On Thursday, the Electronic Privacy Information Center sent a letter to the Federal Trade Commission requesting that the agency investigate Google's recent announcement to integrate its social network, Google+, into search results.
The letter asserts a number of charges relating to competition and privacy. One of the issues mentioned is the change is making personal data of users more available in a public realm. The letter quotes James Grimmelmann, an associate professor at New York Law School, noting that the change "breaks down a very clear conceptual divide between things that are private and things that are public online."
This issue is an interesting one in the larger social networking realm. As we put more information online, how public should our private information be? What is private anyway? What do I think is private or a certain class of information?
Indeed, the underlying questions have led to a new wave of social networking sites that seem to be turning on its head the Facebook/Google model of sharing information. These innovators allow individual users to set boundaries around types of information, controlling who (if anyone) gets to see it.
One emerging company that has been making the news lately is Personal, which allows a user to add "gems" and data to their own private and secure data vault. The site even tells users how they can monetize their data to make money off their information. The site stresses its use of security, privacy and encryption to keep user information secure. Other companies, such as Singly and Greplin, allow users to search their online data and activity to provide a better understanding of what they are doing or want to do online.
From a security standpoint, allowing users to manage their information in a private controlled environment is an interesting concept -- assuming that the security tools used are strong enough to resist attacks and prying eyes. Not only could social networking be revolutionized by these user-controlled data structures, the structures could create unique legal issues. If a person's data is truly private, what access, if any, should the company enabling the privacy have? How could that affect law enforcement efforts and the use of such laws as the Electronic Communications Privacy Act?
As the privacy pendulum swings to benefit the user, expect a great deal of scrunity on the security elements of "private" sites.