Will social networking be hit by the identity crisis?

Next Story

A Plea for Help and Turkey Day Wishes

As I write this, daytime TV chat shows normally given over to house decorating and the latest reality TV gossip are literally up in arms about how two computer disks containing the identity details of 25 million people in the UK – many of them children – could go missing in the postal system. Suddenly the issue of identity and personal information is at the forefront of people’s minds in a way that obscure debates about ID cards could never have achieved. At the same time, earlier this week, Channel 4 ran a story detailing how Facebook is facing an investigation from the UK’s Information Commissioner (which oversees the implementation of the Data Protection Act) after a complaint from a Channel 4 News viewer. He found he could not remove his account or any of the data – photos, wall posts etc – associated with it. And this morning new research by YouGov details how 70 percent of adults say that fears of identity theft are changing their online behaviour and 84 percent say their trust in an organisation’s ability to protect their personal details now dictates who they interact with the most.

Why should we care? Put simply, all of this adds up to a perfect storm for technology companies playing in the social networking arena, where identity and personal information are at the core of the data around which these companies are built and create ‘intelligence from the crowd’. If consumers start to realise just how much information they are putting online about themselves, will they start to hold back? Will every social networking startup, online or mobile, now find themselves on the back foot? And what does this mean for “Web 2.0”?

What do you think?

  • Danny D

    If people are silly enough to put their personal details onto social sites and then panic it is their responsibility to be more careful with their own details.
    Social networks will need to develop and evolve with the times and be more secure for the basic users who do not know what they are signing up to.
    It won’t be long before our every move is captured and uploaded online, web 3.0 will be a real life truman show!

  • http://andymerrett.co.uk Andy Merrett

    Ultimately, we have a choice about what we put on social networking sites, and only really have ourselves to blame when mistakes happen. That’s not to say that these companies don’t have a responsibility to protect our data, but there’s very little need to put *every* piece of data onto Facebook et al.

    Ironically, I hold only a few things back on Facebook, because I want people to be able to contact me, but I don’t put really sensitive data on there.

    The scary thing is when organisations that you have absolutely no choice but to give all your personal details to screw up. When the Government lose your data, or mishandle it, you have little protection. You can obfuscate or deliberately provide misleading data on Facebook, and that’s not really a problem. Do that to the Government and that’s a criminal offence.

    What’s interesting is how many security companies are now popping up into every discussion. Trouble is, why should I trust x or y security company over any other organisation? It seems not a week goes by without another big name doing something stupid with its customers’ data.

  • http://www.businessitonline.com David Cruickshank

    Facebook should allow users to easily administer their accounts such that they can quickly view and remove any data (including their entire account). Any web-facing application that does not offer a simple ‘remove all the details you have about me / delete entire account’ function is not fully respecting its users.

  • http://mazphd.googlepages.com/mazhardey%27swebsite Maz Hardey

    This is a classic case of media scare-mongering. Where identity theft and the possibiliities for information ‘abuse’ come into play on Web 2.0 is nothing compared to the incompetence that other agencies, institutions and ‘professionals’ claim to be able to safe-guard against.

    In terms of the Web 2.0 context this is more about people getting used to and being aware that the information that they post and volunteer is in a very public domain, that is under surveillence and can and will be used to trace information about users.

    It is this movement from public to private, online to offline that is the concern for those not used to sharing information in this way. The only ‘surprise’ here is that people want to volunteer such personal details. Maybe the Government won’t need ID cards, after all it already has Google and your Facebook account


  • http://www.collaboratemarketing.com James Cherkoff

    I saw one of the best presentations I’ve ever attended on the subject at MIT last year. Here’s my summary with links…brilliant but complex…put a cuppa on first.


  • http://mobblog.cs.ucl.ac.uk/2007/11/21/online-identity/ MobBlog » Blog Archive » Online Identity

    […] concepts such as trust and reputation to the online world. However, on the other hand, people are worried about giving too much personal information when online. Fears of identity theft, data misuse (and so on) heavily influence who and how people […]

  • http://www.broadstuff.com alanp

    The really sad thing about the Government cock up is thet the data they sent was unencrypted 0 thats shows a level of incompetence – and general disregard – that is breathtaking.

    Re Facebook, the big issue is not what you put on there but the Terms and Conditions under which its held (I have them on our blog over here) which are a bit worrying.

    As you kindly noted earlier Mike, we were thrown off Facebook for being a non-person (even our Page was closed down sans recourse), but it would appear our stuff on Facebook lives on (In fact for all I know the system keeps on sucking in the RSS feeds of our IP).

  • http://www.ecademy.com Julian Bond

    I’m not worried about Information on the web. And I’m not worried about my child benefit details going missing. But I am worried that somebody knowing my NI Number, Full Address and Bank Account Number could do something useful with it. The problem here is not with the data that’s gone missing but the organisations that treat that data as proof of identity.

    But that brings up a much bigger issue. How *do* I prove who I am? All attempts at answering this look to me like a shell game. Use Data A to to get Data B, use Data B to validate Data A.

    And who said ID Cards? Isn’t that just another shell? And by putting all our identity dependence in one place aren’t we just making that bit of data even more attractive to hacking?

    And don’t you just love the irony in this story that the data was being sent to the National Audit Office?

  • Mike Butcher

    One of the things i find interesting about all this is how the national debate slips drunkenly from terrorism (ID cards good) to government databases (ID cards etc bad) to social networking (enter a fear here).

