Or, if you work at cer­tain com­pa­nies, you do. Or could.

I had some inter­est­ing con­ver­sa­tions about pri­vacy at ALA’s Mid­win­ter Meet­ing, which got me think­ing about which com­pa­nies prob­a­bly know the most about me.

I’ve thought about my own “walled gar­den” a lot and worked through what I’ll share pub­licly, pri­vately, and pre­tend pri­vately. Most things I share pub­licly, and you can see a list of many of the sites I use on my Friend­Feed account. It’s not dif­fi­cult to piece together infor­ma­tion about me by track­ing these sites, but over­all I’m more care­ful with spe­cific things like loca­tion information.

The rou­tine I’ve worked out is that Face­book is my only truly pri­vate post­ing area, although I do occa­sion­ally post some pic­tures for “friends and fam­ily only” on Flickr. Since I still don’t trust Face­book to not re-publish or claim own­er­ship of “pri­vate” con­tent (like pic­tures and videos), I don’t post any­thing orig­i­nal there except sta­tus updates and com­ments on friends’ updates. Even then, I don’t kid myself that those things are truly pri­vate (they’re the “pre­tend pri­vately” I men­tioned above). That’s why I’ve become a lot more selec­tive about who I’ll friend there, and why I post some Foursquare loca­tion updates there (rather than on Twitter).

So if you can find out so much infor­ma­tion about me pub­licly, which com­pa­nies know the most about me? It’s been a very thought-provoking exer­cise to come up with the fol­low­ing list. I tried to rank the com­pa­nies in order of how much daily infor­ma­tion I think they’re accu­mu­lat­ing about me, but it’s tough to decide if “what I’m eat­ing” equals “what I’m watching.”

• Cell carrier/cellphone maker — they know my loca­tion at any given time, plus all of the data that goes through my phone (and I don’t have a land­line, so every­thing goes through my cell)
• Cable com­pany = they know what I watch on TV and what I surf on the net
• Bank = they know most of the places where I spend my money
• Credit cards = they know a lot of places I spend my money
• LISHost — hosts my web­site and email, which would include a lot of receipts for online purchases
• Google = knows most of the things I search for and many things I read (via <http://reader.google.com/”>Google Reader); even though I don’t use Gmail, any email I send to Gmail users is in their archives
• Ama­zon = knows about a lot of things I pur­chase and read (includ­ing via my Kindle)
• Face­book = knows a lot about what I say about myself via sta­tus updates and who my friends are
• Friend­Feed (now owned by Face­book) = aggre­gates a lot about what I say about myself pub­licly online, plus which con­ver­sa­tions and peo­ple I watch on the site
• Net­flix = knows a lot about what I watch
• Foursquare = knows some about where I am/go
• Flickr = knows a lot about where I am/go, who my friends/contacts are, and what inter­ests me
• Twit­ter = knows my net­work and who I inter­act with the most
• Health care provider = I’m lucky that I’ve been rel­a­tively healthy, but my provider(s) know about any problems
• Deli­cious = knows a lot about sites I’ve vis­ited and want to remember
• Dopplr = knows my trips and some of my friends
• Ever­note = knows about some things I want to remem­ber, although I haven’t put much per­sonal infor­ma­tion there yet
• Illi­nois Depart­ment of Trans­porta­tion (IDOT) = I don’t drive nearly as much as I used to any­more, but IDOT knows when I go on tollroads

Obvi­ously I’m okay with what I share pub­licly, and in many respects, there have been enor­mous ben­e­fits to doing that, but I have very lit­tle con­trol over what these com­pa­nies do with the infor­ma­tion they’re col­lect­ing about me, and I don’t trust any of them. I think the only com­pany I do trust is LISHost, which hosts my web­site and email (thanks, Blake!). How much do I really care that Face­book keeps my sta­tus updates for­ever, whereas my email provider keeps my more pri­vate mes­sages? And how much do I worry that my pri­vate email still goes through my cable provider’s net­work to get to LISHost?

I’m try­ing to rec­og­nize which com­pa­nies are col­lect­ing ambi­ent infor­ma­tion about me, with­out me proac­tively post­ing any­thing. I’m sure I’m miss­ing some, though. If you’ve thought through this your­self, what’s not on my list?

Tags: blogpost, privacy

I’ve been think­ing a lot more about online pri­vacy for the last cou­ple of years, so I was already pre­pared for the cur­rent con­tro­versy over Facebook’s change in its Terms of Ser­vice, and it wasn’t much of a shock to me. I’ve never really posted pic­tures there, imported my own blog posts, or posted links to any­thing that wasn’t already pub­lic some­where else, because their Terms of Ser­vice always said they owned it and could do what­ever they wanted with it. Even though they seem to be back­ing off and revert­ing to the pre­vi­ous TOS, I hope every­one real­izes that noth­ing has really changed because they can imple­ment the same thing in the future at the drop of a hat.

One of the biggest ques­tions that should come out of this is do you want Face­book (and other social net­works) to man­age your online iden­tity for you and your chil­dren? Just as you should be tak­ing respon­si­bil­ity to shred your credit card receipts, check­ing on your credit reports, etc. to man­age your “real world” iden­tity, you should also think through how you man­age your online iden­tity, because ignor­ing the prob­lem and just not hav­ing an online iden­tity can actu­ally back­fire on you. Does every­one have to blog? Heck no, but there are smaller steps you can take.

I first started tak­ing my online iden­tity more seri­ously after read­ing an arti­cle titled Say Any­thing in New York mag­a­zine three years ago. I still find it fas­ci­nat­ing, and I’ve come to appre­ci­ate it even more after hav­ing a cou­ple of pri­vacy inci­dents occur in my own life.

The first inci­dent caused me to back­track on pri­vacy and limit access to many of my accounts to just friends and fam­ily, tak­ing a more tra­di­tional approach to the issue. I felt like I needed to shut down open access to my life in order to pre­serve my iden­tity, so I also cut back on the num­ber of peo­ple I friended and became a lot more selec­tive. I became like the father in the New York arti­cle, won­der­ing why I would ever make those things public.

Dur­ing the sec­ond inci­dent, how­ever, it turned out to be very for­tu­nate for me that I already had a well-known iden­tity online. In that respect I’m espe­cially lucky I started early because I don’t have a very unique name, “Jenny Levine,” made worse by the fact that I now share that online name­space with an actress.

Now I com­pletely under­stand the view of the teenager in the arti­cle, that it’s bet­ter to con­trol your own iden­tity than to let some­one else cre­ate one for you. I still keep Face­book sep­a­rate and lim­ited to friends, and I still post most per­sonal pic­tures for friends and fam­ily only, but every­thing else I share is avail­able pub­licly because it helps main­tain my iden­tity online. It also means I don’t have to strug­gle as much with who can see what, and how much, and should I friend them back, and all of the other ques­tions that come with par­tic­i­pat­ing in social networks.

I think the issue of hav­ing some sort of pub­lic, online iden­tity will become even more impor­tant in the future as kids grow up with dig­i­tal dossiers that – in many cases — their par­ents have cre­ated for them since birth. In fact, I think we’re going to see a trend in which savvy, edu­cated par­ents give their chil­dren strange®, unique names so that they can eas­ily reg­is­ter a domain name for them. That way, even a minor pres­ence like a blog or lifestream will always come up as the first result when some­one searches for the kid, either to com­bat false infor­ma­tion or pro­vide a pos­i­tive image (eg, to a poten­tial employer).

As the child grows up, s/he can take over the online pres­ence and pop­u­late it him/herself, but at least it’s already estab­lished so that some­one else can’t fake one. Who knows how long we’ll use domain names, but I think this will be an issue for at least the next decade, what­ever form it takes, and I fully expect to see a rise in iden­tity bullying.

