ChatRoulette: Heads up, parents!

"If I were still an unpopular 12-year-old, my first ChatRoulette session might have crushed me for a year instead of just an hour," writes Sam Anderson in New York magazine in the mildest possible description of a site that Brad Stone of the New York Times just discovered was created by a 17-year-old in Moscow. It's a video site that "brings you face-to-face, via webcam, with an endless stream of random strangers all over the world," Anderson writes. Comments from email correspondents of mine confirm what he writes that about 10% of the videos that stream past are of naked males not just sitting in front of their Webcams. Stone writes, "Parents, keep your children far, far away." Anderson adds, "There's no way to manage the experience.... It’s the Wild West: a stupid, profound, thrilling, disgusting, totally lawless boom" with a powerful curiosity factor. And there are serious privacy issues, he adds. Because once you click "Play" on the home page, your computer's Webcam is activated, and you are among those streaming across other ChatRoulette players' screens, with any one of them able to grab a shot of your face and whatever else is within the frame of your Webcam.

Another heads-up: ChatRoulette's not only going viral (300 users in December, 10,000 by end of January, now 20,000 any given night), it's a group thing (hopefully not the new "Truth or Dare" or "Spin the Bottle"). When a friend came over to experience it with him, Anderson reports "the experience was different ... easier to laugh off. We ended up staying on, talking and dancing, connecting and disconnecting, for four hours." As voyeuristic as it might've felt, it wasn't all "shock porn," he writes. "We chatted with Pratt students in Bed-Stuy, with a man inexplicably sitting on his toilet, with a kid waving a gun and a knife, and with a guy who went to my wife’s old high school in California. We saw Chinese kids in computer cafés and English kids drinking beer.... We talked for half an hour with a 28-year-old tech writer from San Francisco." And another email correspondent of mine just heard over the weekend that ChatRoulette is being played by "some of our middle schoolers in [the US state of] Georgia." There may shortly be a spike in Web-filtering sales!

More public Facebook => more careful selves (I hope)

Don’t miss Julia Anguin's Wall Street Journal blog post about how "friending" has gone from knowing what the kid three rows back thinks about the latest celeb news to a popularity contest to, now with Twitter, a "talent show" among "followers" (who are much less complicated than "friends") – or how "to prove your intellectual prowess in 140 characters or less. But where she's going with all this, really, is the bottom line of Facebook's privacy changes. It's not a particularly new bottom line, just a more-so-than-ever one: "I will also remove the vestiges of my private life from Facebook and make sure I never post anything that I wouldn't want my parents, employer, next-door neighbor or future employer to see. You'd be smart to do the same. We'll need to treat this increasingly public version of Facebook with the same hard-headedness that we treat Twitter: as a place to broadcast, but not a place for vulnerability.... Not a place for intimacy with friends." Parents, talk with your kids about this! Anguin's piece is a great talking point. [For advice on how to hide that Friend List from Everyone, see this from ConnectSafely.org's Larry Magid, and for last week's news, see "Facebook's privacy changes" last week, when the company said these changes "have no impact" on how FB makes money.]

After I posted this, the New York Times reported that the Electronic Privacy Information Center and 10 other consumer privacy organizations filed a complaint with the FTC that Facebook's latest privacy changes "violate user expectations, diminish user privacy, and contradict Facebook’s own representations." Paramount to us at ConnectSafely.org is that Facebook ensure that the friend lists of users under 18 be hidden from public view by default.

Facebook's privacy changes

Facebook has been known to make a few waves when it announces changes to privacy features, so it's probably hoping that, now with more than 350 million users, the latest changes won't make a tsunami. This week's redesign, which has been in the works since last summer, is meant to both simplify things and give users more control – "more granular control over who can see individual pieces of content while making some basic profile information available to everyone," as ConnectSafely's Larry Magid put it in his CNET blog. [Facebook's three levels of privacy are "Friends," "Friends of Friends," and "Everyone." Parents will want to know that, for users under 18, "Everyone" means at most Friends and Networks, not everyone at all.]

As for what's entailed: Everybody will eventually experience a little "wizard" window that'll pop up and say they have to configure their settings (if they've already done so, they can keep their current ones, and the wizard will show you what they are). Having seen the process, I can say it's very easy – if it seems annoying, only a small annoyance. All in all, the changes – straight from the horse's mouth – are:

A limited amount of profile info publicly available for all users (name, profile photo, gender, current city, Facebook networks, friend list, and Page affiliations)

Simplified Privacy Settings page

The three basic levels of privacy mentioned above

Apps and Facebook Connect sites can access publicly available info as soon as you interact with them (but they have to ask permission for additional info you haven't made publicly available)

Regional networks are going away (they were more viable as a privacy tool in an earlier "era" when Facebook had millions, not hundreds of millions, of users).

Facebook says these changes "have no impact" on the site's advertising system or how it makes money. For the company's own thinking behind the changes, see Facebook's Ana Muller's blog post here, and pls see Larry's CNET piece for much more detail than I have here. In related news, ConnectSafely.org has been appointed to Facebook's new Safety Advisory Board. Here's CNN's coverage.

Media sharing's upside, downside & advice on what to do about it

Why do people share innermost thoughts, unretouched photos, and rants and what they ate for lunch in texts, photos, and blogs? And why is this not just a narcissistic passing fad like streaking or something, a baby boomer, someone who grew up with mass media, might ask? Consider this: "In part, it is the very human need to be heard and to connect with others. It is the desire to make a difference, to influence the world around us.... And it is the ongoing quest for authenticity in a world governed by image." That was from The Nielsen Company's Pete Blackshaw in a talk he gave for the Children's Advertising Review Unit last month. [I agree. I think authenticity-seeking is one of the forces behind social media's momentum, probably in more concentrated form where young people are concerned.]

Interestingly, while some are calling it a major media shift, Blackshaw called social media a movement, as he cited the cellphone's contribution to it: "Mobile devices represent a major impetus behind the social media movement, driving part of the 250% audience increase for the year ending February 2009."

Two governments and a whole lot of other adults, however, are concerned about the downside of this media-sharing, user-produced epoch that's upon us. Canada's Privacy Commissioner has a site for youth headed: "myprivacy. mychoice. mylife," including "mycontest": Canada's 2009 "My Privacy and Me" national video competition. The Australian government launched a campaign aimed at youth whose centerpiece is the downloadable brochure, "private i: Your ultimate privacy survival guide." For the parent-child team, I agree that "the privacy conversation starts before the cell phone or the Club Penguin account," as the Togetherville blogger writes. The blog then reprints CommonSenseMedia.org's great tips for avoiding oversharing, but the originals are here. And the NYLawBlog cuts right to what people need to know about a possible outcome of nasty oversharing: "What you need to know about defamation and Web 2.0."

Two related links are: "Not actually extreme teens" (about the need to be always-on teen "PR machines") and "Social networkers = spin doctors (I hope)."

Privacy on the social Web: Varying views

Our kids - the people who've never known life without the Internet - do think about their online privacy, and social technologies are actually giving them "greater control over their information," writes Heather West at the Center for Democracy and Technology in a Wired blog. She makes an important point about privacy in the new media environment that I think those of us who grew up in the mass-media era need to think about: We think of privacy in a binary way, as "the ability to conceal information from others" – public or private. Period. Internet natives think of privacy as the ability to control how they share information, and to do so in a nuanced way.

West cites two studies showing this, then writes, more anecdotally (and interestingly): "Gone are the days where my friends could see everything I posted on my Facebook page. Now, I am given the opportunity to choose not only what content is public, but who has access to that content. This includes privacy control for photo albums, status updates, and personal information. Truth be told, I am much less comfortable with social sites that do not give me this level of freedom."

[In this context, it's probably worth mentioning the finding that – despite all the online-safety warnings not to share personal info online – "sharing personal information, either by posting or actively sending it to someone online, is not by itself significantly associated with increased odds of online interpersonal victimization," published in the February 2007 issue of Archives of Pediatrics and Adolescent Medicine. Rather, the researchers found, it's aggressive behavior online that significantly increases risk.]

