"People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people."What's interesting is the leap of logic he made from the valid point that social sharing is now a mainstream practice to the dubious unilateral decision made to change the default privacy settings for 350 million Facebook users:
"A lot of companies would be trapped by the conventions and their legacies of what they've built, doing a privacy change - doing a privacy change for 350 million users is not the kind of thing that a lot of companies would do. But we viewed that as a really important thing, to always keep a beginner's mind and what would we do if we were starting the company now and we decided that these would be the social norms now and we just went for it."I've railed on Linden Lab in the past about anti-consumer provisions in the Second Life Terms of Service (TOS) agreement. But they're just following the standard software industry practice of issuing one-sided agreements that secure all conceivable corporate interests and preemptively strip customers of any leverage they might otherwise have had in case of a legal dispute.
The overall issue of equitable TOS agreements is going to be an increasingly important concern because dependence on software-based capabilities is transitioning from an optional personal decision to a mandatory part of life in our modern culture.
The ability to manage our own privacy is not just a matter of controlling access to our information on a site-by-site basis, but also depends upon our ability to limit how information about us can be collected, shared and aggregated as a whole. The more virtual our lives become, the more third-parties will have the ability to monitor our activities, integrate data from multiple sources and use the information in their own interests.
The same technology that drives the personalized advertising messages you see on Facebook and Google today, can potentially be used by organizations such as insurance companies, financial institutions and potential employers to calculate our "worthiness" by automated analysis of aggregated information ranging from blog comments to video favorites on YouTube.
It seems to me that privacy laws such as those that have been introduced to protect health data in the United States (HIPAA) should be extended to a wider range of information. This would mean that social networks such as Facebook would be required to provide a minimum standard of privacy controls that they could not arbitrarily change through TOS amendments. It would also further limit the ability of companies such as Equifax to aggregate and share personally identifying information.
The best source for information on net-related privacy issues is the Electronic Frontier Foundation. And they have a very cool xkcd tshirt option if you make a donation.