Re: Some Thoughts on Privacy from Noah Mendelsohn on 2012-01-17 (www-tag@w3.org from January 2012)

From: Noah Mendelsohn <nrm@arcanedomain.com>
Date: Tue, 17 Jan 2012 17:06:54 -0500
To: ashok.malhotra@oracle.com
CC: "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <4F15F0FE.1080003@arcanedomain.com>

This is a useful discussion, and I'm inclined to let it run in e-mail 
awhile. When and if you feel we're ready for telcon discussion, please let 
me know. Thank you.

Noah

On 1/1/2012 11:21 AM, ashok malhotra wrote:
> Some Thoughts on Privacy
>
> The W3C has started a DNT WG. This is good, but it only covers a corner of
> what I
> like to call The War on Personal Privacy. There are several other aspects
> we need
> to consider.
>
> 1. Personal information that people entrust to social networks or other
> websites with the understanding that it is private or has limited
> visibility is leaked to others for profit or due to incompetence.
>
> 2. Folks collecting information about you without your knowledge or
> consent. For example, Google trucks driving by your house and capturing
> your network SSID or cellphones capturing location and other information.
>
> 3. Clickjacking and identifying folks by mouse usage patterns, etc. This
> may be a subcase of the above or perhaps a separate category.
>
> What privacy thieves are after is identity and personal information as well
> as attitudes and preferences for marketing purposes.Studies have shown that
> it is possible to predict a person’s Social Security Number with a fair
> degree of accuracy based on a few pieces of information.Other studies have
> shown that sexual and political preferences can be determined from a
> relatively small amount of behavioral data.
>
> What can be done?
>
> There seems to be little hope that technical solutions can prevent privacy
> theft.Encryption, both in transport and storage, can mitigate the situation
> but does not provide a complete solution.So, what can be done?
>
> Weitzner et. al. argue that the only solution is to hold privacy thieves
> accountable and prosecute if necessary.For this we need stronger
> laws.Europe has stronger privacy laws than America.Is there a policy
> statement we can make here?
>
> Another solution is a social solution.If your social network divulges your
> personal information without your consent, make a big fuss, write a blog,
> make sure the violation is made public and hopefully the practice will
> stop.Should the W3C encourage such social re-activism?
>
> Perhaps the TAG could publish Guidelines for Protecting Your Privacy in the
> age of Web 2.0.
>
> --
> All the best, Ashok

Received on Tuesday, 17 January 2012 22:07:19 UTC