Privacy in 6 social sitess

In other important privacy news, Canada's Office of the Privacy Commissioner recently unveiled a study that looks into privacy protections in six social network sites: Facebook, Hi5, LinkedIn, LiveJournal, MySpace, and Skyrock.

"These sites were selected based on popularity, but also to facilitate the efficacy of the final product by providing an appropriate breadth and diversity to the analysis," the report said. Aimed at user education more than industry regulation, it does a "comparative analysis" in each of these categories: registration information (e.g., here), real identities vs. pseudonyms, privacy controls, photo tagging, accessibility of user info to others, advertising, data retention, account deletion, third-party applications, and collection of non-user personal information.

The report refers often to the March '08 "Report and Guidance on Privacy in Social Network Services – Rome Memorandum," building on the work of the International Working Group on Data Protection in Telecommunications (see this PDF file) spearheaded by data-protection commissioners in a number of countries.

Related links

A fascinating project at MIT bears out how the societal discussion about privacy needs to get more granular and social-media specific. "Project Gaydar" found that "who we are can be revealed by, and even defined by, who our friends are.... The ability to connect with other people who have something in common is part of the power of social networks, but also a possible pitfall. If our friends reveal who we are, that challenges a conception of privacy built on the notion that there are things we tell, and things we don’t," the Boston Globe reports. There's a lot in the article, too, about the state of research being done in social network sites.

A view from another generation - that of Andrea DiMaio in the Gartner Blog Network. Note the interesting comment below it about how, "in a world awash in information," as it is now, "a paradoxical effect is that many people know far less than they did before."

The Pew/Internet Project's December 2007 teen-online-privacy findings (the latest available).

Posting pix: How cautious should we be?

The other day I was talking to a psychologist who described a time when he was driving into a busy 4-way intersection on a highway frontage road – one of the craziest intersections I've ever heard described. He came to a stop, he said, and suddenly found he just couldn't take his foot off the brake, paralyzed by a voice in his head saying, "Be careful. Don't move. Don't get in that driver's way. Careful!" He said it was then that he realized he'd heard those words countless times as a child, and that they'd become almost a mantra in his head, making him overly cautious as an adult. For him the solution, he realized, was simply to go forward, make that move. He has since been much more decisive, he said, and – as he related this experience – I was thinking about the similar messages kids and parents are getting from so many directions about young people's Internet use. Of course we want them to be safe, but we don't want to clip their wings altogether. This article at AnnArbor.com offers that perspective – it's one of the few I've seen in the news media questioning the message that posting pictures in parenting and family blogs is highly risky. For more on both sides of this, see "Violating our kids' privacy" and "Online privacy: Photos out of control."

The case of the password-requiring coach

A coach requiring a team member's Facebook password is a serious problem all by itself. But this coach used that password to read private messages and then kick the team member off the squad for profanity Coach Tommie Hill found in the private message. I'm referring to a case in Pearl, Miss., cited in eSchoolNews. The student was nominated for a team spirit award "for the previous year, but the coaches said she did not deserve the honor. [She] also did not take certain academic courses because the cheerleading coaches taught them." The student and her family are now suing the coach and school for $100 million "for what the suit claims are violations of Jackson's right to privacy and freedom of speech."

What's wrong with this picture on the privacy front? Viewing students' public profiles is fine simply because they're public. But in terms of protecting one's identity, privacy, and intellectual property, sharing passwords is one of the most risky behaviors in the online risk spectrum (see ConnectSafely's password tips). I'm stating the obvious in saying that teachers, coaches, and other adult mentors should be modeling safe, ethical behavior, not the opposite. What Coach Hill's behavior teaches students to do is set up a network of "G-rated" profiles and give her those passwords to avoid any repercussions from the "real" profiles – or set up "real life" profiles in another social network site. If not these, then there are other workarounds. CNN Live covered a similar story involving a private school in Georgia, interviewing a few of us bloggers about it. For more on how adults, for their own sake too, could model better behavior in social media, see this at Forbes.