Iris Jas­tram has writ­ten a great post titled Facebook’s Dev­il­ish Con­tract, explain­ing her inter­nal debate over what to do about her pres­ence on social net­works. I par­tic­u­larly love her use of the term the “social time out chair,” which is where you put your­self if you don’t main­tain a pres­ence on these sites.

As she notes, it’s not really an option for many peo­ple to opt out of social net­works alto­gether. Bet­ter to post things to your own site and par­tic­i­pate at a level you’re com­fort­able with, because I can tell you from expe­ri­ence that it could actu­ally hurt your iden­tity and rep­u­ta­tion if your response to these issues is to just ignore them or take your ball and go home. Even if you quit Face­book, you have to be vig­i­lant else­where. On the inter­net, no one knows you’re a dog, but they also don’t know that you’re you, and at this stage of the game, any­one can be you.

Tags: children, facebook, identity theft, online identity, privacy, reputation

Michael Stephens has a great post describ­ing his Ten Trends & Tech­nolo­gies for 2009, and nor­mally I wouldn’t even point to it because it’s get­ting a lot of link love else­where. If by some mir­a­cle you haven’t seen it yet, go read the whole thing, but I want to expand on one par­tic­u­lar piece, cloud com­put­ing, because librar­i­ans need to also dis­cuss the flip side of the ben­e­fits that Michael describes. As he notes, Michael isn’t the first librar­ian to talk about cloud com­put­ing, but I haven’t seen as much dis­cus­sion of the poten­tial con­se­quences of it, espe­cially dur­ing the tran­si­tion we’re in right now where we can’t totally trust the cloud.

Here’s the part of Michael’s post that jumped out at me.

“As reg­u­lar folks store more data and rely more and more on the cloud, librar­i­ans would be well-served to spend some time pon­der­ing what this means for ser­vices and access. As movies and music become down­loads from the great juke­box in the sky, what hap­pens to the AV depart­ment? As doc­u­ments and data find their way to the ether, how can we pro­vide a means to use them? Some impli­ca­tions from the “Cloud” post:

* Under­stand con­verged devices are every­where.
* Allow unfet­tered access to the cloud.
* Under­stand that the cloud may also be a valu­able infor­ma­tion resource.
* Uti­lize the cloud to save time and money.

That last one is impor­tant to me. Why can’t we use Google Docs with our users for pro­duc­tiv­ity instead of pay­ing for bloated soft­ware suites? Why can’t we show our users how to save to the cloud so they can access their stuff from anywhere?”

I agree with Michael’s points, but I think we have a crit­i­cal role in help­ing users with those third and fourth impli­ca­tions. One of the keys to cloud com­put­ing right now is syn­chro­niza­tion. Very few peo­ple I know com­pletely trust their data to the cloud, and they have back­ups at home or they syn­chro­nize across mul­ti­ple devices so that if one ser­vice fails, they haven’t lost everything.

The prob­lem with this approach at this stage is that early adopters know how to do this, but that’s a pretty small per­cent­age of the pop­u­la­tion. So while we can def­i­nitely work with patrons using Google Docs, I think the more impor­tant role for libraries right now is to teach users about these types of ser­vices, in no small part so that we can help them under­stand the poten­tial con­se­quences. Because if you teach a patron to use an online doc­u­ments site and she puts her resume there and some­thing goes wrong with it, that’s a very real data loss for that person.

So we need to teach peo­ple a few dif­fer­ent things, besides just how to use these tools.

