Tuesday, October 2, 2012

Social Networking and Privacy Concerns



The Backdrop
            Ever since the advent of internet and the associated cyber activities, questions of privacy of data have been discussed and analysed at various forums and levels.  Sometimes it is wrongly argued that social networking sites are replete with issues of privacy of data but e-mail service, use of mobile phone, internet etc do not have such issues.  At the outset it is better to have a proper understanding of the term privacy in the context of cyber activities. A clear misconception is so prevalent that the ‘unauthorised access and use of data kept private by the user’ and the ‘access and use of data made public by the user’ are wrongly considered as one and the same.
            For instance, at Face book, users may keep some data (mobile number etc) as private while some other data as public (employer details, native place etc). There will be not be any access to the former while everybody who log into Face book  can access the latter. It is simply plain that both are not same entities.  But there is a propensity to consider both as same phenomenon and whenever problems happen with them they are often wrongly referred with the term ‘privacy issues’.
            Again, with e-mail service, the contact details etc are kept as private by default but some data is made public (not by the user)  due to the lapses of software involved (like rough idea about  location from which the mail has been sent).
            As a matter of fact, in simple terms, privacy of data means the user who generated the data has complete control over its accessibility. No other person, other than the persons permitted by the original user, can access it in any manner. If access to the data is available to others who do not have the legitimate right from the original user, it would amount to lack of privacy of data.  It is also considered as an intrusion into the private data.
            On the other hand, ‘access and use of data made public by the user’ by any other person cannot be considered as an attack or intrusion into the privacy. If the data are made public by the user himself and are used by any other person even with a malicious intent, it can only be considered as ‘misuse of data’. There is absolutely no attack or intrusion into the privacy  as there was no ‘privacy of data’ even before the further usage of data! The data has been, knowingly or unknowingly, made public by the user himself and nothing is private there.  Further usage of public data by anybody else hence cannot be considered as privacy intrusion. The most that can be said about this phenomenon is that it is a misuse of data!
            To recapitulate, the ‘unauthorised access and use of data kept private by the user’ will become a privacy issue whereas the ‘access and use of data made public by the user’ by anybody else with a malicious intent will amount to misuse of data and the further ‘access and use of data made public by the user’ by anybody else with a bona fide intent will be considered as usage of data. It is worth noting the fact that ‘privacy issue of data’ and ‘misuse of data’ are two altogether different concepts.
            The fundamental distinction between ‘issue of privacy of data’ and ‘misuse of data made public by the user’ is that the former is associated with the various errors in the software used to generate and transfer data where as the latter is associated with the indiscriminate disclosure of data by the user. Theoretically, the latter has no relationship with the soft wares involved in the process. Many a times the indiscriminate disclosure of data by the user is a consequence of lack of awareness among users regarding the possibilities of misuse of revealed data. The table given below summarises the kernel of the discussion.


Sl. No.
Issue
Reason/Consequence
1
Unauthorised access and use of data kept private by the user
Errors in the software/Privacy  Questions
2
Access and use of data made public by the user by other with a malicious intent
Indiscriminate disclosure of data/Misuse of data
3
Access and use of data made public by the user by other with a bona fide intent
Use of data
  


Software Environment and Errors
            In a digital world, every digital activity is accomplished by using appropriate soft wares. Soft wares in general can be broadly categorized into three; system soft ware, programming soft ware and application soft ware. Notwithstanding these distinctions, software is nothing but a set of instructions or commands written in a particular language with an express purpose of accomplishing a specific task by utilizing the machine power of a computer.
            The most popular softwares that are familiar for the user community are operating system soft wares (UNIX, Linux, Windows, Sybian, Android et. al) and application soft wares (Office applications etc). These soft wares are often installed in the devises that we use. However, in the cyber world when we communicate or interact with others, we are taking the help of application soft wares that are not installed in our own systems. The e-mail service (provided by Gmail, Rediff, Yahoo et.al) and the social networking service (provided by Face book, Google plus, Twitter et.al) are in fact services provided by ‘application soft wares’ installed in the server computers of the providers.

            Furthermore there is absolutely no conceptual difference between the software that provides email service and social networking service. The differences between them depend only upon their differences in purpose.  The former does not provide the user any option to make the various components public where as the latter does provide options to make them public or private according to the preference of the user.
            As mentioned above software is nothing but a set of instructions or commands written in a particular language. In a broad sense, it can be likened to a document with several words, lines, paragraphs and pages. Every document contains multifarious types of errors and can be refined by continuously editing and revising it. Remember,  there is no end for the process of editing and revising as new perspectives, ideas etc emerges continuously.
            Similarly every software contain innumerable errors popularly called as software bugs caused by errors committed by the programmers in the source code and its design or caused by the compilers that generate erroneous source codes.  Some bugs make the software (system software or application soft ware) crash-prone or unstable while others make the software unsecure by wide opening pathways that could be exploited by a malicious user to bypass the access controls which eventually facilitate him to have control over the data stored in the application.
            As pointed out above, as in the case of a document, these software errors can be completely rectified only asymptotically. In simple terms it means that these software errors could be completely wiped off only after infinite number of editing and revising. In a practical sense, it implies that every software contain errors that could be exploited by a malicious user! (In the after math of Julian Assange episode it is highly wrong to refer every user who exploits the software errors as malicious user!)
            It is this unauthorized access and control over the data by a malicious user by exploiting the errors in a software, be it an operating system software or an application software,  that causes concerns of privacy. It is referred as ‘privacy concern’ just because of the reason that the data kept by the user is considered as ‘private’ and ‘personal’ to the legitimate user. Since these errors could be rectified only asymptotically, every software invariably contain errors and hence have ‘problems with respect to the security of the data’ popularly referred as ‘privacy concerns’.
E-Mail Service, Social Networking sites and Privacy Concerns
            It has been mentioned above that both e-mail service and social networking sites are provided by application soft wares running in the servers of respective providers. Since they are soft wares, just because of the reasons cited above, they invariable contain errors and are unsecure to that extend and hence have privacy issues.
            Sometimes it is argued that e-mail is secure but social networking sites are unsecure and have privacy questions attached with them. In the light of the facts narrated above it is easy to see that such arguments are made without understanding the basic and fundamental ideas underpinning software applications! If it is a software it will certainly contain errors and always prone to privacy concerns. There is no get away avenue even for the e-mail service from the questions of privacy (Any number of stories can be cited for this.). If anybody has a pathological concern towards privacy questions he must better keep away not only from social networking spaces but from e-mail service, use of mobile phone (because it also functions with the help  of software), internet surfing etc as well!
Social Networking sites, Openness and Misuse of Data
            The basic tenet of social networking is that the user must keep at least some personal information public. Otherwise it will amount only to private networking. If every data generated by the user is kept as private, in that space there would not be any scope for interaction. Hence in the social networking space users maintain some amount of personal data public.
            But once you make data public it would facilitate a malicious user to exploit and manipulate it. But even this avenue can be controlled by making appropriate changes in the ‘privacy settings’ so that the social networking space can be converted into a ‘limited networking’ space with access only to friends alone.  If the settings of access of  user data is increasingly made available within a limited circle,  the ‘limited networking’ activity would march more towards private networking!
            This is a dilemma that if access to every data is made increasingly limited to avoid misuse of data it would become ‘private networking’ where as if data is made public and ‘social networking’ is attempted it would open up avenues of misuse! As a matter of fact, this dilemma is a flimsy one and will vanish away once the user discern and realise the consequences of his own cyber behaviour. Social networking is something like talking in the public and if the misuse of whatever talked in public is to be avoided better not to talk sensitive things in public. It does not mean that you should not talk at all in public and one should talk only within home or in private. In fact, this is what every person is practising in his own daily life. 
No rational person would keep silent just because of the fear that there is possibility of misuse if anything is said in public, instead he would make use of his cerebral power and became vocal in a sensible manner! In fact the cyber world also needs a sensible person with a discerning behaviour.
Recapitulation
            Questions of privacy of data are related to errors in software and it has nothing to do with the malicious use of ‘data made public by the user himself’. The latter can be considered only as ‘misuse of data’. Since the misuse of data is made possible by the user himself by making his data public it could be easily dealt with by adopting a sensible cyber behavior.  But if anybody has  a pathological concern with the privacy of data, since it originates from the errors of a software, better not to use any cyber space or digital devise, be it e-mail, social networking, internet surfing, mobile phone etc.

No comments:

Post a Comment