Wednesday, May 12, 2010

Opt-in for Memory

The Boucher-Stearns privacy measure tries to do many things (press release; May 3 staff discussion draft); too many, according to Daniel Castro at ITIF.
One of the issues it doesn’t tackle – and legislation may or may not be the solution – is the persistence of digital information once it has been collected.

In a NY Times context piece called Tell-All Generation Learns to Keep Things Offline, Laura Holson writes that members of the “tell-all generation” are becoming more picky about what they disclose. There’s growing mistrust of social networking sites, and young people keep a closer eye on their privacy settings than oldsters. Holson reports on a Yale junior who says he has learned not to trust any social network to keep his information private, since “If I go back and look, there are things four years ago I would not say today.”

I expect that this concern will grow beyond information collection to encompass retention. (That's already a big concern of law enforcement, of course.) Explicit posts (photos, status updates) will live forever, if for no other reason than sites like the Internet Archive. However, the linkages that people make between themselves and their friends, or themselves and items on the web, are less explicit – and probably more telling. These links are held by the social network services, and I expect that there will be growing pressure on them to forget these links after some time. Finally, there are the inferences that companies make from these links and other user behavior; their ownership is more ambiguous, since they’re the result of a third party’s observations, not the subject’s actions.

My bet is that norms will emerge (by market pressure and/or regulation) that force companies to forget what they know about us. For the three categories I noted above, it might work something like this:
  1. Posts: Retained permanently by default. Explicit user action (i.e. an opt-out) required for it to be deleted
  2. Linkages: Deleted automatically after a period, say five years. User has to elect to have information be retained (opt-in).
  3. Inferences: Deleted after a period, say five years, if user opts out; otherwise kept. This one is tricky; I can also see good reasons to make deletion automatic with an opt-in for retention.

However these practices evolve, it’s become clear to me that neither the traditional “notice and choice” regime nor the emerging “approve use” approach are sufficient without a mechanism for forgetting.

No comments: