Monday, 5 November 2007

The great Blackboard Facebook mash-up: part two

The European Network and Information Security Agency has produced an interesting position paper on social networking. Some of the key issues in this particular paper focus upon the following issues.
  • Who do you trust? We share our data very easily in social networking sites like Bebo and Facebook. Do we really know how information is being used and who is accessing it? Do we really know how our information is being shared? Or how it is being stored?
  • The impact of secondary data. How transparent social networking sites in their management and monitoring of your data? Who gets to see this data? Who gets to see how many times you have accessed a particular friend's profile? Who gets to see your individual transactions in the form of links that you have made on a particular social networking site? A key recommendation of the paper is that the European Union should look at the data protection issues surrounding secondary data on social networking sites.
  • With the economic value of social networking sites rising, how do we know which advertisers and which marketers are targeting, which specific cohorts of users.
  • How do we control the digital dossiers which are held about us by third parties? How do we maintain control of our own identity? How do we prevent profile squatting and reputation slander? How do we prevent threatening behaviour, like stalking and bullying?
  • We are seeing an increase in Web services mash-ups, akin to that between Blackboard and Class Top. These mash-ups may also include face recognition, with the platform of data being held about a person, and being used to track interactions. this can also lead to information-leakage from within particular trust networks.
  • An individual's control of their own data. For instance, how do we know, when we have deleted our own personal data from a site like Facebook the interactions or comments that we have made with other people's profiles are also deleted?
  • Spam, viruses and worms can all be scripted, and can all lead to unsolicited problems for users.
It is critical that users are educated, in order that they understand the possible threats to their data. For instance, students should not give details about the courses that they are attending, and the times of their lectures to people, whose interests they cannot validate.

Perhaps as important is the fact that social networking sites are social. They involve networks of individuals. As such, where access is granted to a network by a particular individual, that network needs to be assured that it interests are being secured and maintained. The key to this are trust and the appropriate management of data. therefore, educational awareness raising must be encouraged by institutions.

This paper is a highly important addition to the growing evaluation of social networking sites. institutions need to take account of its recommendations and look to develop appropriate policies and awareness raising activities with both staff and students. Partnership with a range of central services, and student unions is critical.

No comments: