• United States




Can we use a social media model to improve privacy attitudes?

Apr 10, 20185 mins
PrivacySocial Networking AppsTechnology Industry

The advent of social privacy.

I was sitting chatting to some ‘millennials’ the other day about the whole Facebook debacle. Now, they were all very well educated, to at least degree level, and digital natives. When I asked them about how they felt about data privacy and would they be deleting their Facebook account, they all, collectively shrugged their 30-year-old shoulders and said, “What’s the point” or “Our data is out there anyway” and variations on those themes. I felt a bit sad at the laissez-faire attitude towards their personal data and privacy, a “We can’t do anything about it, so why try” mentality. You can’t really blame them however when you look at the figures of 9.7 billion data records exposed since 2013.

Rise of the social…demise of privacy?

If you look at a social media, and Facebook in particular, the rise of the social platform has been meteoric. Pew Research first started to track social media usage in 2005. By 2015, 90% of young adults were using social platforms. Socialization of the Internet was a natural progression once computing became more affordable and the Internet more pervasive. Advances in Human-Computer Interface (HCI) graphical UI, and high-level programming languages (amongst others) turned a business only device into a plaything for all. Social computing is an extension of this and a way for human beings to take back computers and bring them into their ‘tribe’.

But as the digitization of social has risen, our right to privacy has seemingly fallen. This does not seem to be an issue of education. In a number of studies, including by the highly knowledgeable Danah Boyd, it has shown that younger persons, especially, are very aware of the privacy implications of using social media. There seems to be more to this than meets the eye. A feeling of general despondency, that we can’t do anything about our privacy, is pervading our use of technology and this may come to haunt our organization as we develop relationships with customers.

Smashing the identity perimeter and taking back social privacy

This despondency may come back to haunt us all, in fact. Privacy isn’t just about some entity revealing your name and address. It isn’t even just about a data analysis company selling off your data to the highest bidder. The despondency mentioned above misses the point that privacy is much more than data up for sale on the Dark Web.

For example, privacy can be exploited in the form of exerted control. Researchers at UCL, in collaboration with the London VAWG Consortium, are looking at the implications for privacy and security of IoT devices within an environment of domestic abuse. It doesn’t take too much of an imagination to see how controlling behavior could be augmented by Internet-connected video cameras, or how a controlling person could hold your privacy to ransom.

Privacy can be used as an invasive tool. This is what Facebook and Cambridge Analytica did. They invaded our privacy for commercial gain. Governments all over the world do the same thing under the auspice of surveillance. Data which shows a interest area, or who you interact with, is as valuable as your name and address.

The problem comes down to this. Privacy is about claiming that you own your identity and the data that makes up your digital presence.

But, this digital presence is becoming connected across disparate points in Internet space. This extended ‘us’ will become our online identity, above and beyond identity systems (IdPs). In the same way, the enterprise perimeter was smashed by Cloud computing, digital identity will be smashed by social media and other online interactions. These digital selves that we are building, need to have a home so we can claim them. And, importantly, so we can determine their use. Just like real identity is more than just showing a passport, online identity will be more than just answering a set of knowledge-based questions. We need to develop structures to accommodate this, and for me, this means using Blockchain-based services and ultimately self-sovereign ID. Self-sovereign ID does have some business model hurdles to cross to make it a viable option, but it has potential.

Soon, our digital identities will be with us from birth, and how we use them will have lifelong implications. If, as I suspect, they will be made up from a mosaic of data pulled in across multiple sources, then we need to ensure that we have a mechanism that accommodates the privacy of these data by allowing the individual they represent to claim them as their own and do with them what they will.

Social platforms, like Facebook, may hold the key to building respect for data, not just our own, but the entire community we belong to. We can use a social model to police the privacy of our own and our extended peer group privacy. Removing the despondency inherent in a digital generation is the first step, but just as social media had a meteoric rise, so too then will social privacy. Watch this (My) space…


Formerly a scientist working in the field of chemistry, Susan Morrow moved into the tech sector, co-founding an information security company in the early 1990s. She have worked in the field of cybersecurity and digital identity since then and helped to create award winning security solutions used by enterprises across the world.

Susan currently works on large scale, citizen and consumer identity systems. Her focus is on balancing usability with security. She has helped to build identity solutions that are cutting edge and expanding the boundaries of how identity ecosystems are designed. She has worked on a number of government based projects in the EU and UK. She is also interested in the human side of cybersecurity and how our own behavior influences the cybercriminal.

The opinions expressed in this blog are those of Susan Morrow and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author