UK youth want online-privacy advice

Ofcom, the UK's communications-industry regulator, found that 54% of UK 11-to-16-year-olds want more advice about online privacy. In other findings, 28% believe "information is needed on how to keep security information such as passwords and PIN numbers safe"; 22% "want more information on how to avoid inappropriate content online"; and 20% "want more advice on how to deal with cyberbullying." They're saying this even though nearly 75% of 7-to-16-year-olds "say they have received some information about staying safe online" (23% "say no-one has talked to them about online safety). Meanwhile, Ofcom's US counterpart, the FCC, is looking at the possibility of a universal rating system for Americans, covering TV, videogames, and mobile phones, DigitalMediaWire.com reports - a somewhat limited sense of "universal," to my mind. The Entertainment Software Rating Board, provider of videogame ratings, says universal ratings would only confuse consumers, as well as violate the First Amendment, DMW adds. [Here's Bloomberg's coverage.]

Violating our kids' privacy

Kids aren't the only people who need to think before they post, but the latter half of that sentence is an oversimplification, of course. New York Times columnist Lisa Belkin brings new meaning to the phrase "Protecting Your Child's Privacy" in her Motherlode column this week. Where's the line between "exploiting [a child's] pain" – as one teenage subject of his parent's published memoir put it – and blogging about your parental struggles (or joys) with that child in the public blogosphere? Belkin asks: "At what point do parents lose their right to their children’s tales? When do things stop being something that happened to 'me' and start being something that happened to 'them,' and therefore not 'mine' to tell?" There is no blanket answer to those questions, partly because the answers are highly individual and the surrounding conditions change (kids grow up; they can become mortified teenagers). Also, as Belkin points out, the questions didn't first arise with blogs and social network sites – or even the Web or newsgroups or email. At the core of Belkin's post is the story of a mom who felt she had to un-adopt a child after 18 months and wrote about it. Some detractors "scoured everything she has written in the past, finding a post that used the boy’s real name and country of origin, and circulating it around the Internet" and then, after the mom deleted as many references as she could think of, they "found old cached versions," Belkin writes. The questions are age-old, but there are some differences now: e.g., the Web as both permanent, public, searchable archive and - sometimes - amplifier (see also "The Net effect" and "Online privacy: Photos out of control").

'Skank blogger' story revealing in more ways than 1

The story of the "Skanks of New York" blogger illustrates how "unreliable" online anonymity can be for anyone considering hiding behind it to harass or defame others. "A Manhattan Supreme Court judge forced Google to unmask [the blogger Rosemary] Port, rejecting Port's claim that blogs 'serve as a modern-day forum for conveying personal opinions, including invective and ranting' and shouldn't be regarded as fact," the New York Daily News reports. Judge Joan Madden wrote that "the protection of the right to communicate anonymously must be balanced against the need to assure that those persons who choose to abuse the opportunities presented by this medium can be made to answer for such transgressions," DigitalJournal.com reports. Online privacy groups are worried about the precedent his decision may set, the Seattle Post Intelligencer reports, pointing to the view of the Electronic Freedom Foundation that using a court "as your personal private investigator to out anonymous critics is a dangerous precedent to set." Port told the Daily News that "she's furious at Google for revealing her identity, so much so that she plans to file a $15 million federal lawsuit against the Web giant." That you can't "count on" anonymity is a good family discussion to have, because it doesn't always take a court order to unveil a meanie or cyberbully, especially if blogger and victim are minors and in the same community, like a school, when administrators consider the behavior disruptive. [See also "Social intelligence & youth" and "Online harassment: From one who's been there."]

