Towards Socially-Responsible Management of Personal Information in Social Networks
0 likes582 views
The document discusses the challenges and management of personal information in social networks, emphasizing the need for control over such information amid privacy concerns. It proposes a layered management approach that augments personal data with usage rights and discusses the implications of digital rights management (DRM) and exception management. A call to action for a transdisciplinary approach to innovate socially-responsible solutions for personal information management is also presented.
Towards Socially-Responsible Management of Personal Information in Social Networks
- 1. BlogTalk Asia 2009 Jeju, South Korea Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems Jean-Henry.Morin@unige.ch http://jean-henry.com/ BlogTalk Asia, Sept 2009
- 2. Outline • Introduction and Context • Motivation and Problem Statement • Two Important Problems • Proposition for Managed Personal Information • Design Overview • Conclusion and Discussion 2 J.-H. Morin
- 3. Introduction and Context • Social Networks and Services 3 J.-H. Morin
- 4. Introduction and Context • Personal Information • Different from Personally Identifying Information (PII) • Subject to legal frameworks in most countries • Increasingly shared on social networks • Blurring boundaries between private and public life Legitimate concern (i.e., rights) over our information in terms of lifetime, usage purposes, access, etc. 4 J.-H. Morin
- 5. Problems and Issues • Publish / share once, publish / share forever • Indexing and searching • Who “owns” and manages YOUR information (SLAs) ? Raging debates. • Who’s information is it ? • Do you retain control ? • Semantic searching capabilities 5 J.-H. Morin
- 6. The Right to Forget • Right to Forget : fundamental human right threatened by the digital nature of information (i.e., searchable) • Traditional Media (i.e., non digital) “Memory” erodes over time • Labor and cost intensive • Digital Media, requires explicit human intervention to “make forget” information (Rouvroy, 2007) 6 J.-H. Morin
- 7. Anonymity and Privacy • Anonymity and Privacy are fundamental to social networking • It’s not a “bug”, it’s a feature ! • It’s not schizophrenia ! • Multiple legitimate personas (e.g., work, family, communities, etc.) • How do we deal with it in a socially- responsible and ethically sustainable way ? • Cyber bullying (e.g., Akple in Korea) Requires traceability and accountability of information (i.e., managed information) 7 J.-H. Morin
- 8. Key Question • Is Privacy and personal information threatened by current social networking services ? • We contend there is a need for Managed Personal Information • Socially-responsible and sustainable How can we retain an acceptable (by all) level of control over our personal information ? 8 J.-H. Morin
- 9. Proposition • Personal Information should be augmented with a layer accounting for its management • Alongside other metadata increasingly used in addressing the semantic dimension of our electronic services 9 J.-H. Morin
- 10. Moving forward: Design Overview • DRM • Highly controversial but a necessary evil likely to stay • Exception Management • An accountable approach to deal with the lack of flexibility of DRM • A socially-responsible (yet economically viable) alternative to the deceptive approaches of current DRM systems 10 J.-H. Morin
- 11. Digital Rights Management (DRM) • What is DRM ? • Technology allowing to cryptographically associate usage rules to digital content • Rules govern the usage of content • Content is persistently protected wherever it resides • Examples : • Recipients of an email cannot FORWARD, PRINT, COPY the email • A document EXPIRES on September 16, 2009 and can only be accessed, in READ ONLY, by BlogTalk and Lift Asia attendees • CEO delegates to CCO the right to also manage policies provided an audit trace is logged, etc. • Where is it used ? • Initially fueled by the Media & Entertainment • Since 2003 : Enterprise sector fueled by corporate scandals (Enron, etc.), compliance issues, regulatory frameworks, etc. • Software and gaming industries 11 J.-H. Morin
- 12. Rethinking & Redesigning DRM: Exception Management • Acknowledge the Central role of the User and User Experience • Reinstate Users in their roles & rights • Presumption of innocence & the burden of proof • Fundamental guiding principle : Feltens’ “Copyright Balance” principle (Felten, 2005) “Since lawful use, including fair use, of copyrighted works is in the public interest, a user wishing to make lawful use of copyrighted material should not be prevented from doing so by any DRM system.” 12 J.-H. Morin
- 13. Rethinking & Redesigning DRM (cont.) • Exception Management in DRM environments, mixing water with fire ? • Reversing the distrust assumption puts the user “in charge”, facing his responsibilities • Allow users to make Exception Claims, granting them Short Lived Licenses based on some form of logging and monitoring • Use Credentials as tokens for logging to detect and monitor abuses • Credential are Revocable in order to deal with abuse and misuse situations • Mutually acknowledged need for managed content while allowing all actors a smooth usability experience 13 J.-H. Morin
- 14. Putting the pieces together • Augmenting information with usage rights appears to be a promising path towards : • Socially-Responsible management of personal information in social networks and services • Enabling Exception Management may offer the much needed flexibility lacking in traditional rights management environments • Much work remains to be done 14 J.-H. Morin
- 15. Conclusion • Call for Action ! We need to innovate • Co-creation of value: • Requires a transdisciplinary approach (law, business, sociology, ethics, engineering, design, etc.) • Involving all the stakeholders • Engineering is “easy”, getting it “right” in a mutual socially responsible way is hard but a great societal challenge 15 J.-H. Morin
- 16. Questions - Discussion Thank you Jean-Henry Morin University of Geneva – CUI Dept. of Information Systems Jean-Henry.Morin@unige.ch http://jean-henry.com/ 16 J.-H. Morin