There’s rarely an easy thesis to identify in a SXSW panel, and that’s especially the case in “core conversations”, which more than anything involve a diverse group with a shared interest in a topic … well, conversing about it.
This morning’s chat about privacy and personalisation, led by Loomia’s David Marks, was one such event. Lots of very interesting thoughts, but no strong narrative to weave them together.
… Which enables me to list the thoughts in point form. Read on!
- Privacy settings on social networks have become increasingly granular (e.g., Facebook’s multiple checkbox settings and different levels of friends). But more detailed privacy options require more user involvement, and anecdotal evidence from the room suggests most users don’t bother.
- The conflict that arises from this is, if we can call it a conflict, is around obligation: is a site obliged to make privacy transparent and obvious to the user, or is the onus on the user? So, for example, if few people use Facebook’s checkbox privacy settings, should Facebook develop a more intuitive method, or do we just assume that people don’t care enough to bother and leave it at that?
- One UI designer suggested a strategy in which the site harvests a bare minimum of personal info upon initial registration, and then periodically requests more on subsequent logins, with explanations of the reason for the request and the potential use of the information.
- A point that turned a lot of heads was around technology: is the average user provided with adequate tools to manage and understand their privacy online? And, what are the implications of storing personal info on remote servers? Could personal info be stored on a desktop and used to authenticate online sessions, with none actually held elsewhere?
- Furthermore, how aware are people and companies of the legal obligations of companies vs. individuals with respect to personal information? “If you’re running a web service of some kind, having more than the minimum necessary personal info could be a liability”, somebody observes.
- Concern about privacy online is often passive. We only worry when something specific comes up, e.g., when a security breach occurs and we read about people’s information being stolen from a bank database. And if we have the opportunity to save money, we’ll often happily part with information, e.g., “to save $5 on shipping, please provide the following data”.
- Concepts of privacy are generational; 1985 is often cited as a crucial year: those born after that year tend to be much more comfortable with sharing their personal information online, and also distinguish between their “online self” and their “real-world self”.
- Crucially, the post-1985 generation also tends to expect that the online-vs-real-world distinction will be made by employers, educators and others who may search for information about people online. And that expectation may not be reasonable, of course.