Facebook sued for being a social-network site

I can't always fit the bottom line of a story in the headline, but this time I could. "Five Facebook users are suing the social network for doing what made it an online superstar – letting members share aspects of their lives on the Web," Agence France Presse reports. They allege that Facebook violates California's privacy laws, reports ConnectSafely co-director Larry Magid in his CNET blog. It's an interesting group of plaintiffs: a woman who joined when Facebook was just a college service suing because it became an open network with 250 million+ members; "a photographer and an actress who contend Facebook is wrongly sharing pictures posted on their profile pages"; and two boys under the minimum age state in Facebook's terms of service. One of the boys, an 11-year-old, "posted that he had swine flu and uploaded pictures or video of 'partially-clothed' children swimming," the AFP cites the lawsuit as saying. Larry adds that "the complaint says that 'upon learning of the Facebook account and the posting of an uncertain medical condition,' the child's parents 'removed the medical condition postings from Facebook' and that 'Xavier O. and his parents have been unable to learn where the minor's medical information may have been stored, disseminated or sold by Facebook'." The AFP reports that "Facebook has steadfastly maintained that its members own information they post to profile pages and control who gets to see it" and recently reworded its terms of service to make that clearer, it told users. Meanwhile, the complaints of Xavier's parents raise a number of questions, e.g., why they didn't just delete his account – why leave the photos of kids swimming in his profile if they're mentioned as objectionable? And Larry asks, "Could [the parents] be implying he was posting child pornography images? If so (and I doubt it), this kid could find himself in juvenile court."

Anyway, lots of kids under 13 lie about their age and set up social network accounts – mostly because they're at an age when life is getting very social and social networking is now part of kids' social lives. Responsible social network sites have the age-13 minimum because of COPPA (the Children's Online Privacy Protection Act), which created that somewhat artificial barrier. But – even with the technology that MySpace and Facebook apply to under-age detection – parents are infinitely better at "detecting" their kids' social-Web activities and deciding what's appropriate. I can't imagine a judge who knows anything about social media saying anything different. Looks like Facebook can't either, because, according to the AFP, the site "has dismissed the lawsuit as being without merit and promised a legal battle."

Online privacy: Photos out of control

Baby pictures, family photos, travel pix, party photos, whatever - there can be far-reaching unintended consequences of posting them online, whether you're blogging, social networking, or photo- or video-sharing by phone or computer. Take mom and dad bloggers, for example. They post a lot of photos of their families, and their numbers are significant. Johnson & Johnson's BabyCenter.com, a parenting portal, estimates that there are 5 million mom bloggers in the US, Advertising Age reports. More needs to be said about what can happen to the photos they post.

One mom blogger's serendipitous discovery that a photo of her family filled a Prague grocery shop window is a case in point. An old friend was in the Czech Republic and had driven by the shop, Grazie, when he saw the giant photo of Danielle of the ExtraordinaryMommy.com blog, her husband, and two kids (see her post for illustrations).

As of this writing, nearly 360 people have posted comments about the incident, the vast majority of them shocked that it had happened, some suggesting that she get a lawyer (US? Czech?) and sue the shop so her family could make money on this "advertising"! But the value that can be derived from this experience is the reminder that photos and videos are out of control the instant they're posted online or sent around by phones and other digital devices are good. Even if privacy options are used, people who are allowed access can unthinkingly, sometimes intentionally, copy and paste them elsewhere. It's also a great reminder that the Web is global, and each country has its own laws about intellectual property and privacy rights.

High res, low res. One smart commenter to Danielle's post offered a very likely scenario for what happened in her case:

"Go to google. Type in 'happy family.' Select search results to display huge files, and there you are on Page 1 of the image results. Here's the link. Comes from twittermoms.com, not facebook." Sure enough, a photo with high enough resolution for printing is on that page.

Danielle later wrote that she remembered having posted a very high-resolution version of her family photo in some site other than Facebook, which - when I asked Facebook's spokesperson Barry Schnitt about this - told me "we have not, are not, and will not sell user content." Facebook also says, "the rights you give Facebook are subject to your Privacy Settings." So, through using those settings, if you tell Facebook (and other responsible sites, hopefully) that only your friends can see your photos, it can't share them with anyone besides those people on your friends list. In other words, take advantage of privacy features!

