Now blogging at diego's weblog. See you over there!

reversing the privacy flow

In a post talking about Python Jon mentioned, at the end, this (in reference to an email quote he made with permission):

Emails from Ross Mayfield, CEO of Socialtext, include a .sig that ends with:
this email is: [ ] bloggable [ x ] ask first [ ] private
Great idea! I've added this to my own .sig.
It is a great idea (I'll follow the meme as well :)). This led me to thinking further about what's underlying including a signature like that. It's not only a matter of privacy, but also of trust, ie., if you don't trust whoever you're sending the email to, that signature is worthless.

So this is a kind of purely social control on the openness of a digital medium (in the case, email), and it underscores is that we need to start reversing the privacy flow of applications. What I mean by that is that many applications today (including most current social networking apps) don't have a poor "understanding" of privacy as much as they have a bent towards assuming that everything's public unless you say so. The notion of privacy "flows" from the user to the application, requesting adjustments to the user, instead of the user giving up elements of his privacy to the application (reverse flow). I'm sure many people are ok with that, but I prefer the idea that everything is private and you can open up elements as you prefer.

This makes it more difficult to do things like searching and browsing, since not all the information is public. So there has to be a fundamental design decision made to enable this behavior.

Plus: I find it interesting that the first option is "bloggable" which is basically as public as anything gets. Bloggable replaces public, and it's reasonable in the context of blogs as "information that can spread out of control." Could we not have a category called "public for coworkers" or "public for your friends"? Yes. But in this case the levers we can pull are useless, because your trust relationship (which determines whether that message is useful or not) is with the first person; once the information goes beyond that trust relationship (eg., to your trusted contact's coworkers) then they are not bound by it. Sure, your trusted contact might point out that it shouldn't go beyond them, but when they decide not to mention it they will have to act not based on their trust relationship of your contact, but on the aggregate of your contact's trust relationship to them and the perceived value (for them) of your contact's trust relationship to your (whom they presumably don't know). That simple statement, "bloggable" is an acknowledgement that once you go your immediate trust circle you have for all purposes lost whatever control you had of the information spread. All or nothing.

Makes sense? I think a diagram might be in order ...

Categories: clevercactus
Posted by diego on March 7 2004 at 12:34 PM

Copyright © Diego Doval 2002-2011.
Powered by
Movable Type 4.37