advent of search engines, most of us enjoyed a degree of ‘practical obscurity,’
but today personal information has become available instantly to anyone with a
browser and an Internet connection. There has been a lot of online handwringing
about losing our privacy online, but specifically, what are the dangers of
having personal information visible to all?
The top online privacy issues include the following:
getting access to information you didn’t want them to see –the impact of this
can be devastating. For example, people have lost their jobs because of
information disclosed on Facebook that was not intended for all to see. A
neighbor of mine told me his son was sent to the principal’s office for
derogatory information he posted on Facebook about the school; information he
was subsequently unable to alter.
• Surveillance–the ‘awareness
that one is being watched” often leads to “anxiety and discomfort … self-censorship
and inhibition … [even] social control. It
is [almost too] easy to stalk people online, without their knowledge.
• Instability–data policies
of online sites change periodically. What is guaranteed today, may not be true
tomorrow. There is also a problem of secondary use of data, i.e. the use of
data for purposes unrelated to the purposes for which the data was originally
collected without the data subject’s consent. An example of this includes a
change in Facebook’s policy of how profile-update information flows from users
to their contacts.
• Disagreement about how information is shared online. For
example, Facebook allows people to tag other people in photos. Who owns the
name tag in a photo has not always been 100% clear. When there are multiple
people in the picture, data ownership becomes even more complex.
• Spillovers–Leakage of
information occurs in many ways. For example, Facebook’s “friend of a friend” feature
potentially exposes personal data to third parties. One pernicious use of this type
of data is by unscrupulous marketers who mine their friends’ networks for business
• Denigration–the negative
representation of reputation online, which can be related to distortion—
being inaccurately characterized–and appropriation— the use of one’s
identity or personality for the purposes and goals of another. Examples include incorrect tagging of photos,
creating a phony profile of someone (with denigrating information), or posting
negative information (like pornography, racial slurs, etc.) on someone’s
Now that we
understand the issues of posting personal information online, here are some
questions worth thinking about:
• Who owns our online personas? If we post information on a social
networking site or write a blog post, who owns the data?
• If I don’t want information available about myself online, whether
posted by myself or by others, what rights do I have to alter it or remove it? How
do I go about changing it?
• What rights do others have to use information about me, and what steps
do I need to take to manage my online identity?
These are all complicated issues that
are still being fleshed out, in society and in the courtroom.
Next post … deleting personal information online and the ‘right to be forgotten.’
By the way, a good source for information on this topic (and one I used to write
this post) is Daniel Solove’s “A Taxonomy of Privacy,” University of
Pennsylvania Law Review 154(3): 477-560, Jan, 2006, which is presented in a
shorter format in Grimmelman,
J., “Saving Facebook,” Iowa Law Review, 1139-1205, 2009.