austraLasia #3002

Keep 'it' to yourself!
INTERNATIONAL: 28 January 2012 -- Keep 'it' to yourself - 'it' being personal data. This is no trite message today.  How many of you received (and you would have, if you use one of Google's 70 services) Google's announcement of a single privacy policy this week?  Have you actually read their 5 principles?  Good for Google, perhaps not so good for the user.

It is by coincidence or perhaps Providence arranged it, that Data Protection Day is celebrated on the same day we commemorate Thomas Aquinas.  Benedict XVI, speaking about TA, reminded us of his importance today especially in the field of ethics and human rights, and it is precisely here that Data Protection Day and Thomas Aquinas coincide, especially as at some point in the literature, this Day (now celebrated widely on 28 January) is explained as celebrating: "the dignity of the individual as expressed through personal information".

So what are Google's 5 principles, now that they have rolled 70 services under one policy (which means if you have personal data with Gmail you have personal data with YouTube, Picasa etc)?  At least know them. They claim to:

1. Use information to provide our users with valuable products and services.
2. Develop products that reflect strong privacy standards and practices.
3. Make the collection of personal information transparent.
4. Give users meaningful choices to protect their privacy.
5. Be a responsible steward of the information we hold.

It is up for debate whether they really keep to that - you cannot opt out on their 'privacy' policy for Gmail for example, so how does '4' apply there?

Facebook recently had to settle a case where they were found to have "deceived customers by telling them they could keep their information on Facebook private then repeatedly allowing it to be shared and made public" (Facebook vs US Federal Trade Commission).

All this matters to you and me very much! At the Pisana, for example, the level of Firewall protection on sdb.org has to be seen to be believed, and at times we curse it up hill and down dale - but it (touch wood) resists some pretty virulent attacks on a regular basis - and it needs to! We hold a lot of information! We are currently determining what is 'open data' which we would happily encourage broad use of by search engines, and what is not.  It is one thing to have a 'privacy policy' and yet another to enforce it.

It bothers some of us that so many, including people who travel regularly use Gmail when, say, Thunderbird with IMAP enabled would be much safer. We already know that Gmail 'reads' every email and grabs every email address 'out in the wild', even for just a few unprotected minutes.  These are issues that deserve discussion at the highest level of an organisation, including ours.

Have people followed the SOPA and PIPA debate? On the surface it sounds like something only US citizens shoudl be interested in - it is their Government which is debating these things after all. And also on the surface it sounds fine - we DO want to stop Internet Piracy don't we? And we are horrified that a few people from Megaupload were getting obscenely rich and maybe doing a lot of illegal things - but what gives one prominent Government the right to intervene in other jurisdictions? And if you read the vague language of the currently stalled SOPA Bill you immediately see it could be used to silence legitimate speech... that is not what the recent World Communication Day Message was trying to say about silence in modern day communications.

This is not a rant.  I am simply pointing to a 'Day' that has particular meaning for a group that wishes to educate and evangelise, and which would be seeing, would it not, that digital citizenship, privacy issues and the like are regular items in its school curricula.

If something has meaning, it means that we are doing something about it personally. Here are some suggestions:
- examine the privacy policy in place locally (school, house, province....)
- think about the wisdom or otherwise of using Gmail
- think about why you would use Google search when there is DuckDuckGo (stupid name I know but look at their privacy policy)
- secure your computer with a firewall - it costs nothing. Indeed use Linux, I am even tempted to say - costs even less :-)
- check your browser privacy settings - are they suitable for your role and tasks?
- consider encryption, especially given certain roles and tasks.
- be aware of location data misuse (your cell phone can track you).
- use strong passwords (8 characters, mixed letters and symbols).
- trust - but verify. You'd be surprised how many odd names claim to be 'Salesian' and seek 'registration' daily with sdb.org. We ask a simple two word question in any of 30 languages which, though not infallible, is a good human check - and I'm not about to reveal it here, either! (It often catches out novices who are not listed in any 'elenco', so sorry for them, but at least they can escape the trap).
- backup regularly
- show an interest in educational resources in this area.

Have a nice 'Day'!