A couple of weeks ago I wrote a post about people needing privacy, which generated some interest and comments. It roused a lot of interest because, as I suspected, the computer security side is reasonably understood and under control. This post builds on this discussion and looks how our privacy is being compromised in ways that we probably don’t even realise. At the weekend my son Jonathan was demonstrating some of the many features on his new Android - one of which geographically pinpoints local Twitter activities. We sat in the sun in a public park in the UK by the river Thames and not surprisingly, it was a pretty crowded. There were the inevitable tweets like: ‘great in the sun’ and ‘feeding the ducks’, but remember the facility also renders the sources of the tweets geographically and that for some people means they have registered Tweeter to their home address. If you have done this, how might you feel about the Tweet that said ‘on holiday stuffing everything in the plane locker’ and showed your home address on the geographical display? Take a look at all the different ways that Tweeter can be linked to locations at this ‘helpful’ site. This eye-opener compares with other stories about people giving away similar details on Facebook and coming home to find they’ve been robbed. This is ironic, given the way the insurance industry has been making use of Facebook for some time now as a direct sales tool. I stopped providing Doppr updates as of last week on learning that my home insurance is invalid if I have done this. It’s a shame, because this effective tool was great for helping meet up with distant friends and colleagues when visiting countries/towns on business. The global village built around a wealth of links, chats, and other innocent activities is also the world’s biggest database. With the search skills we all now have, it’s an accessible database with which anyone can create a powerful view of any number of issues, questions or tasks. Using Google or Bing, one can find advice on how to use tools to track down sources for even simple emails. Or consider how a variety of tools allow you to figure out a person’s location from their cell phone, or even show you the details of a registered user, even if they are unlisted. All of this is before raising the issue of enterprise employment records and most of all government departmental records. We instinctively think of these as being the huge databases that need to be secured, controlled and even in need of legislation on the combining of records, in case the combined data would give too much away. The more I look into this topic, the more I realise that the challenge is changing. We give more information away knowingly, or unknowingly, in response to small individual situations without realising the global village implications. Powerful new tools change the balance of power from a few large databases in the hands of government or enterprises (where risk awareness is generally good) to the myriad of small amounts of data spread across the web, which can be easily connected, but remain largely unregulated. Returning to the example of a service which can advertise your empty home while you celebrate being on holiday: these can clearly pose a risk to users. So who owns this risk? And what steps should be taken to manage this growing risk? All questions for which I don’t have answers, but I am interested to see in the US the Government and Private sector getting together around federated identity management using OpenID which just might be the beginnings of a more serious start to this issue.