Regulatory Reality

Oct 13 2011   10:42PM GMT

Does everyone value their privacy or is it just me?



Posted by: David Schneier
Tags:
compliance
Facebook
identify theft
LinkedIn
NPPI
PCI
PII
privacy
regulatory
Regulatory Compliance
Security

I just came to find out that I’m old.  It was somewhat sudden and sort of unexpected as I’m not quite half way to one hundred and have fooled myself into thinking that old doesn’t roll in until somewhere beyond sixty.  But apparently one persons middle-aged is another persons old.  Let me explain…

I read an article in which Reid Hoffman, LinkedIn’s founder was quoted this past summer as saying that privacy was for old people.   To be at least a little fair he was making a point about transparency of data and how it’s shared is an important component of social networks.  Young people are more interested in enhancing the experience and less concerned about revealing too much information in exchange for making that happen.  But really, isn’t it both a bit self-serving and irresponsible for someone atop the world’s largest professional social network to be thinking along those lines?

First of all it sort of makes him seem like a visionary rather than irresponsible for allowing LinkedIn to take certain liberties with regards to protecting my personally identifiable information (PII) in exchange for furthering the platform – he’s not irresponsible, he’s forward thinking.  Second he marginalizes the concerns of experienced people by making such a statement as if to say “you’re too old to understand that it’s more important to be out there too much rather than not enough” – it conveys a message that I’m not cautious, I’m slow to adapt and that’s primarily because I’m not young.  Third it makes it so much easier and cheaper for LinkedIn to continue building out their platform if security isn’t their top priority – wouldn’t we rather have them introduce cool new features rather than enhance their controls?

Well Mr. Hoffman here’s what I have to say about all of this.  What you call old, I call experienced.  I’m not concerned about my privacy because I have a dated way of thinking, I’m concerned because I know too much about identity theft and the damage it can cause.  I know that sites such as LinkedIn and Facebook have made it sooo much easier for the criminal element to develop profiles on people and figure out how to crack passwords, hijack email accounts and obtain information that allows them to assume someone’s identity.   I know that features such as TripIt and Foursquare allows criminals to figure out when people are going to be away from home and plan break-ins accordingly.  I know that it’s much easier to obtain inside information by trending activities on LinkedIn (e.g. I always know when someone works for a company facing downsizing or layoffs based on the type of profile updates they’re making).

And you’re right that privacy is for old people.  So are life insurance, money management and parenting.  We’ve worked long and hard to get what we have and we understand the value of losing it.  Anyone much under the age of twenty-five likely hasn’t a clue as to why privacy is such a big deal because their exposure is so much less.  If someone stole my identify when I first started my career they would have had access to a few hundred dollars, maybe one or two credit cards with ridiculously low limits and have discovered that my house was sparsely furnished with hardly anything worth stealing.   I could have repaired most of the damage from a stolen identity within a couple of paychecks.  At that point I would have totally thrown caution to the wind and have leveraged the full offerings of today’s social networks in order to market myself both professionally and socially.  At this point I simply want to protect myself from unnecessary risks and exposures.

Last night I watched a story on the news about how insurance companies are using Facebook as a way to investigate disability fraud as well as profile policyholders who engage in high-risk activities in order to decide who’s too risky to insure.  Do you think those people think their privacy is an issue for the old?  And doesn’t LinkedIn process credit cards for its paying customers?  Is PCI for old people too (now that would be a newsworthy quote)?

I’m sure at some point Reid Hoffman has backtracked on his statement in some measure because whether you hear it in or out of context it still sounds awful.  And I can only imagine that officially LinkedIn will point out that he’s no longer running the company (officially anyway).  And I also realize that his statement didn’t convey in any way that LinkedIn didn’t value privacy just like I know from firsthand experience that LinkedIn as designed allows me to throttle what I share with the rest of the community in a way that I’m comfortable with.  But still, comments like that make my blood run a little cold and make me jump online right away to make sure that I’ve kept my information sharing to a minimum.  Because in the end while “I’m older and I have more insurance” I don’t want to have to use it.

2  Comments on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    I tend to agree... and disagree. That is, everything written in the post is fair and good. Full agreement. But something seems to be missing. I can't determine if the Reid Hoffman statement was made specifically in reference to LinkedIn or it was about the broader question of privacy in an internet world. As a LinkedIn founder, no one has more right to declare what 'privacy' means within LinkedIn. If using LinkedIn means that what I enter into my account is shared wherever LinkedIn thinks is appropriate, I'm fine with that. (And I'm "old".) As far as I can tell, the sharing (networking) of data is what LinkedIn is supposed to do. If I want private stuff, there are other services that are more appropriate. I don't need every single site that I might use to be extra cautious. I only need privacy protection for stuff that I want to keep private, stuff that isn't put into LinkedIn at all anyway. So, I have nothing but agreement with privacy protection. But I'm not so sure how it does or should apply to LinkedIn. Tom
    125,585 pointsBadges:
    report
  • David Schneier
    Tom, In the video in which Reid Hoffman's comments were recorded it was clear enough that he was speaking in general terms and not specifically about LinkedIn. As well he wasn't advocating that privacy or concerns about same shouldn't be taken seriously only that it was more of a concern for "old people". My point is that it's concerning when someone who is arguably one of the key thought leaders in the domain of social networking is making statements that appear to be marginalizing privacy concerns. Unless society is ready to make a major push into biometric security controls privacy remains the only true measure of protecting our privacy online. And Mr. Hoffman should measure his words whether he's speaking in general industry or product specific terms. David
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: