http://www.priv.gc.ca/media/nr-c/2009/nr-c_090716_e.cfm
Related to this issue, I have a question. How do you convince the
"average user" that this stuff matters?
To truly convince the "average user" that this stuff matters - it is
possible that they, or somebody close to them, needs to be burned by it. To
grow support for the cause, it might be more effective to convince the
"average user" that they aught to be compensated for a portion of what their
aggregated information is (or could be) sold for.
As exhibited, among other things, by curtains and other window coverings
installed in every home - there is clearly a desire for some level of
privacy. For whatever reason, it doesn't seem to have become common to
translate the same level of desire for privacy into the online world.
Maybe the online world is still abstract enough that the same level of
privacy isn't seen as necessary.
I could be mistaken, maybe there IS a strong desire for online privacy -
but the average user has grown accustomed to accepting and working within
the limits of the software or application they have. These social networking
sites seem to offer some (if lacking granularity) level of access control:
'public', 'friends', 'family' groups - and people DO take advantage of
this offering by assigning individuals the proper group(s).
The user assumes these access controls will function in the way that the
user expects them to - which does not always match how the actual
implementation works. The case of facebook applications is a good example
where the user's expectations do not match the actual implementation.
What kind of permissions does the user think they are granting to the
application itself?
Would the user, if asked, grant 'friend' access to the application's
developer?
Maybe the users would have a better conceptual understanding of what the
mumbo-jumbo is about if the developer was actually added to their friends
list when an application is installed.
I've had more than one friend tell me "I don't care if Facebook shares my
info - I don't do anything that isn't public knowledge anyways."
I find this argument is almost, but not quite, like the saying "I don't do
anything illegal, so that law/policy/procedure doesn't affect me".
An interesting discussion written by Daniel J. Solove - "'I've got Nothing
to Hide' and Other Misunderstandings of Privacy"
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=998565
It primarily focuses on government surveillance - but some of the thoughts
are applicable here.
_______________________________________________
clug-talk mailing list
[email protected]
http://clug.ca/mailman/listinfo/clug-talk_clug.ca
Mailing List Guidelines (http://clug.ca/ml_guidelines.php)
**Please remove these lines when replying