1. There are mul­ti­ple options
   I worry when I see librar­i­ans pro­mot­ing only Google Docs. I know Michael was using it as just one exam­ple, but I’ve seen oth­ers sing its praises with no men­tion that any­thing else even exists. Sure it’s easy to use and it works really well, but would you feel com­fort­able pro­mot­ing only Microsoft Office Live Docs to your patrons? Most librar­i­ans I know would be uncom­fort­able about doing that, because they see Microsoft as being a monop­oly inter­ested only its bot­tom line, but Google isn’t fun­da­men­tally dif­fer­ent. They’re actu­ally sell­ing ads with their ser­vices, and their ulti­mate moti­va­tion is rev­enue — never for­get that.
    
2. How to syn­chro­nize or backup those files
   Although this will change over the next few years, a very small per­cent­age of the pop­u­la­tion has a smart­phone, and even fewer actu­ally use it to syn­chro­nize con­tent to the cloud. A lot of peo­ple know about and use flash dri­ves now that prices on them have dropped and stor­age size has gone up, but I’ve met enough folks who think putting some­thing on the inter­net means it’s per­ma­nent that I strongly believe we need to help teach our users this isn’t true. So if we teach how to use cloud tools, we need to teach that there can also be consequences.

   Last year I had a dis­cus­sion with Eli Neiburger dur­ing which he made the inter­est­ing point that kids today expe­ri­ence their first data loss at a much younger age than we ever did. That really made me stop and think for a minute about just how much we aren’t teach­ing our chil­dren about tech­nol­ogy, and this is an area where we can help both kids and adults, if we rec­og­nize this and incor­po­rate it into our media flu­ency role.
    

3. How to think about pri­vacy in this con­text
   What does it mean to put your resume on Google Docs? I’m not sure we’ve really thought through that ques­tion. If you use Gmail (so Google is serv­ing up ads based on your mes­sages), the Google search engine (so the big G knows what you’re search­ing and is show­ing you ads based on that), your cal­en­dar is in gCal, and you use gTalk (just to name a few Google ser­vices), that means Google has assem­bled a pretty good pic­ture of you. How com­fort­able would you be if all of that data resided with Microsoft? Yahoo? The gov­ern­ment? Your ISP? Your employer? A com­pany like Fox that’s owned by Rupert Murdoch?

   This is impor­tant stuff, because these com­pa­nies change their poli­cies at the drop of a hat, and users have no say. For exam­ple, if you’re an iTunes cus­tomer who paid to upgrade your DRM-restricted music to “unre­stricted” MP3s last week, this week we found out that those “unre­stricted” and “open” files from Apple con­tain per­sonal infor­ma­tion about you. You can now be eas­ily iden­ti­fied by that file, so if it lives in the cloud and some­thing hap­pens to it (like some­one steals a copy and puts it on the open web), are you liable for that copy­right vio­la­tion? Granted, the chances of that hap­pen­ing are pretty slim, but how many users are even think­ing about this? What does it mean to have personally-identifiable infor­ma­tion embed­ded in data files and liv­ing in the cloud? We tend to think this stuff is just secure out there and that these kinds of things won’t hap­pen to us, but it’s only hind­sight that is 20/20. What if other com­pa­nies started embed­ding per­sonal infor­ma­tion about you in files — what would your recourse be? And when it’s a free ser­vice, you don’t have a con­tract or ser­vice agree­ment to fall back on when prob­lems arise.

   I don’t con­sider myself a con­spir­acy the­o­rist or even par­tic­u­larly para­noid, but this is one rea­son I don’t use Gmail very much. If you’re read­ing this, you likely already know all of this is an issue, and you have the capac­ity to make that deci­sion for your­self. But a large per­cent­age of your users prob­a­bly don’t.

Teach­ing crit­i­cal skills about the cloud will become just as essen­tial as teach­ing how to eval­u­ate a web­site, even more so as prod­ucts con­tinue the march to becom­ing ser­vices. The ease and con­ve­nience of access­ing this stuff via any com­puter, includ­ing a cell­phone, is push­ing peo­ple to do things they would never do in the “phys­i­cal” world. Imag­ine trust­ing some­one you don’t know knock­ing on your door and say­ing they’ll take good care of your pri­vate data and access to your com­puter. “Trust me.” Seriously?