Another helpful tip to family bloggers: While you're posting, post only the lowest-possible resolution, ideally the most common on the Web, 72 dpi (some sites, like Facebook, I believe, don't even allow higher res in order to save space on their servers). That does nothing to stop people from using your photos elsewhere on the Web, but it makes it just about impossible for them to be used in print for commercial purposes, as was the case with Danielle's photo in Prague. It's also a good idea to check photo-sharing sites' Terms of Service to see who has the rights to photos people post in those sites.

Children's privacy. Now for a more disturbing reminder: A teacher and parent's earlier blog post about photos he'd posted of his 4-year-old daughter (well-clothed in the images) had been "favorited" in Flickr. He checked the situation out, and here's what he found: "three pages of favorited photos of preteen girls, most shots in bathing suits or with little clothing. Had I viewed any of these photos individually, isolated from the others, I am sure that this same feeling of disgust would not have come over me. But these photos, viewed together, favorited by some anonymous user, told a very different story."

Note what he did (it might come in handy): "1. Blocked the user. This means my photos would no longer appear in the list. However, if your photos are viewable to the public, this means they can still be viewed, just not favorited. 2. Contacted Flickr: I reported this user, and within a couple of hours, the user was taken down." But that wasn't the end of his story, so check out his post for more.

[Thanks to Anne Bubnic in California for pointing out the "Extraordinary Mommy" incident.]

Related links

Photos stolen: A 17-year-old who "had photographs taken of herself at the age of 14 stolen and used on the cover of a pornographic DVD without her consent"

On mom bloggers: Ad Age recently took an in-depth (video) look at how they're changing the face of media and marketing. The video says mom blogs have altered the marketing practices of some of the country's largest retailers (e.g., Wal-Mart, which supports 24 major mommy bloggers) and have confronted media companies with unexpected new competition. According to blog publisher BlogHer, 8 million women publish blogs (moms are a subset, of course), 22.7 million read blogs.

Views of Net users young & old: Studies

Lots of international (individual and family) Internet-user data has been released via various studies this past week, courtesy of Symantec, Google, Yahoo, and Skype. Symantec's Norton Online Living Report was very family-oriented, having gathered the views of 9,000 adults and young people in 12 countries! Some interesting findings NetworkWorld led with were that "one in five children admitted getting caught doing something their parents didn't approve of," and parents are using a variety of means to keep better tabs on their kids online activities. "The UK, for example, has the highest usage of software to control Internet use," e.g., filtering or online curfews. A few other interesting findings: "1 in 5 online youth are more willing to communicate with their family about touchy subjects online than on the phone or in person" (great idea - let a text message about your concern kick off a calm parent-child conversation); "89% of online adults and 90% of online children agree that the benefits of using the Internet outweigh the risks," but 60% of parents feel kids spend too much time online. In another just-released sponsored by Google, Yahoo, and Skype, 90% of users in France, Germany, and the UK expect their Internet service providers to offer open and unrestricted access to the Web, Reuters reports. And the New York Times reports that a survey conducted in the US by TRUSTe, the privacy nonprofit, found that "more than 90% of respondents called online privacy a 'really' or 'somewhat' important issue." But in a separate story, the Times asks the good question, "When Everyone's a Friend, Is Anything Private?"

Facebook, terms of use & privacy

The biggest news over the holiday weekend besides the economy was the buzz about Facebook's recent terms of service update. Facebook said it was all about consolidating and clarifying "what people could and could not do" on the site (see CEO Mark Zuckerberg's blog), but the ruckus raisers said it was about what Facebook could and could not do with users' content, CNET's Caroline McCarthy reports. I think the update and the ensuing flap are much more about what users can do with and for their privacy - and society getting used to a bottom-up, user-driven, user-controlled medium. Here are two important takeaways on user privacy: 1) If you want to delete your own account and all the personal info therein, you can certainly do so, but Facebook can't automatically delete information you post in other people's profiles (because it's on their wall, not yours); 2) if by using Facebook you "license" the site in effect to own and share your content, its use of your content is subject to how you set your privacy settings, so users need to pay attention to and proactively set those privacy options; and 3) that last point is even more true now that Facebook Connect "allows users to 'connect' their Facebook identity, friends and privacy to any site" and Facebook of course cannot control or protect user info in other sites. In his blog post, Zuckerberg wrote, "There is no system today that enables me to share my email address with you and then simultaneously lets me control who you share it with and also lets you control what services you share it with."

