Enterprise 2.0 Roll-up: Social Software Has No Regard for Privacy and Compliance

4 minute read
Chelsi Nakano avatar

It's no secret that our coveted confidentiality is getting the brush-off in the social software corner. Mentioning the Google Buzz thing again would be like beating a dead horse, so we won't, but know this: The number of instances in which social software has shown disregard for sensitive information is growing, and it's making many Enterprise 2.0 folks sweat.

Starting with Facebook

Facebook recently proposed some changes to its privacy policy for the umpteenth time. The outline proposes allowing third-party sites to use a person's browser cookies in order to automatically sign them into Facebook Connect--no consent needed.

There aren't many details out, but we've heard Facebook has considered implementing this change as a user default. If that's the case, the move would echo that one time in 2009 when Facebook decided to make their 'Everyone' setting a default for those that ignored the popup. The setting made user content available to everyone on Facebook as well as the entire Internet--including search engines and third-party sites--and the resulting backlash was uuugly.

Is there a silver lining to auto sharing such data? Facebook seems to think so: “The right way to think about this is not like a new experience but as making the [Facebook] Connect experience even better and more seamless," insisted Barry Schnitt, Senior Manager, Corporate Communications and Public Policy.

And on to Google

OK, we actually do have to mention the Buzz thing. After Google hauled ass back to their labs to conjure up patches for the holes that made highly personal data such as e-mail addresses public, 11 congressman petitioned the Chairman of the Federal Trade Commission to investigate the complaints about the service more deeply. In other words, they want justice.

"Due to the high number of individuals whose online privacy is affected by tools like this – either directly or indirectly – we feel that these claims warrant the Commission's review of Google's public disclosure of personal information of consumers through Google Buzz," said the letter, organized by Representative John Barrow.

The letter went on to admit that this technology has made us all more productive, but that it has also made it easier for others to invade our personal privacy.

Enterprise Endangered

Considering how influenced the enterprise is by social software as of late, these developments are extra important. Speaking from a compliance angle, Poul J. Hebsgaard of cBrain pointed out that social media tools like Facebook, Myspace and Twitter are regularly being utilized by governmental agency teams and private firms.

"Every bit of information exchange within the organization and with outside stakeholders must be auditable, he said. "There must be an audit trail and the kitchen sink approach to archiving of all information exchange and subsequent use of fancy search tools to retrieve information deemed to be material in a lawsuit will not work or at least be very, very expensive. Enterprise 2.0 tools emerging as 'social media tools for the enterprise' are as far as I can see not addressing these issues."

Got something to say about it? Drop us a comment down below, or attend some events that are sure to address this kind of thing:

Learning Opportunities

SecureWorld Expo 2010 Philadelphia

SecureWorld Expo brings together the security leaders, experts, senior executives, and policy makers who are shaping the very face of security.

Interact2010 - The Legal and Compliance Technology Forum

Explore how to balance collaboration requirements for modern teamwork interaction with internal and extraprise groups with the critical need to enforce accountability, traceability, and security of all legal and regulatory work.

Information Retention & E-Disclosure Management Summit

The 5th Annual Information Retention and E-Disclosure Management Summit is Europe’s premier event in this field, designed to help you steer your organisation successfully through lawsuits and regulatory inquiries.