Sex, scandal and security are not what you would expect from a privacy talk at a social media camp. Kris Constable, founder of PrivaSecTech, and Chris Parsons, UVic PHD candidate, presented a talk that was not only informative, but very sobering. While they do preach the importance of privacy, they both are also very active in the social media space; Kris actually has 7 different Twitter accounts.
A slide from sexchart.org flashed on the screen; showcasing a web hook-up chart that lines up the names of computer IRC geeks and celebrities who allegedly shared some sexual activity at least once, reminded social media participants that things on the web last forever. Read more about Sexchart.org in this “Wired” article.
As the audience used the conference Twitter hashtag #smcv10, and tweeted the fact that they were just shown a sex chart in the security session, Kris Constable revealed a prank he played on the conference organizer Paul Holmes. The night before the conference Kris created a Facebook account under Paul’s name and checked him in around town to some questionable locations using “Facebook Places.” Kris explained that he did not violate any of Facebook’s terms and conditions in doing so. A shocked audience seemed to get the point.
Kris went on to explain that in Canada we have strict laws that help to protect our privacy whereas in the US the Patriot Act allows the collection and storage of information on the web. As far as Google and Facebook are concerned, your information is not private or secure, “if you aren’t paying for the product, you ARE the product,” Constable stated. In the developer section on Facebook.com, it actually states that as a third party developer “you may cache data you receive from the Facebook API in order to improve your application’s user experience.” This means that anyone building a website and leveraging the Facebook API has access to your user data.
If you store your website information in the US, the data you collect is also subject to the Patriot Act. “ Keep your website hosted in Canada or you lose privacy,” said Parsons.
What they didn’t mention was that Canada is actually quite silently trying to push a similar bill, B C-29, through legislation nicknamed by Constable as the “Canada Patriot Act.” If this bill passes, “your personal information is no longer only provided to law enforcement for investigations; businesses can now provide your information to any company claiming to do investigations or fraud prevention,” Constable writes in his blog post discussing the bill.
While the default on the web is now “Public,” we must not forget the importance of privacy policies that help to protect us.