Doesn't this mirror some of the concerns raised in the
opinion on Social Networking Sites from the Article 29 Working Group? They
clearly indicate that the SNS has responsibilities as a (joint) Data Controller
(which they tend to deal with poorly). One of those responsibilities surely
would be adequately confirming the identity of the person creating the account
(mandatory ID card would help! ;-) ).
The opinion also points out that not all the usage of a
SNS by an individual is necessarily covered by the domestic purposes exemption -
particularly where harm is being caused.
Donald Henderson
Information Compliance
Manager
Perth & Kinross
Council
I've been asked a question by a friend in the USA regarding an
article (linked below) that he has written on his blog. Brody is not "your
average blogger", rather, he is a professional journalist who covers articles
that have a different interest form his mainstream political work and does that
in his blog. Obviously I need to remind us all that our comments are
public comments, available to all on the JISCMail site.
Here is the
question:
BEGINS
Dear Tim ~
This story comes
from ABCNews.com and I found it topical in consideration of the Interview series
that I am researching now. My question to you as a privacy expert, is how does
one prevent this from happening? Should the social network sites be required to
have proof on file for users? Or, as some have suggested, "be warned that IP
address ____________ is being recorded for," {the user} and that user is
liable for all contents? What happens when people get bullied, do we hold the
site accountable?
As an expert in this
field, I am curious to hear your comments on this.
Cheers
Brody
http://brodylevesque.blogspot.com/2009/09/brodys-notes-teen-pranksters-sued-in.html
ENDS
I love
being called a Privacy
Expert. To me that means that I know where to find the answers! And that
means asking the list members what their opinions are. Is it
possible to prevent cyber bullying by use of some form of privacy
limitation, for example?
While this incident is under US law, I think the
general principles apply worldwide, don't they?
The article is too long
to reproduce here, so my apologies to those whose opinion is disenfranchised by
blogs being blacklisted at work. It;s a hard article to precis in a few
short words, too. BROADLY it is that a couple of people created a Facebook
account in the name of a third person. They amassed that perosn's friends
as Facebook friends and then ruined his/her reputation online.
I've seen
the same impersonation happen on Twitter with Tom Daley, the UK diving star,
where someone is masquerading as him in addition to his own account.
The
question is not "what can social media do to put this right?" so much as "how
can social media prevent it from happening?"
I see that as a tough
question.
--
Tim Trent - Consultant
Tel: +44 (0)7710
126618
web: ComplianceAndPrivacy.com - where busy
executives go to find the news first
personal blog: timtrent.blogspot.com/ - news, views,
and opinions
personal website: Tim's Personal Website - more than anyone
needs to know
Important: This message is private and confidential. If
you have received this message in error, please notify us and remove it from
your system. This email and any attachment(s) are believed to be virus-free, but
it is the responsibility of the recipient to make all the necessary virus
checks. This email and any attachments to it are copyright of Meadowood
Associates, owners of Compliance And Privacy, unless otherwise stated. Their
copying, transmission, reproduction in whole or in part may only be undertaken
with the express permission, in writing, of Meadowood Associates, at Meadowood
House, 30 Redditch, Bracknell, Berkshire, RG12 0TT.
All archives of messages are stored permanently and are available
to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of the
email if you are receiving emails in HTML format):
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
and are sent in the body of an otherwise blank email to [log in to unmask]
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
(Please send all commands to [log in to unmask] not the list
or the moderators, and all requests for technical help to [log in to unmask], the general
office helpline)