The huge success of Web 2.0 is based on the willingness of users to provide content and to engage themselves in communities and lively discussions. A disclosure of more personal data is inevitable this way. Two years ago a blog in Wired has already declared the end of privacy in Web 2.0.
But as all of us are keen to go on using the Web 2.0 in our daily life without willing to revoke our right of privacy we all need to meet the challenge. As SAP experts our task is two folded: First we have to protect ourselves and make an educated decision about our behaviour in Web 2.0. At the same time we need to apply best practices to our projects as more and more projects emerge with SAP software involved in Web 2.0 projects.
How to protect your own data?
1. Gain initial privacy awareness
Today HR managers underscore the importance of Google and other search engines to check the resume of applicants often looking at content from Web 2.0 sites like YouTube or Facebook. Perhaps you see such a check as an intrusion into your privacy. But as you cannot change it you must be aware of it. Therefore you need to get an overview about all the information exposed about you on the Web. Much information will be out of your control as it has not been published by you. As there are so many search engines for personal information on the Web it would be crucial to combine several of them with a Google search to get the complete picture: zoominfo, spock, yasni just to name a few. Also it would be beneficial to combine them with a search engine for a region or a special group of people (e.g. for the German-speaking countries 123people). But even if you get worrisome results it would be very hard to nearly impossible to remove this information from the web although you have some possibilities to request from a search engine to remove an entry from their index provided you have deleted the entry on the indexed website.
2. Broaden the picture for your family
Our kids are using popular Web 2.0 sites frequently. In most cases it is very hard for them to be aware of the consequences when they just post funny videos or comments with their friends and are not aware of possible consequences in the future. Therefore it is very recommendable that you conduct a privacy awareness check for your kids as well. Furthermore they need information from you as only you can illustrate them what could happen if they spread to much information or inappropriate one.
3. Manage your personal information portfolio
The traditional guideline from security experts for eMail is still true for Web 2.0: Just publish it if you are sure that it could be published in your local newspaper tomorrow without any damage for your life. Nevertheless you could decide for yourself that you are willing to publish even sensitive information as the benefits you will get from that will out weight the potential damage. Even in these cases it is of uttermost importance that you take an informed decision. Here an active management of your personal information portfolio can help you a lot. Just classify the information in the four categories: confidential private information, confidential business information, private information which could become public and business information which could become public.
4. Take countermeasures against threats you have identified
Web 2.0 tools in general offer a lot of features to protect your privacy. But by default the settings are set to ensure maximal visibility. Therefore it is crucial that you change these settings in accordance with the threats you wish to encounter. An easy example would be your business contacts. If you do not wish to enable your competitors to browse your contacts on networks like xing.com you need to change the settings for the visibility of this attribute.
How to apply best practices in your projects?
Walk the talk. The old saying is also true for privacy in our projects. What we would like to protect ourselves we cannot ask others to reveal without offering them the option to hide the information. Lauren Gelman from the Stanford Law School has published a thought provoking presentation with good questions as guidelines for privacy in Web 2.0 projects which you can use. It is also recommendable to use one of the existing tools to check level of privacy of your project. An example would be the privacy bird from the Carnegie Mellon University. Although you need to put in some ressources there is an urgent need to do so because one thing is for sure: Privacy is becoming more and more important for many users of the web.