From a great post today at TechCrunch http://www.techcrunch.com/2009/01/28/the-privacy-dilemma/ comes the following quote:

The more of our lives that we put online, the less privacy we have. It is as simple as that. And this is a problem that will just get worse over time. You cannot be fully engaged on social networks, blogs, YouTube, Flickr, Twitter, FriendFeed, and all the rest without opening yourself up to phishers, scammers, and identity thieves. Something to think about since today is Data Privacy Day.

How much personal information do you share on-line? A lot, we suspect, the younger you are. We have learned from a focus group of our Millennial advisors that while they are conscious and concerned about privacy, they still Twitter and Facebook their status away with things like “Having a burger” or even “In the shower now.” At the same time, these are the same 18-32 year-olds entering the work force aware that they need to disable their social network accounts whenever they apply for school or a job. Why? Because they don’t trust the sites completely and they know people are now checking candidate’s social network pages. We think these Millennials are being very prudent. After all, the social network sites started life as picture and status sharing sites and data privacy is not core to them. And none of the social networking sites are set up with a fine-grained approach to controlling access to your profile. Isn’t what you want; a way to control exactly who gets to see what portion of your profile? You may want just your college buddies to see those pictures of you inebriated at the fraternity party. You sure don’t want the next set of recruiters to see them. Might not even want your parents or your girlfriend to see them either. Someone needs to come along with strong privacy and security DNA and create this kind of fine-grained control in a trustable profile system that allows you to not only control who sees what, but also who gets to even communicate with you.

So is it that privacy is so hard to deliver on the Internet? Actually no but it has to be planned out and built in from the start. Technology has strongly supported good control over access to information for quite some time and it is quite mature with even free open source versions of it available. But you have to care enough to use it. If its not core to your business, perhaps you don’t bother with it. We think that is wrong especially if your core business intersects with handling people’s personal information. Even if you are not a bank and even if you never ask for social security numbers. To many of us, some of those pictures may be more private than even our social security number.

Trust is the key to privacy. But as Frances Fukuyama in his seminal book Trust argues, “the most pervasive cultural characteristic influencing a nation’s prosperity and ability to compete is the level of trust or cooperative behavior based upon shared norms. In comparison with low-trust societies (China, France, Italy, Korea), which need to negotiate and often litigate rules and regulations, high-trust societies like those in Germany and Japan are able to develop innovative organizations and hold down the cost of doing business.” Fukuyama argues that the United States, like Japan and Germany, has been a high-trust society historically but that this status has eroded in recent years.

We believe the increased dependence on the Internet for transactions of all kinds and for social interactions combined with the very lax approach to trust exhibited by most Internet-based organizations is significantly contributing to this erosion. And this is dangerous. Lose trust and you never get it back. And one bad egg can spoil the batch which in the context of the Internet could mean one bad incident on a social networking site could scare everyone away from all of them.

As a citizen on the Internet we want to provide personally identifiable information (PII) when we get some benefit in return but you always have to ask yourself if you trust the company you are giving it to. But as focus groups recently held by Microsoft turned up, most of us also just close our eyes and jump, out of a sense of resignation all too often. How often have you gone ahead and sent something kind of sensitive through any of the huge Webmail portals? You know full well their servers scan and process your email because that’s how they generate what are supposed to be context-appropriate ads on your Inbox page. I have to admit, even someone like me who has started a security company and written books on the subject have done it when sending business plans, sensitive legal documents and presentations and even sometimes PII. The experts call the tight control over who can read your messages no matter where they go confidentiality. It’s related to privacy because you want that information just to get to the person you specify and not to be accessible to any strangers along the way. Again, the technology to make the information in those messages absolutely unreadable by anyone except the intended recipient has been around for a long time. But it is rare to find it put to use in any of the messaging systems we all use. It seems only the government makes regular use of it. Again, we think it is long past time for that to change.

Here on Privacy Day 2009, it’s time for privacy to stop being something you close your eyes and pray for and becomes front and center in the value you seek and expect from online information brokers.