Too Much Information

Managing Privacy and Security

One day, Susan received a phone call from her best-friend Nick. He was calling her from work and sounded really annoyed. He started right ahead telling her that his boss had a weird talk with him. He was surprised because he didn’t have a clue of what was going on. His boss explained him in a very sleazy way that one of his colleagues had found a blog online that Susan and him had together, where they would put fun stuff that they wanted to share with their friends. The boss ordered him take off a picture where he was dressed like a woman and wearing high-heels. He could either delete it or leave his job. Susan couldn’t believe her ears.

Passwords and Encryptions

We need to protect our digital artifacts from different kinds of violations. Large organizations have system administrators to set up and maintain privacy and security policies, but the individual users typically have only themselves, their family members and friends.

We often carry assumptions from physical into digital world and base our policies on interpersonal trust relationships. Frequent mismatches occur between our mental models related to privacy and security and the current system designs and operations. People put their digital content on off-limit devices and restrict the access to them, as they often believe that device and data boundaries are the same. People trust those who are members of their households or come to their homes and let them use their devices. They often believe that they can prevent privacy violations by being physically present, but computer violations are often faster or less obvious that physical-world break-ins, which may complicate their detection, even if the owner of the digital artifact or data is in the same room as the offender. Users hide sensitive files within their devices, but the search tools enable fast and accurate discovery of the desired content, regardless its name or the directory structure. They delete sensitive files, but these often remain stored elsewhere. However, in most cases, the immediate benefit of the ability to quickly access a computer outweighs the concerns about privacy and security. People like to share certain files, such as photographs or work-in-progress, but become frustrated when their data is put at risk or exposed in a different way that they would expect. Often, the available fine-grained controls are not sufficiently usable and require too much time to specify them.

Common tools used to protect personal information and digital devices are accounts, passwords and encryptions. They are used to ensure that nobody, besides the authorized person, can retrieve the data. We should pay a special attention to where we employ our password and be provident in their use. We shouldn’t share them and if we do, we should alter them immediately. We should be consistent in logging out from our accounts, especially on shared devices.

Passwords, however, present obstacles in the event of emergency or death, when access to the information becomes necessary. Our information may become inaccessible, or even lost. The items, such as common household bills or pictures from holidays, that are relevant to others might get locked in our password-protected information space, as well as the information contained within our digital assets, since online companies, like Yahoo!, don’t allow to bequeath the account’s content. We should preview these possibilities and make sure that this kind of information is accessible or addressed in our personal inventories or in the digital estate plan.