Thanks to the ACLU of Washington's blog I got a link to this outstanding video on the privacy commissioner of Canada's website. It absolutely nails what social networks are about from a business perspective and why users need to be concerned. This is just yet another argument for why we need open social networks that let users host and control their own data instead of being forced to live in other people's walled gardens. It's a pity that efforts like OpenSocial (which has absolutely nothing to do with freeing user's data) use the name "Open". Because we could really use a real OpenSocial. It wouldn't even be hard. Take a dollop of standardized data schemas, a side of REST and sprinkle some OpenID on top and you are basically there. For dessert we could even fix OAuth to enable true interoperability. [Ed. Note: I realize that my readership already understands what's in that video but maybe you can pass it on to your friends who haven't been quite clued in yet.]
TechCrunch claims that Yahoo!'s handing over data on a Chinese journalist to the Chinese government was, on balance, appropriate behavior. What I believe TechCrunch completely misses the point on is that Yahoo!, of its own free will, made the decision to become a 40% owner of a Chinese company that hosted sensitive personal information within the reach of the Chinese government. That is Yahoo!'s real ethical failure. The fact that the Chinese government used its powers to grab that data was the inevitable outcome of Yahoo!'s actions. I believe Yahoo! should have refused to have involved itself in any situation that would see its users sensitive data stored in a country with such an abysmal human rights record. I personally believe that Yahoo! deserves enormous criticism for its actions and some kind of movement to refuse to do business with Yahoo! until it gets sensitive data out of the hands of the Chinese government seems completely appropriate.
To the folks who read this blog, who are mostly in the on-line services business, this issue isn't just theoretical. Everyday we make decisions that affect the privacy and security of our users. Where do we host our data? What kind of interception facilities do we put in our networks? What kind of logs do we keep? We all have an obligation to act ethically, to use our knowledge to help people, not harm them. When we record more than we need, keep it longer than we need, make it too easy to recover/intercept and store it in the wrong place we fail in our ethical obligations and for that we all need to be held to account.