Data privacy: Be extra alert these days

This is timely news, since yesterday the United States, Canada, and 27 European celebrated the third-annual Data Protection Day (see Computer Weekly). Computer security experts are saying that cybercriminals are taking advantage of "the fear and confusion created by tumbling financial markets" with a "massive wave of schemes to steal people's personal data," USATODAY reports. Panda Security told the paper that the number of malicious software programs circulating around the Net "tripled to more than 31,000 a day in mid-September, coinciding with the sudden collapse of the US financial sector." What to be on the alert for: ads, emails, IMs, bulletins, comments, etc. promoting anti-virus programs, get-rich-quick opps, funny or suggestive videos, etc. - basically everything. Just be on the alert and tell your kids it's just good to be skeptical about messages that make something sound really good or interesting. There really is something to "think before you click." [See also "Beware of Facebook 'Friends' Who May Trash Your Laptop" in a Wall Street Journal blog.]

Britain's 'child protection database'

This is what some in the UK call "child protection"? The BBC reports that "a child protection database" containing "the name, address, parents' contact details, date of birth, school, and doctor of every child in England" is being established "to improve information-sharing between professionals working with children." It will be accessible to 390,000 people described in the article as "local authorities, police, health services, and children's charities." Parents will not be allowed to remove their children's information from the database, the BBC adds. Children's Minister Baroness Morgan said "there will be provision for 'shielding' the details of young people facing risk if they were identified," the BBC reports. It says Conservatives attacked the £224m ($315.5 million) database as "another expensive data disaster waiting to happen," leading one to wonder if anyone remembers that UK database security breach in 2007 that jeopardized the personal information of "virtually every child in Britain" (see my item on this). [Thanks to QuickLinks for pointing this news out.]

Teacher's tough Facebook-privacy call

An elementary school teacher in Charlotte, N.C., faces the possibility of being fired for her comments about students in Facebook, the Charlotte Observer reports. Among the activities listed "teaching chitlins in the ghetto of Charlotte." Her lawyer told the Observer that she thought the comment could only be seen by her Facebook friends. So either she didn't fully understand how to use the site's privacy features or a "friend" made her comments public. In any case, her story "is now part of a national debate that pits teachers' right to free expression against how communities expect them to behave," according to the Observer. Though this is more about judgment and discretion than technology, it does point to where technology does have impact: the invisible audiences of the social Web, as mentioned by social media research danah boyd in a 2006 interview. This story makes clear that it isn't just online kids who need to be thinking about who sees what they upload to the social Web.

Invisible publics

In this digital-media age, teens' invisible audiences are many: relatives, employers, marketers, school officials, government agencies, and possibly even stalkers. Another way to think of some of these publics - not just marketers - is as "data miners," mining on an individual level (mining individuals' private thoughts made public) as well as mining profiles in aggregate. Yet, I'm seeing it said in a number of research papers and analyses that teens are either not aware of these invisible publics or choosing not to care. In a paper in FirstMonday - "A privacy paradox: Social networking in the United States" - Susan Barnes looks at the implications, asking if social networkers really have any privacy. She mentions privacy scholar Oscar Gandy’s "metaphor of a Panopticon - an architectural design that allowed prisoners to be monitored by observers" and writes that "online social networks allow for high levels of surveillance.... Social-networking sites create a central repository of personal information. These archives are persistent and cumulative." New information is not replaced in this global archive of innermost thoughts; it's just moved down. So, instead of the well-used definition of privacy that might make teens' eyes glaze over, parents and teens might consider this as worth protecting: "Privacy isn't just about hiding things. It's about self-possession, autonomy, and integrity." Barnes is quoting Simson Garfinkel, author of Database Nation. Parents, note that many teens already practice this approach by adding fictional elements to their online profiles (see "Fictionalizing their profiles"). Barnes makes this point too, while pointing to potential social, technical, and legal solutions. I agree with her that "it will take all levels of society to tackle the social issues related to teens and privacy," and that "awareness is key."

