Thursday, March 29, 2012

Online data privacy

Whenever we get online, we can be tracked.  Each time you visit a webpage, the website can map our registration information to all pages on the website that we visited .  If we get referred to the website through search engine, the website can also find out what search keywords were used.  When we consider most of websites require cookie, we are leaving lots of information for websites to capture and analyze.

FTC is urging companies to develop support for 'do not track' option;
I welcome that initiative
"Do not track" is important because everything can be stored and combined easily to trace what we do online.  Unlike physical world, there is no clear boundary between private and public space in virtual world.  Nevertheless the need for private space exists.  For example, medical records, client-attorney conversation, family dialogue are all considered to be private, and we expect them to be private in online environment as well.  But there is no clear and consistent enforcement of private and public realm on the web.

It is not at all clear what can be considered to be private in today's internet.  That's because there is no way for users to express whether the data is meant to be private.  Search keywords to quick message, all data is captured as digital footprint of what we did online, and they are collected to make someone's marketing campaign smarter to better target ads to us.  This has to change.  And it looks like FTC is finally realizing that lack of online privacy is a serious problem for all of us.

What is interesting is how companies are reacting.  What we are seeing is two different responses to addressing online data privacy.  One is Google's approach, and the other is DuckDuckGo's.

Google's approach is to collect and track more data about each user and let user know how much Google know about you.  Google has consolidated their separate privacy policy across all their products starting March.  They have done that to track each user as person across all Google products.  Now that Google has all the data about you, it can tell each user a lot about the user's habit of using all Google products.  Idea is to provide some value back to end user (weekly/monthly Google product usage report) and be more transparent about what Google collects.  By doing that, Google is betting that more users will be okay with Google's new privacy policy.

Another approach is to stay away from storing any user data.  This is DuckDuckGo's (DDG) approach.  Their philosophy is not to store any user data.  By instituting no user data store policy, DDG  is sidestepping the entire online privacy discussion.  DDG's privacy policy talks about different ways to prevent user data to be shared with third parties.

There are lot of approaches in between too, such as Foursquare.  Site collects data to make its core functionality work, and user gets immediate value out of the core functionality.  It's hard to imagine any social network succeeding without lots of users sharing their info and content.

I believe that users must have choice to be private.  Ultimately data that we generate is data that we should control.  No one is forced to use social network to share content.  But the reason why people do is because people trust the social network providers to do the right thing with their data.  Without this trust, discerning users won't be sharing data.  Having universal "do not track" support is not an option, but a foundation for successful social networks.

No comments:

Post a Comment