Wednesday, October 27, 2010

Challenge To Enterprises In Adopting Social Network: Employee Privacy

There have been a couple of posts regarding privacy on this blog. Although these days people don't seem to mind sharing lots of personal information on social networks, there are still many who are concerned and uneasy about sharing data on line. It looks like most of teens and twenty somethings are in first camp, while thirty something or older tend to refrain from sharing from what I can tell. I suppose one reason why younger people are more open to sharing personal information is because they tend to experiment and comfortable with taking greater risk with unknowns.

Users Demand Privacy;
Do Enterprises Really Want To Pry The Cover
And Risk What They Might Find?
When I think about privacy, I think of access control (I cannot help myself, I'm a software geek). Privacy is essentially hiding information from those who we don't want to reveal, and granting access to those who we deem appropriate. Say my day of birth. It should be accessible to my friends and family, but it should not be accessible to any stranger. By now, it should be clear that I'm in the second camp who cares about privacy of personal data.

I think I take reasonable precaution when entering and sharing personal information online. Even before Facebook opened its door, I was a user of many websites, such as Flickr, Youtube, AOL, Hotmail, and Yahoo to name a few. I don't recall all the sites that I signed up on, and I certainly don't remember all personal information that I divulged for instant gratification of enjoying what each site offered.

My means of privacy control? Information tampering to varying degree. Whenever I would sign up for website that I don't feel trustworthy (don't ask me how I determined what site was trustworthy or not because it probably would have depended on many grains of information I gathered), I would simply give slightly off information. Instead of spelling my name as Jae, I would spell it as Jay, for example. After all they both get pronounced the same.

People improvise and create their creative solutions to problem that they encounter in real life. If you don't provide an official way of doing something that users feel valid, they will create their own workarounds.

I see the same thing happening still with many social networking sites. People have multiple accounts on Facebook even though its terms of use explicitly bans the practice. Why? Because users feel the need to create multiple identities for whatever reason.

Sometimes people create two accounts, one personal and the other professional. Sometimes developers create a separate test account to run tests against application that they just created. Sometimes people create a new account to get a fresh start. Sometimes people create a hidden account with malicious intent.

Now all these practices are lumped as illegitimate use by Facebook's terms of use. This creates tension between Facebook and users, and whole lot of other implications for enterprises who are trying to embrace Facebook.

As you might know, enterprises are just starting to grapple with growing user base of Facebook, and have been putting together acceptable corporate social media policy. As a legal entity any enterprises, or small to medium businesses for that matter, are sensitive to any legal implication to their employees willfully violating Facebook's official policy. In order for enterprises to make Facebook official social networking site, they have to be aware what kind of information is flowing in and out of Facebook. To do that, they will have to air this dirty laundry of ad-hoc privacy workarounds for all their employees.

But hey, these are private information. The reason why users created multiple accounts are precisely to avoid exposing certain information to certain group of people, and most likely that group of people includes your boss and HR team. Hence enterprises are in limbo. They see the clear need to embrace popular social media, but it's unclear to them how to address this privacy concern for all their employees.

How would you feel if your boss comes to you one day, and asks you to remove the account that you've created to connect with your religious congregants? What if you are in the US Army, and you are spotted as non-heterosexual on Facebook? What if your political view is deemed incongruent with company's public image?

Very messy business indeed. No wonder enterprises are hesitant to open this can of worm.

No comments:

Post a Comment