  • http://secretarialblog.co.uk Ben S.

    Unfortunately I don’t think people realise the implications of what they with their personal data.
    It’s one of those cases where you need the government to protect your rights. However I don’t think the UK government are up to it. The chances of them cocking up, doing too little or too late, or pursuing their own interests means people’s data rights won’t be adequately protected.
    I think facebook should be open about what it does with personal data and let people completely delete data from their servers. If they care for their users won’t it be reciprocated?

  • http://www.thestrugglingentrepreneur.com Dave L

    I appreciate that people want to come to the defence of social networking sites but the law must apply to those sites as to the rest of us, in this case I’m talking specifically about the Data Protection Act. You should also make the distinction between what you choose to publish about yourself and what you are required to provide in terms of registration data (in some cases credit card details!) – there is a choice over registration and to what you publish, but Facebook et al still have a duty to protect that registration information, and counsel customers against revealing sensitive information.

    An earlier commenter makes a good point about identity, in that it’s impossible to prove who you are, and increasingly difficult to determine identity with any degree of certainty. For example, you need only the signature of an upstanding member of the community (Lawyer, Barrister, Doctor etc.) to get a passport. How Edwardian! And potty! Until babies are biometrically captured at birth and the rest of us all die, we’re going to have these problems – even with ID cards.

    As to the government’s data management – it’s clearly poor. The whole point of databases, networks, encryption etc. is so that data can be shared in a controlled manner and entire datasets don’t have to be transferred around on removable media. Otherwise why pay these consultancies big money to write systems when it could all just be kept on a massive spreadsheet and posted around – like the old days. I think it comes down to ministers and senior civil servants being clueless about IT. And that’s a worry.

  • http://tamlyn.org Tamlyn

    I watched that item on Channel 4 News and was shocked when they said “Facebook retains the copyrights to everything you post to it”. My god! So I’ve lost the copyright on all the images I uploaded?! Fortunately this is completely untrue as anyone who glances at the Facebook Terms of Use can see. In fact it explicitly states:

    “you retain full ownership of all of your User Content and any intellectual property rights or other proprietary rights associated with your User Content.”

    Blatant ill-informed scare-mongering once again.

    To me, a web developer and Facebook user, the terms look perfectly sensible. Facebook have to give themselves the license publish your User Content or else they couldn’t show it to anyone. However, remember that the license is restricted by the privacy section of the terms that says they will only show it to certain people.

    They can’t suddenly remove *all* your user data when you delete your account. If I have a message from you in my Facebook inbox and you delete your account, would you expect the message to disappear from my inbox? What if I replied to a thread that you started in a discussion forum and you delete your account, would you expect that to delete my reply too?

    It seems that currently Facebook has opted not to delete any of your data when you cancel your account but merely hide it. I suspect that the DPA will force them to remove such data that they cannot justify keeping such as profile data. That will be a good thing. However I don’t see anything in the terms as they stand to discourage me from continuing to use Facebook as the excellent gossip management tool that it is!

  • http://www.broadstuff.com alanp

    @ Tamlyn….you need to read the small print my friend:

    When you post User Content to the Site, you authorize and
    direct us to make such copies thereof as we deem necessary in
    order to facilitate the posting and storage of the User Content
    on the Site. By posting User Content to any part of the Site, you
    automatically grant, and you represent and warrant that you
    have the right to grant, to the Company an irrevocable,
    perpetual, non-exclusive, transferable, fully paid, worldwide
    license (with the right to sublicense) to use, copy, publicly
    perform, publicly display, reformat, translate, excerpt (in
    whole or in part) and distribute such User Content for any
    purpose on or in connection with the Site or the promotion
    thereof, to prepare derivative works of, or incorporate into
    other works, such User Content, and to grant and authorize
    sublicenses of the foregoing.

    If you are an IP lawyer that is enough to give you apoplexy.

  • http://collabatwork.com Romuald

    Let’s stop worrying about information being exposed. As the Web 2.0 saying goes “Information wants to be free”. So let’s assume that all information, public or private, business or personal, encrypted or free, will ends up, one way or another, being exposed somewhere on the Web.

    Let’s stop worrying about information being exposed AND let’s start focusing on better ways and tools to protect one’s identity. The UK problem is not so much that information leaked, but much more what this information can be used for. Indeed my identity has been reduced to a combination of few fields in a database: first name, last name, SSN (or NAS or whatever national ID), date of birth…. and the maiden name of my mother, of course. If you have that data, you can do about whatever on behalf of any individual.

    Since history has proven (on many, many occasions) that governments, corporations, associations, and individuals themselves cannot be trusted to protect this data, let’s work on providing individuals with better tools to fight back the “villains” who try to use their identities!

  • http://tamlyn.org Tamlyn

    @alanp I have, of course, read that small print and although I am no IP lawyer I don’t see anything there that isn’t necessary for the normal functioning of Facebook.

    • discount monster beats UK

      “People aren’t hearing all the music.dr dre earphones Artists and producers work hard in the studio perfecting their sound. But people can’t really hear it with normal headphones. Most headphones can’t handle the bass, the detail,monster beats the dynamics. Bottom line, the music doesn’t move you. With Beats, people are going to hear what the artists hear, and listen to the music the way they should: the way I do.”- Dr. Dre

blog comments powered by Disqus