≡ Menu

Your privacy pitted against context and reputation based systems

In the wake of the AOL search engine data fiasco, there have been a number of writers writing about the amount of data being collected by search engines, and other web sites, and how that data might be used.   Scott Lemon’s Google Knows Who You Really Are decomposes how Google collects the data, and Phil Windley’s Undistinguished Identity and Your Reputation relates that information to reputation.

Most writers are conflating reputation and context, and concluding that privacy is being violated.  It is true that much potentially damaging information is being collected in the form of search engine statistics.  The value of collecting that contextual information is in better targeting services to the user — in increasing the relevance of vendors offerings to those users.  Three questions should be asked:

  • How much information needs be collected, and how long should it be stored in order to achieve the desired result for the customer?
  • What guarantees does the end user have about how the collector of that information will use it?
  • How does the end user opt out of the collection of that data if they deem the collectors privacy policies unacceptable?

As we build iotum we wrestle with these issues all the time. 

  • Our software collects a very personal profile of our customers’ communications behaviors, necessitating that we have a robust privacy policy.  We’re in the process, right now, of writing our second revision of that policy to address these very issues.  We will never use the contextual data given by you for any purpose except for helping you better manage your communications.
  • You can opt-out of the collection of data by simply choosing not to install the pieces we use to collect those specific pieces of data.
  • Unless there is a need for longer term storage, most data is only stored ephemerally.  For instance, we only store calendar information for a few days, but we store the relationship information for as long as it exists in your address book.  Delete a record from your address book, and it also disappears from iotum.

It’s also worth noting that most European countries, and Canada as well, have placed very strict limits on how companies can use their customers private data.  In law, the information collected about the user belongs to the user, not the company.  Not so in the US, where privacy legislation is non-existant, and data collected is the property of the company, and not the user.  This issue is as much about companies being responsible with their customers private information as it is about legislators writing guarantees to the citizenry into law. 

{ 0 comments… add one }

Leave a Comment