Follow all my thoughts on SXSW at http://www.trogger.com/users/2
Here at SXSW, my first panel was a talk on privacy on the web, and how it is developing.
An interesting study out of NYU shows, unsurprisingly I think, that teenagers do NOT consider their home to be a private place. Kids see home as a place controlled by their parents, who have all the power and rules. Many kids don’t really have a space of their own in the real world; even their rooms can be invaded. But lately, they have been making that space online. They know their parents cant or wont get there, wont find what they write and do, who they hang out with, etc. How valuable is this idea of privacy online, especially when you broadcast so much personal information; who controls that information, and how much is privacy infringed by what major companies do with it?
Nowadays, a consumer’s personal information is a form of currency. Companies covet it, sell it when they have it in excess, and hoard it when they don’t. Companies who collect personal information – facebook, myspace, google – all seem to have the most confusing and complicated of privacy policies: they don’t want you to know what they could do with your information, else you stop adding it. They also can change the ToS at will, whenever they care to, with no warnings to you. (What are teenagers THINKING when they feel they have more power online?)
So this raises an issue: default opt-in or opt-out. Most consumer advocates are now pushing for EVERY aspect of sharing to be opt-in: your profile is not automatically searchable on facebook, you would have to opt-in to that. Google can’t give ANY information on you away,until you say it is okay. And just checking the “ToS” box at the bottom of 20 pages of hidden meaning and convoluted text would not instantly make it all okay.
But if this becomes the norm, how much profit do these companies lose? And do these websites lose the very things that bring us to them? Does the ease of social networks helping you share with friends and colleagues, or the convenience of google knowing what is relevant to you outweigh the danger of that information getting to advertisers or being used maliciously? And if it cant get to advertisers, how do the companies stay alive? What is the limit?
A lot of people at SXSW are early adopters: and so they know how to hide their behavior online, where to find privacy settings, and just how much control they are giving up and information they are sharing when they use gmail, make a search query, or friend someone. But does the average American truly understand? And whose job is it to educate them? Their own? The company’s? Should “Joe the Plumber” be required to parse through every ToS before he registers for a site and helps them make their profit?
I suppose I am of the opinion that ToS and PPs can certainly have a bunch of legal jargon, but need to be broken into clear bullets RIGHT at the top, laying out everything relevant to the user. I think information sharing that benefits the user – for recommendation or ease of use – can be opt-out, to help give the user a god experience. I think if collections of general information is TRULY being shared anonymously, that can also be opt-out. I think any action that gives uniquely your personal information, with or without your name, must be opt-in.
But all of this is relatively obvious, I guess. The challenge is how to implement it while keeping VCs happy and business moving.
I did write up the ToS and PP with these bullets in mind – trying to summarize them at the top of the page to make our policies at Trogger clear. Thoughts on how to improve them?