our social network into locations, we push the boundaries of what people will entrust to the social network service provider. In places the digital connection is more real – and because of that more private than the virtual cloud world most social networks live in. It is thus incumbent on any localised social networking service provider to balance the equation of trust though greater efforts to be worthy of that trust.
There is more to this trust model though – see our Trust Pyramid here http://krowdthink.com/privacy.php . For more insight listen to the Privacy Piracy Interview with myself on KUCI radio (www.kuci.org) 20th April 8am PDT (USA), 4pm BST (UK) and 5pm CET (Europe). KUCI will also make the interview available as a podcast after the event.
From → Uncategorized