I take advan­tage of some of these ser­vices, too, so I’m just as guilty, but I’ve become far less trust­ing of syn­chro­niz­ing whole fold­ers to the cloud, and I’m more care­ful about what lives there. I’ll prob­a­bly start password-protecting more files, too. It’s not a per­fect solu­tion, but I’m start­ing to think more about this stuff and won­der how I can install my own syn­chro­niza­tion ser­vice, rather than rely­ing on a third party. I’m in the minor­ity, though, and it’s time we rec­og­nize as a pro­fes­sion that when we iden­tify these types of trends, it’s not just for our own ben­e­fit. We should see this for what it is — an expan­sion of our tra­di­tional role to teach peo­ple how to use infor­ma­tion well, and we should lead, not just with good mod­els, but with help under­stand­ing and deal­ing with the ram­i­fi­ca­tions of all of this.

Tags: cloud computing, google docs, privacy, trust

Notes from John Palfrey’s talk for the MacArthur Foun­da­tion at Google Chicago

point of the book Born Dig­i­tal was to bust some of the myths and look at dif­fer­ences in behav­ior between dig­i­tal natives and peo­ple like their grandparents

shouldn’t treat every­body the same way just because they have the same tech­nol­ogy — may not use it the same way
how they define this spe­cific group of kids (not all mil­len­ni­als) — born after 1980, access to the tech­nol­ogy (only 1 bil­lion peo­ple), skills to use it

5 char­ac­ter­is­tics

1. “I blog there­fore I am“
express their iden­tity online and offline — they don’t dis­tin­guish between the two
avatars as another ver­sion of iden­tity
one dif­fer­ence is “sub­scribe to *me*”

2. mul­ti­taskers
a lot of debate over mul­ti­task­ing and what it is, but they’re doing mul­ti­ple things at once
exam­ple of game in which boys tried to main­tain as many IM con­ver­sa­tions with as many girls as they could at once

3. con­sumers to cre­ators
inter­act with dig­i­tal for­mat — seems self-evident, but pre­sump­tion is imme­di­ate access because dig­i­tal (eg, dig­i­tal cam­era vs a dis­pos­able one); movie the­ater vs YouTube, print vs search­able text
pre­sump­tion of media in dig­i­tal form and that it’s social and shared

held a con­test to design the logo for “Dig­i­tal Natives” project at Har­vard Law School — got 136 entries (32 from the kid who won), just for the glory (no prize)

4. mash up dif­fer­ent media, putting dif­fer­ent forms of media together

comes down to a series of tech­nolo­gies — RSS, Google Docs, light­weight col­lab­o­ra­tive tools

5. an inter­na­tional per­spec­tive
“couch­surf­ing” Google Maps mashup — 89,000 friend­ships created

(I think these were the five char­ac­ter­is­tics, but I wasn’t pay­ing atten­tion to num­ber­ing until later)

Issues: Secu­rity

secu­rity — Inter­net Safety Tech­ni­cal Task Force (Texas is the only state not par­tic­i­pat­ing in this!)
“stranger dan­ger” is num­ber one fear
data shows kids are not any less safe than they were 10 years ago (fewer inci­dents), although some kids do meet their attack­ers online (it’s become a pub­lic park in some ways)

bul­ly­ing is borne out by the data, though — clearly an increase in this, although maybe it’s more that adults can see it now, as opposed to in the past (it’s asyn­chro­nous and per­sis­tent now)

social net­works:
– unin­tended audi­ence
– replic­a­bil­ity
– per­sis­tence
– search­a­bil­ity
– unin­ten­tional contributions

adults on dat­ing sites are just at bad as post­ing too much per­sonal infor­ma­tion as kids are on myspace, etc.

