Tuesday, November 11, 2008

When your head's in the cloud ...

I had the privilege this morning of spending some time with Peter Cullen and my colleagues from the ACCJ Internet Economy Task Force. Cullen is the GM TwC & Chief Privacy Strategist for the Microsoft Corporation, and he knows his stuff - our 90 minutes together was a fascinating flight through the maze of factors impacting privacy regulation and advocacy around the planet.

Still, it was depressing in a way - unfortunately there are very few people like Cullen who have thought through the potential impact of social media on privacy and security. And I believe there are many serious issues to surface.

For example, does posting some personal information to a social media site constitute a public act? If I want to share my details with my friends, that's one thing. But the world - that's a completely different issue. Or another thought: should there be a "statute of limitations" around personal data released on social media? After all, there is no moral justification for using something a person said as a teenager when they're 30, 40, or 50. It's hearsay.

But my head goes straight to the Cloud, as enterprise computing moves into the SaaS era and data becomes increasingly stratospheric. How does any one country provide its citizens with safeguards over both security and privacy when the app and the data maybe physically located elsewhere, and virtually located everywhere?

One answer may be the social graph. Giving people the right to maintain one version of their personal data, and "permissioning" various companies and agencies to use it (permanently or one-time-only) makes a lot of sense. In this light, people would maintain their personal data as another asset type, like their finances, their legal documents, etc. For people who opted not to have active asset management, set the defaults to super-secure, super-private.

Thought for the Day: Why should people need to keep track of hundreds of profiles and squillions of passwords? Maybe we should all have a unique digital ID that we maintain ourselves.

No comments: