You and the World: Internet Privacy

I'm Toby, and this is my second blog post for my you and the world project. Since I last posted, the ITU meeting happened. Many of the governments present refused to sign the treaty, and the conference ended at a standstill. So for the moment, the internet will stay as we're used to. A petition has also been listed on whitehouse.gov to defund the ITU. I suggest you sign it.

Since the ITU meeting is over, I'm changing the focus of my project to privacy on the internet. According to Wired, the FBI is pushing for legislation for requiring devices to be easier to wiretap. Not only could this cause privacy concerns, it could also make it easier for criminals to listen in because of the backdoor that the FBI put in in the first place! In happier internet privacy news, Michigan recently passed a law that would give citizens the right to withhold their social networking username or password from an employer or parent who requests it.

I've also done some original research, creating a survey that people at SLA took. It asked questions about how anxious people were about internet privacy, what sites they were worried on, and why. A total of 40 people took the survey. Most people rated their level of anxiety at about 4 or 5, as seen here.

The site most people were worried about their privacy on was Facebook by a vast majority of 65%. 30% of people said they were not worried about their privacy on the internet.

For the last question (If you have ever been worried about your privacy on the internet, why were you?), responses varied. A number of people expressed concerns about colleges and future employers seeing their posts on social networks, while others were worried about stalkers. Other people were worried about people they don't know finding out their identities or seeing them in the wrong way. One parent (and IT professional) said they were concerned about SLA's SLATE blog being too open. They did not like the fact that student's identities and images (although there is no default profile picture and most students leave it blank) and said it should be on an intranet (private computer network) behind a firewall. Additionally, if you are not signed in as a student, you can only see the name of the instructor when looking at the public feed for a class. However, the names can be seen as the author of a blog post, even when signed out.

What I can conclude from this research is that most people are not too concerned about internet privacy, but many of the people that are concerned are especially concerned, worrying about their privacy even when their content is private. This correlates with the news article mentioned earlier about the FBI pushing for devices that are easier to wiretap. People that said they are worried about what colleges and future employers can see can rest a little bit easier because of the law Michigan passed mentioned above. Hopefully more states will follow suit.

I think that the FBI's suggestion for devices that are easier to wiretap is not a good idea. As Wired says, backdoors open the path to hackers. On the other hand, I do think that Michigan passing a law that gives citizens the right to withhold their username or password is a good thing, as it makes social networks a bit more private than their current state. Based on my survey, I think that Facebook's privacy policy should be changed, as it would explain why most of the people surveyed were worried about privacy on Facebook. Facebook's privacy policy states that Facebook may collect data about you while you are browsing in order to give you more relevant information, including your location. You should be given the option to turn this off. Also, since most people may not read the privacy policy, the fact that Facebook collects this information should be displayed in short form somewhere conspicuous. Another way to solve the problem would be to show a condensed version of the privacy policy when users sign up. This is because Facebook's privacy policy says that they will not collect information without telling you about it first, such as in the privacy policy. The privacy policy is linked to on the sign-up page, but just like license agreements, only a few people will ever actually read it. Not just Facebook should do this, but any digital service that requires you to read a long agreement.

Another concern expressed about Facebook in the survey was hacked accounts. Facebook has a feature, similar to Valve's Steam Guard, that would require you to enter a verification code when logging in from a unrecognized browser. This means that if a hacker managed to guess your password, they could not get into your account unless they entered the verification code sent to your mobile phone. Instructions on how to turn it on follow.

1)Mouse over the gear and then click Account Settings or Privacy Settings.

2)Click Security.

3)Find the setting that says Login Approvals. Click it. Check the box and click Save Changes.

4)Click Set Up Now and follow the instructions onscreen.

This is a good feature, and should be enabled by default. However, mobile phone may not be the best way to deliver the security code. Phones can be lost or stolen. A better way to do it would be to send the security code to the user's email, in the style of Steam Guard.

After all my research, I'm left wondering why the people who are worried about internet privacy tend to be unnecessarily paranoid about it. For my agent of change post, I am thinking of presenting to advisories about my issue. You can view my annotated bibliography here. Thanks for reading!