Boing Boing points to this paper, in draft form, which discusses the implications of all this data we happily upload to private companies on the web. I am pretty sure I know how Scott McNealy feels about all this, but when you think about it in aggregate, all that data we are giving to orkut, Amazon, Plaxo, et al, without any functional controls on how it gets used, it does start to feel a bit creepy.
The paper is clearly biased against corporations that gather personal data, but… under the present administration, paranoia doesn’t feel like an option. The paper focuses on Plaxo, and delivers a pretty through thrashing to that company’s privacy policy. Excerpts:
Social networks are a primary way in which suspicion is generated about individuals. Acquaintances of terrorists, terrorism suspects, terrorism financiers, terrorist supporters and terrorist sympathisers are at risk of being allocated into a grey zone of terrorist associates. A tag of that kind is potentially as harmful to a person as have been negative categorisations made in previous contexts, such as ‘etranger’, ‘subversive’ and ‘unamerican’……
…Several of the sites display the Trust-e ‘meta-brand’. Meta-brands were examined in an earlier article in this series (Clarke 2001), and their value was shown to be very close to zero.
(w/r/t Plaxo)…
The user’s personal data is protected by only the flimsiest of contractual terms, and hence the user is forced to rely on such protections as may be provided by the law. But whether any legal protections at all apply is a wide open question. Plaxo appears to be a U.S. corporation operating in Silicon Valley. Neither the U.S.A. nor California have generic data protection laws, and quite possibly no specific laws that apply to these circumstances…..
…it is feasible to design a privacy-sensitive address-book service or social networking service. Unfortunately, none of the services referred to in this paper have demonstrated sufficient understanding of the issues to suggest that they could mature in that direction.