Related links

The Digital Natives Project's Diana Kimball takes you (anyone) on a "field trip" through Facebook's privacy controls.

I'd be very interested to know - via anne(at)netfamilynews.org - if what you hear from your kids when together you dig into this subject (in a single family discussion or over time) is not the rough equivalent to: "Young people today are already developing an attitude toward their privacy that is simultaneously vigilant and laissez-faire. They curate their online personas as carefully as possible, knowing that everyone is watching - but they have also learned to shrug and accept the limits of what they can control." That's from Clive Thompson in the New York Times Magazine.

Who'll see what I post 20 yrs from now?

That's a question that needs to hang around 24/7 in the back of social networkers' and bloggers' minds, because - according to the authors of just-published Born Digital (Basic Books, 2008) - "at no time in human history has information about a young person been more freely and publicly accessible to so many others.” This comes as no surprise to many parents, but few of us know the reasons. Here's one good one from authors John Palfrey and Urs Gasser: Teen "social norms suggest that more information about yourself will attract more friends." So a few interesting questions you could ask your kids in a dinner-table conversation (from a blogger in the Digital Natives blog) are: Will sharing their thoughts and everyday life online make them more popular? (Remember, it's normal if they feel that way - this is a commonly held view among youth - just explain you read it was a social norm and are honestly interested in your child's take on it.] "Do [they] understand the gravity of what and how much information [they] expose of themselves on the Internet?" And do they "ever take into account that [their] information is owned by the companies offering the services [they] are using? (Parents and teens can look at any social site's Terms of Service for information on how users' own content might be used; hopefully the site enforces them.)

Jury duty & social-network profiles

Trial consultants are getting a lot of help from social-networking profiles when they're picking jury members these days, the Los Angeles Times reports. They learn how prospective jurors vote, spend money, "if they've spoken out on controversial issues," and what skeletons might be in their closets, er, profiles. "Consultant Anne W. Reed of the Reinhart law firm in Milwaukee finds the Internet most helpful when vetting younger jurors," the Times adds. She "thinks online research can spare shy jurors the discomfort of answering probing questions in open court, but she said it had to be done discreetly to avoid any sense of invaded privacy." Hmm - what's asked in an open courtroom is more of a perceived invasion than what's dug for in blogs and social sites.

Facebook plugs security hole

The security issue was people being able to view some members' private photos using the mobile version of Facebook and the Firefox browser, CNET reports. "Basically, someone who knew the serial number of a Facebook user, which is easy to get, and knew a trick for rejiggering the URL, could see private photos of that user," according to CNET. Facebook says it fixed the flaw within hours of being notified. It also plans soon to launch a program to verify the security of third-party applications (those mini applications users download to add games, slideshows, playlists, and other features to their profiles) - an update, apparently, over the statement from a Canadian consumer privacy group in the Toronto Globe & Mail that Facebook wasn't "doing enough to screen third-party developers to ensure they're not phishing for information or trying to commit identity."

Congess eyeing online privacy

Seasoned bloggers, social networkers, and mobile-phone Twitterers pretty much know their lives are very public, but they're also concerned about their privacy, the New York Times points out. "Those same questions of data collection and privacy policies are attracting the attention of Congress, too," the Times reports, so lawmakers are doing some information-gathering: "On Aug. 1, four top members of the House Committee on Energy and Commerce sent letters ordering 33 cable and Internet companies, including Google, Microsoft, Comcast and Cox Communications, to provide details about their privacy standards. That followed House and Senate hearings last month about privacy and behavioral targeting, in which advertisers show ads to consumers based on their travels around the Web. One apparent result, the Wall Street Journal reports, is that "Yahoo Inc. said it will allow users to stop receiving targeted ads based on factors like what Web pages they visit or other ads they click on." The Journal added that "Google, Microsoft and a number of Yahoo's competitors already allow customers to opt out" of such ads.