Wednesday, October 17, 2007

Facebook ordered to get tougher on privacy for children

In response to a spate of issues involving sexual predators using MySpace, Facebook began promoting itself as a safe online environment for children. To test their claims, investigators from the New York Attorney General’s office posed as teenagers and within a matter of days after posting their profiles on Facebook, had received numerous sexually suggestive messages from adults. Their complaints, registered using Facebook’s online form, went unanswered for weeks.

As a result of their investigation, New York state prosecutors accused Facebook of false advertising and the New York Times reports that yesterday, Facebook was ordered to immediately post stronger warnings about the risks to children using the site and to provide a quicker response to thousands of complaints daily about inappropriate sexual messages.

The changes are part of a settlement with the New York attorney general, Andrew M. Cuomo, whose office last month announced that it had been investigating whether the Web site misled users by promoting itself as a place where minors were safe from sexual predators.

Mr. Cuomo said the settlement would serve as a “new model” under which law enforcement and Internet companies could work together to protect children and recognize that they share responsibility to police illegal activity online.
By using consumer-protection laws to tackle the thorny problem of Internet safety, Mr. Cuomo appears to be building on the tactics of his predecessor, Gov. Eliot Spitzer, who used state laws to prosecute fraud on Wall Street.

“Any site where you are attracting young people, you must assume you are simultaneously attracting those who would prey on young people,” Mr. Cuomo said in an interview. “Whether you are a shoe company or you’re an Internet company, consumer protection laws apply.”

Chris Kelly, Facebook’s chief privacy officer, stood beside Mr. Cuomo to announce the deal and called the settlement part of the company’s effort to grow while maintaining users’ sense of safety and community. “We actually think we’ll end up attracting more people” because of the new measures, he said.

The settlement also requires Facebook to hire an independent company to track its responses to complaints and to report twice a year to Facebook and the attorney general.

In an earlier post, I expressed concern about Facebook’s default “wide-open” privacy settings and their announcement that profiles would be made available to third parties and eventually over the Internet using an automatic opt-in model. I complained to Facebook about this practice and my particular concern about the risks to minors. While their response was timely, coming within a few days of my original complaint, it completely skirted my concerns about using a negative opt-out, as well as the issue of putting children at risk:

We appreciate your feedback and will take it into consideration moving forward. Please keep in mind that a public search listing is simply a basic search result that allows people to know that you have a Facebook profile even if they do not yet use the site. Your public search listing will only be available if you allow “Everyone” to search for you on Facebook and have the “Allow anyone to see my public search listing” checkbox toggled on. You can adjust these settings from the Search section of the Privacy page.

Also note that people who do not yet use Facebook will not be able to interact with you or view your full information without registering with the site. Your public search listing will not affect any of your normal Search privacy settings. A non-Facebook user viewing your result would see the same search result if they registered with the site.

Your public search listing will also eventually appear in search engine indexes, making it even easier for your friends to connect with you. To change this option, please go to the Search section of the Privacy page and deselect the option to “Allow my public listing to be indexed by external search engines.”

By more efficiently connecting people, we hope that we can make your experience more meaningful on the site. Let me know if you have any further questions.

Thanks for contacting Facebook,

Customer Support Representative
If Facebook truly cared about their users' privacy, and particularly the privacy of minors, their user profiles would default to allow maximum privacy, allowing users to choose to opt in to make their profiles available for searching on the Web. In light of these kinds of policies and their response to valid privacy concerns, it’s encouraging to see the privacy practices of social-networking sites like Facebook coming under closer scrutiny, particularly with respect to the safety of children.

Tuesday, October 9, 2007

Librarians: best knowledge managers for our new world

From the b.eye Business Information Network, Dr. Ramon C. Barquin has an informative article about the role that modern librarians can play in the brave new information world.

If there is one profession that has traditionally been underutilized in terms of the contribution they can make to business intelligence and knowledge management, it is the librarians.

...Finding anything and making sense out of it as we move from intelligence to knowledge will be very challenging. ...I would take every major portal where navigation is a problem and give a group of librarians the job of improving it.

...That is where librarians can make a big difference. Give them the right tools, and they will become the best knowledge managers for our new world.

Read the rest here.

Saturday, October 6, 2007

Homeland Security's Chertoff: more surveillance, less privacy

Americans are increasingly more willing to trade privacy for security, according to a recent Washington Post poll, and comments by Michael Chertoff, U.S. Secretary of Homeland Security at the International Data Protection and Privacy Commissioner's conference in Montreal earlier this week reflect this outlook.

Michael Geist reported on the BBC news site about Chertoff’s presentation at this year’s global privacy conference, where the theme was “Terra Incognita”, the latin term for unknown lands:

In a room full of privacy advocates, Chertoff came not with a peace offering, but rather a confrontational challenge.

He unapologetically made the case for greater surveillance in which governments collect an ever-increasing amount of data about their citizens in the name of security.

For example, in support of his security agenda, he noted that US forces in Iraq once gathered a single fingerprint from a steering wheel of a vehicle that was used in a bombing attack and matched it to one obtained years earlier at a US border crossing.

He added that there was a similar instance in England, where one fingerprint in a London home linked to a bombing was matched to a fingerprint gathered at a US airport (the identified person was actually innocent of wrongdoing, however).

Chertoff explained that in the autumn the US intends to expand its fingerprinting collection program by requiring all non-Canadians entering his country to provide prints of all ten fingers (it currently requires two fingerprints).

In the process, his vision of a broad surveillance society - supported by massive databases of biometric data collected from hundreds of millions of people - presented a chilling future. Rather than terra incognita, Chertoff seemed to say there is a known reality about our future course and there is little that the privacy community can do about it.

David Brin’s book The Transparent Society discusses the illusion of privacy and advocates making most information available to everyone to ensure greater transparency and accountability. Security does seem to be prevailing over privacy, and, ironically, greater openness is regarded as the means to safeguard personal liberties. It’s a frightening prospect in many ways, but perhaps a more palatable option than the current move to consolidate information into the hands of government, corporations, the military or police.

Chertoff's observations are provocative and may lead our privacy commissioners to shift the debate from "privacy versus security" to focus more on issues of accountability and oversight.