Do We Need an FDA to Protect Our Data?: Page 2

(Page 2 of 2)

If you had an advertiser looking to target people with my demographic, could LinkedIn sell them my network graph, complete with contacts (unprotected by the privacy policy)? In other words, if you want to target people in Josh’s network, would that be legit as long as Josh’s “personally identifiable information” was protected? Not clear at all.

Wait, there’s more. Let’s look at the LinkedIn copyright policy, which seems to abrogate, or at least expand the loopholes, of the privacy policy. Because in the copyright policy we find that users grant LinkedIn a blanket release of copyright so that LinkedIn can:

reproduce, represent, adapt, translate, digitize, use for advertising purposes, whether commercial or non-commercial, to sublicense or to transfer the content concerning each User (including information, pictures, descriptions, search criteria, etc.) over all or part of the Services and/or in any mailings of LinkedIn and in general through any electronic communication media (email, SMS, MMS, WAP, Internet, CD Rom or DVD).

Anyone worried yet? Okay, if you’re not worried, at least admit that you’re confused.

My problem with LinkedIn, and every site that captures free data, and that includes the Craiglists and eBays and Facebooks, is not whether I am right or wrong, but that I can never tell if I’m actually protected or not, and won’t be able to tell until something horrible happens. Whereupon my recourse will be some ex-post facto remedy, which will only remedy things for the next guy, not me.

This brings us to an FDA for data. Most consumers of online services are as qualified to judge the safety of these services as most consumers of pistachios are qualified to judge if there is salmonella in their nuts. And, as new online services sprout minute by minute, promising free services, the danger that consumers will become the unwilling victims of fraud, deceit, and worse (much worse) grows exponentially.

Especially vulnerable to this data problem are children – who, not coincidentally, have a similar vulnerability to the kinds of problems in the food and medicine chain that the FDA is trying to wipe out.

Sexual predation, cyber-bullying, and assorted scams are all the more easier to perpetrate in places like Facebook precisely because its audience is young, naïve, and gullible, and doesn’t understand how to protect their data and themselves.

This lack of protection is even more scary when you talk to the kids on these services who have no concept of the need to be protected whatsoever – the parallels to the insouciance of teenagers about other risky behaviors makes me convinced they are, like most teens, assuming they are immortal until proven otherwise. And, as the grownups of the world, it’s our job to remind them that otherwise is unacceptable.

Now, in the spirit of the ‘90s, there is an industry group that purports to do that self-regulation that all industry groups do as a means to stave off the grim regulator. That would be the aforementioned TRUSTe.

Too bad this organization is just so much window-dressing: Its website proudly proclaims that it has logged and resolved privacy complaints numbering in the hundreds! Imagine the flood of complaints pouring in.

For anyone who knows the extent of cyber crime, cyber crime incidents – of which fraud related to privacy violations are a major component – number in the hundreds of thousands, and are growing steadily. So much for TRUSTe’s impact on the problem.

Also in the spirit of futility, there is a government agency called OnguardOnline.gov that attempts to inform the public about cyber-security.

It also points out, in an ironic style unique to the government (as in accidental), the problems with enforcing any of the zillions of crisscrossing regulations that attempt to make sense out of these issues. While the Federal Trade Commission actually maintains OnguardOnline, its “about us” page shows that, including the FTC, there are 10 agencies involved in dealing with these issues, not to mention the 16 or so non-governmental organizations that are also part of the OnguardOnline effort. (Of which, curiously, TRUSTe isn’t one.)

In other words, 26 different agencies and NGOs are there to make sure that no unified, coherent, and workable policy can ever emerge that will actually make laws and regulations, much less enforce them, in a unified and consistent way. So much for that solution.

Whereupon, in the spirit of Upton Sinclair, whose muckraking journalism helped create the public outcry that led to the formation of the FDA, I submit that it’s time we take data protection out of the realm of futility and treat our vital data like a food or a drug that, if used correctly, can provide huge, essential benefits. And if used incorrectly, can harm us and society in ways we are only just beginning to understand.

What I am particularly hopeful for is that such an agency would actually be able to enforce laws that make it a crime to misuse or abuse data and privacy.

Because right now, if you even are aware that the sanctity of your data has been breached, you have nowhere to go to resolve the problem: local police don’t care, the FBI doesn’t get out of bed for anything less than major crimes, and the various agencies mentioned in OnguardOnline are hardly set up to handle the literally hundreds of thousands of data breeches that take place each year.

I can’t guarantee this will work, but one thing I can guarantee is that whatever remedies we’re using to stave the bleeding aren’t helping. And the problem is only going to get worse, much worse. What are we waiting for?


Page 2 of 2

Previous Page
1 2
 



Tags: Facebook, consumer, privacy, LinkedIn, policy


0 Comments (click to add your comment)
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.