Re: Some Thoughts on Privacy

Thanks, Ashok.  It would probably be useful to cross-post this discussion to the public-privacy@w3.org mailing list, which I'm hereby doing.



On 2012-01-01, at 17:21 +0100, ashok malhotra wrote:

> Some Thoughts on Privacy
> 
> The W3C has started a DNT WG.  This is good, but it only covers a corner of what I 
> like to call The War on Personal Privacy.   There are several other aspects we need 
> to consider. 
> 
> 1. Personal information that people entrust to social networks or other websites with the understanding that it is private or has limited visibility is leaked to others for profit or due to incompetence. 
> 
> 2. Folks collecting information about you without your knowledge or consent.  For example, Google trucks driving by your house and capturing your network SSID or cellphones capturing location and other information. 
> 
> 3. Clickjacking and identifying folks by mouse usage patterns, etc. This may be a subcase of the above or perhaps a separate category.
> 
> What privacy thieves are after is identity and personal information as well as attitudes and preferences for marketing purposes.  Studies have shown that it is possible to predict a person’s Social Security Number with a fair degree of accuracy based on a few pieces of information.  Other studies have shown that sexual and political preferences can be determined from a relatively small amount of behavioral data.
> 
> What can be done?
> 
> There seems to be little hope that technical solutions can prevent privacy theft.  Encryption, both in transport and storage, can mitigate the situation but does not provide a complete solution.  So, what can be done?
> 
> Weitzner et. al. argue that the only solution is to hold privacy thieves accountable and prosecute if necessary.  For this we need stronger laws.  Europe has stronger privacy laws than America.  Is there a policy statement we can make here?
> 
> Another solution is a social solution.  If your social network divulges your personal information without your consent, make a big fuss, write a blog, make sure the violation is made public and hopefully the practice will stop.   Should the W3C encourage such social re-activism?
> 
> Perhaps the TAG could publish Guidelines for Protecting Your Privacy in the         age of Web 2.0.
> 
> -- 
> All the best, Ashok

Received on Sunday, 1 January 2012 16:27:59 UTC