Let me take a random list of events, some current, some not-so-current:
- Jason Fortuny and his nefarious Craigslist “experiment”
- Second Life being hacked
- Alarms about Bebo and MySpace
- Pushback against Facebook facilities
- Leaking of Google searches
- Confidential records being leaked accidentally
- “Pretexting” to hack into confidential records
- Embarrassing e-mail leaks
Lots of leaks. Lots of leaks that affect Web 2.0 companies. Lots of worried people. What is it they have in common? [No, please do not start a conspiracy theory for all this; if you feel like that, then please take your Grassy Knoll and park it in the Mare Tranquillitatis….]
Trust. Yes, again, it’s all about trust.
People are comfortable with sharing all kinds of things, via social networking sites, via Flickr, via blogs, via last.fm, via LibraryThing, whatever. They go further, they share feed lists using OPML, share sites they visit via StumbleUpon, the list goes on and on.
So what’s the big deal? Why do people get so upset with the leaks mentioned above? It’s not as simple as “people don’t mind good things coming out, they don’t like bad things coming out”. For example, “Black” credit information has been shared for much longer than “white”. So what is it?
It appears to me that sharing of digital information takes place when four trust questions are answered correctly:
- Did the person or group tell you that the information was being collected?
- Did you agree to it being collected?
- Did they promise you not to share it with others?
- Do you have recourse if they fail to keep that promise?
The questions and answer need not be explicit, but they must, at the very least, be tacitly agreed.
This trust, even if based on tacit agreements, is very specific. It is between a person and a group. That group may be a group consisting of one person. A small community. A firm. Whatever.
Which brings me to my musing. Two questions:
If information is power, and personal information has value, then you can aggregate this information to get greater value. Can such aggregated information reach monopoly levels, become an antitrust issue? Can we start expecting antitrust rulings based on “information power share”?
This information, with all its power, gains that power at least partially as a result of a tacit agreement between the information donor and the information aggregator. How does this affect M&A? Take a hypothetical example. Say I’m comfortable with sharing purchase patterns with Company A but not with Company B. So I have an agreement with Company A but not with B. Then B tries to buy A. Do I get my information back? What happens?
If we take this to its logical conclusion, then take a look at government departments. We share information with them, allow them to collect it and store it and do various unspeakable things to it, on a tacit agreement. No unauthorised sharing. Which is why people like EFF and ACLU are so up in arms with what happens with, say, medical and psychiatric records.
I can see only one way out. But I want to see what others think.