If privacy is dead . . . what do we do now?
I recently spoke to a Georgetown University class on Information Privacy and Security. The professor (and my friend), Ned Moran, specifically wanted me to cover how enterprise-wide information sharing tools like Deloitte’s D-Wiki and A-Space impact privacy, collaboration, and security. The focus of the class seemed to be on the purpose of the Intelligence Community and the protection of U.S. citizen rights. If I ever doubted the value of my Master’s degree, it was proven last night. In any event, we had a lively discussion and I got to hand-out a few pieces of SWAG.
As I reflected on my talking points for this class, I don’t know if I think that privacy is dead, so much as I think our notions of privacy are changing. These changes are, however, occurring at a pace that we do not yet fully comprehend.
Cyber Space is About to Run Out of Space?
In November 2007, Macworld put out this:
User driven content, Web 2.0, the next evolution of the web, (whatever you want to call it) continues to grow at an exponential rate. That means that people and organizations will have more data to cull through and understand than it has ever known. The population of, mining, and organization of this data has been largely crowd-sourced. That’s great for the open Internet, but not so easy for companies or governments trying to reach their own conclusions about the massive amount of data being exposed. What we are discovering are that organizations are developing their own internal knowledge management systems in order to understand this volume of data. A-Space and D-Wiki are two prime examples.
A Word About A-Space
So what is A-Space? According to recent media reports, A-Space is “Facebook” for spies. This blog at ebiquity seems to most accurately describe what A-Space is, but lacks some critical details. From what I can tell, A-Space is the combination of a social networking solution as well as a workspace solution. This doesn’t appear to be a replacement for Intellipedia. (Just like Facebook is not a replacement of Wikipedia.) Unfortunately, due to its high level of classification, not much is publicly disclosed about A-Space. What we do know is that the Intelligence Community deployed A-Space in an attempt to draw a closer connection between data and the people who need it.
A Word About D-Wiki
D-Wiki is Deloitte’s internal corporate wiki environment. It is no different than other knowledge management tool. It serves as a complement to our own social networking solution called D Street. D-Wiki, when stripped of all its window dressing, is a workspace that connects people to the information they need to do their job. In many ways, this is the purpose of A-Space. The difference is that anyone in the company can change the content in D-Wiki. Reports seem to indicate that in A-Space there is some data that can not be changed by users. Being a pure enterprise-wide wiki, D-Wiki does not lock-down or secure data in this way. Simply put, D-Wiki is an effort to connect people to data.
Each is Necessary, One Is Not Sufficient
In order to organize all this data you need a means to connect people-to-people and connect people-to-data. The combination of a social networking tool and a data storage device make that data discovery process easier and more transparent. With transparency comes all the power of making data visible and all the perils. Specifically, the place of people’s data and their privacy rights becomes the most difficult component of this information processing equation.
Closing Questions
What sort of “reasonable expectation of privacy” do people have when they voluntarily submit information to corporations or governments? Even though information may be submitted voluntarily, re-purposing or remixing that information may not be in line with the intent of the submitter.
What sort of liabilities surface in a totally web-enabled world? What happens when data which is secured properly is still exposed due to the enhanced skills of the hacker community? Where does corporate liability begin and end when all reasonable steps have been taken to protect data?
These are the questions that keep corporate attorneys awake at night. Why? Because the law has yet to come to a strong conclusion in this area. The legal lanes in the road are being drawn one litigation at a time.
Student asked for the site that collected all known and disclosed data breaches since 2005:
http://www.privacyrights.org/ar/ChronDataBreaches.htm#2
[...] na capa: Brian Drake bb_bid = “9748″; bb_lang = “pt-BR”; bb_keywords = “smartphone, n95, netbook, notebook, [...]