Granular Privacy Control (GPC) [en]

[fr] Google Reader permet maintenant à vos contacts GTalk d'avoir un accès facile à vos "shared items" (articles lus dans votre newsreader et que vous avez partagés). Il semblerait que beaucoup de personnes ont mal interprété cette nouvelle fonction, imaginant que leurs éléments partagés étaient privés, et qu'ils sont maintenant devenus publics. Nous voilà encore une fois face au même problème: l'internaute moyen (et même le pas-si-moyen) surestime complètement à quel point les informations qu'il publie ou partage en ligne sont confidentielles. Au risque de me répéter: internet est un espace public.

Cet incident nous montre aussi, à nouveau, à quel point nous avons besoin de pouvoir structurer de façon fine (Granular Privacy Control = GPC) les accès à nos données à l'intérieur d'un réseau social. Facebook est sur la bonne piste avec ses "listes d'amis", mais on ne peut pas encore les utiliser pour gérer les droits d'accès.

In response to Robert Scoble‘s post about how Google Reader needs to implement finer privacy controls. Let’s see what Robert says, first:

Oh, man, is the Google Reader team under attack for its new social networking features.

There’s a few ways I could take this.

  1. I could call people idiots for not understanding the meaning of the word “public.”
  2. I could call the Google Reader team idiots for not putting GPC into its social networking and sharing features.
  3. I could call the media idiots for not explaining these features better and for even making it sound like stuff that isn’t shared at all is being shared (which absolutely isn’t true).

I’m going to take #2: that the Google Reader team screwed up here and needs to implement GPC as soon as possible. What’s GPC? Granular Privacy Controls.

Here’s how Google screwed up: Google didn’t understand that some users thought that their shared items feeds were private and didn’t know that they were going to be turned totally public. The users who are complaining about this feature assumed that since their feed had a weird URL (here’s mine so you can see that the URL isn’t easy to figure out the way other URLs are) that their feed couldn’t be found by search engines or by people who they didn’t explicitly give the URL to, etc. In other words, that their feed and page would, really, be private, even though it was shared in a public way without a password required or anything like that.

Robert Scoble, Google Reader needs GPC

Wow, I really didn’t think that this feature was going to create trouble. I was personally thrilled to see it implemented. So, here are two thoughts following what Robert wrote:

  • I’ve noticed time and time again that you can tell people something is “public” as much as you like, they still don’t really grasp what “public” means. Because things are not “automatically found” on the internet, they still tend to consider public stuff as being “somewhat private”. This is a general “media education” problem (with adults as much as teenagers). So, Robert is completely right to point this out.
  • GPC is a very important thing we need much more of online (see my SPSN and Ethics and Privacy posts) but I disagree with Robert when he says that Facebook has it. Facebook isn’t there yet, though they are on “the right path”. I can’t yet use my friend lists to decide who gets to see what on my profile. That would truly be GPC (in addition to that, their friends list interface is clunky — I need to blog about it, btw).

4 thoughts on “Granular Privacy Control (GPC) [en]

  1. This really reminds me of the permission troubles Unix had (rather has) a few years ago. It turned out, that the classic model (user, group, everyone else could each have read, write and execute rights) works for about 90% of the cases. With some hacks like the so-called sticky bit, it extended to 95%. But due to other limits (the user can only be in so many groups) it doesn’t work for everybody.

    So the powers that be invented ACLs, access control lists. This way, you can nearly reach 100% (I think it’s matematically provable that can’t reach 100%). Anyway, this turned out to be nice and all, but people didn’t use it – they used classic permissions 90% of the time and were unwilling or unable to learn ACLs.

    Bottom line: fine-grained access control for anything, be it files or personal info has to always keep in mind that it must be easy and straightforward to use. What good is a security feature that nobody uses?

  2. I have the impression that if you can tag people (ie, create “easy” lists like that) and then define access rights per tag (“relationship status on Facebook: not for people tagged ‘co-workers’), it shouldn’t be too cumbersome. People who want to make it complex can make it complex, and people who want to keep it simple can keep it simple (maybe with some help from the system).

    Do you think this is already too complicated for most people to use?

Leave a Reply

Your email address will not be published. Required fields are marked *