The combination of our conference this week on digital identity, JZ’s paper and forthcoming book on Generativity and his OII inaugural lecture, this morning’s WSJ, and all manner of other things has convinced me that we need a new framework for thinking about privacy and security in the digital world.
On a plane this morning from SFO-PDX, I read found (at least) three articles that made this problem plain to me, again. One was the piece on the Consumer Privacy Legislative Forum’s day on the Hill yesterday (see the CDT et al. statement), in the context of which Meg Whitman of eBay and Nicole Wong of Google and others made the case for laying “a foundation for a long-term approach to privacy protection” (Whitman, as quoted in the WSJ). Wong wrote, correctly in my view, that “this matrix of [privacy/security] laws is complex, incomplete and sometimes contradictory.” She went on to say: “On an Internet beset with spyware, malware, phishing, identity-theft, and other privacy threats, enforcement of privacy protections has become an industry-wide challenge.” The WSJ story on MySpace and its advertiser relationships — in the wake of a $30 million lawsuit against the company related to online safety of a user — made the same point, implicitly. A nice Web2.0 story on Boston-based Tabblo didn’t have to make the point that anyone can post online photos about anyone, mash them up into a collage, and publish — to anyone else, and everyone else.
The creative opportunities of the web have never been more wonderful and should be embraced. But the privacy and security stakes are rising as we bring our digital identities come online, more and more, and as our digital native children start to experience the good and the bad of this brave new world. What’s the role of schools, and universities, and parents, and kids, and companies, and governments? As the wisdom of the crowd is relied upon to make more and more decisions, what’s the due process when your privacy and security is at stake, if things go wrong? JZ has some good ideas, and so do others. We need to get on with the planning and the building of this foundation, and fast.
(If you’re having trouble grasping the digital ID part of this equation, zip over to ZDNet, where David Berlind does his usual amazingly lucid job of putting it all in context in his review of the Higgins Trust Framework — and n.b. the “spectrum” that he describes, which is right on. Berlind writes: “By the end of the panel, I was visualizing a spectrum of attitudes about technological expression of identity that range from the very negative to the very positive. On one end are the warning signs about what could happen if the right checks, balances, and governance aren’t in place. On the other end is hope. Hope that idenitity could be tapped in a fashion that serves the greater social good.”)