The issue of identity information isn’t as simple as private or public, unshared or shared. In the Internet age, searchablility and discoverability are also factors, as well as the more granular way we can choose to share data. Computers give the illusion that we can control what we share and who we share it with. It is just that, an illusion.
I get a handy example if I google for the excellent and insightful Fred Basset – yes, I did just use google as a verb, please don’t stone me. In the results page I am overwhelmed by information on the cartoon character, rather than the new media expert. Fred is hidden in the camouflage of a mass of other data. Security by obscurity – he’s hidden in plain sight. If I Google for Benjamin Ellis, I account for most of the first page of results – your mileage may vary searching with Google from other countries (just for fun, e-mail the first page of results from where you live!). I’m not working as an SEO consultant for myself, there just seem to be less Benjamin Ellis’s out there, so I can’t hide.
Digital information has a rather free-flowing nature. Its natural tendency is to ‘escape’ from where we put it. Unhappy accidents like the recent HMRC fiasco are a reminder that it has a characteristic that physical property does not: it can be replicated, indefinitely.
If I mark something as ‘private’, to share with my ‘closed’ social network, I am reliant on those friends not making it public – either purposefully or accidentally. For example, if they tweet it on twitter, then it is indexed in Google by default. In the same way, companies rely on employees keeping information confidential. The difference is that data spillage now happens more easily, with our increasing connectedness.
There is an interesting characteristic of digital conversations that take place in social media, and that is a form of digital ‘spill’. The characteristic springs from the mismatch between peoples’ social graphs – your set of friends/contacts and mine may have some common elements, but they also have differences.
If we ‘chat’ between ourselves via the Facebook (using the wall feature) or Twitter, the differences in our social graphs cause shards of the conversation to propagate our beyond the original circle. That can be bad, or it can be good. One of the most interesting things about Twitter is the accidental conversations. It is the closest thing to creating that business haven of innovation, the water cooler conversation. With more and more remote workers, and reliance on external specialists, business will need these tools.
The reality is that Facebook is just describing the real world of social relationships. There is nothing new here. ‘Social graphs’ have existed since humans first started raising children and gathering food together. Now we have a common place word to describe the phenomenon, and tools, like Facebook and Linkedin, that have digitised the information and enabled us to study it as never before.
Data has the rather nasty habit of being permanent, sometimes inconveniently. I recently stumbled upon an email I sent to a mailing list in 1988, which is now a web forum. There is my email, in all of its glory. Thankfully I wasn’t too embarrassing as a teenager, but none-the-less, it is quite a sobering fact that something I wrote twenty years ago is right there, neatly indexed on Google.
The real world of information security, especially around identity, is messy. Tools like Facebook are gradually drawing attention to old issues and creating new ones. In the first few decades of computing, the challenges were in the technology, in the next, I suspect the challenges reside elsewhere.
Having a universal digital identity has efficiency benefits, but it also has big data privacy challenges too. It takes discoverability to a new level, which means that integrity is going to take on a whole new meaning, however good your security is.