his big fear now is “dig­i­tal dossiers,” which start as early as sonograms

side­bar: what is a book? why take dig­i­tal infor­ma­tion about dig­i­tal behav­ior and put it in print?
didn’t write the book for kids, because they won’t read it
the book started as research posted in Base­camp
put chap­ters on a wiki

Issues: Pri­vacy

kids like 3–5 minute videos, so this sum­mer they gave some money to a few interns and had them remake each chap­ter into a video that they then put on YouTube
showed the video on “dig­i­tal dossiers”

Issues: Intel­lec­tual Property

copy­right piracy — notion of “stick­ing it to the man” still an excuse
kids that did get music from iTunes used gift cer­tifi­cates (often from par­ents), so they were actu­ally kind of down­load­ing it the same way — for free

remix issues — enor­mous con­fu­sion on this score
once a kid sees the artist, or once they become a cre­ator, they start to think dif­fer­ently about piracy
but there’s an enor­mous range of under­stand­ing about this
played the video of the piracy chapter

Issues: Cred­i­bil­ity

mis­in­for­ma­tion, cheat­ing, hid­den influ­encers, blogs, wikipedia
gen­er­ally, kids don’t go to the library unless forced to go there
“I went to the library on a field trip once“
Har­vard libraries are packed but with kids using lap­tops, not books

infor­ma­tion over­load — is it real? can you get addicted to this stuff?
thinks we have to take seri­ously the idea that you need fil­ter­ing tools for all of this

Oppor­tu­ni­ties

there are cor­re­spond­ing ben­e­fits and oppor­tu­ni­ties in each of these prob­lem areas
cre­ativ­ity, media lit­er­acy, social pro­duc­tion, semi­otic democracy

a world where peo­ple can remix cul­ture and his­tory — it’s much more pow­er­ful out­side the US but still impor­tant for democ­racy here

knowl­edge cre­ation, equity/democratic, participatory

empow­er­ing indi­vid­u­als, access to infor­ma­tion, infor­ma­tion creation

digitalnative.org
join the Face­book group

ended book on the chap­ter on activism — some young peo­ple are very involved with using these skills and tools to change the world and par­tic­i­pate
Obama cam­paign as an example

have to choose how we embrace these things while fight­ing the worst of them

Ques­tions

- what was the cut­off point for the upper age of kids since those born in 1980 would be in grad­u­ate school now
– older kids were actu­ally more sophis­ti­cated and thought­ful about issues like pri­vacy, show­ing that kids do learn; big­ger con­cern might be the gap in the under­stand­ing of par­ents and teachers

- par­ents who didn’t go to col­lege have less expe­ri­ence in this area for edu­cat­ing kids about this stuff or show­ing them how to be cre­ative with these tools
if this is a cru­cial life skill, then we need to rethink this

- atti­tudes from the data about news?
– they asked a lot of ques­tions, and kids don’t read the NYT cover to cover or watch the evening news (this is a big gen­er­a­tional dif­fer­ence — every­body doesn’t get the same truth any­more); they graze for head­lines (which might be through RSS, a Face­book feed, on a mobile device, etc.) — get­ting lots and lots of facts; a smaller num­ber of them would “deep dive” and click on the link; fewer still engaged in a feed­back cycle (post it, cri­tique it, etc.); if the net effect is that we have every­body get­ting a shal­low ver­sion of the news & the most sophis­ti­cated ones are doing the most with it (tri­an­gu­lat­ing data, etc.), then that’s prob­lem­atic; asked if any­one has ever edited a Wikipedia page — only a few had ever done edits, and they were usu­ally to fix typos — didn’t find this recre­ation of the knowl­edge store

- did your research show what might hap­pen when dig­i­tal natives become old enough to change our IP law, fair use for exam­ple?
– copy­right law used to mat­ter only to map mak­ers, etc., but now it mat­ters to every­one; long way from being changed

Tags: born digital, digital dossiers, digital natives, john palfrey, liveblog, privacy