This article discusses the risks to institutions in using Facebook, following Facebook’s recent addition of Timeline and Open Graph. The article deliberately looks at Facebook from an institutional risk context, rather than the implications for individuals. The article makes some interesting points:
- privacy is different from security, in that security is primarily a technical, hence mainly an IT, issue. Privacy needs a different set of policies that involves a much wider range of stakeholders within an institution, and hence different (and more complex) governance from security;
- many institutions do not have a simple, transparent set of policies for privacy, but different policies set by different parts of the institution. This will inevitably lead to confusion and difficulties in compliance;
It seems to me that even if one argues that online privacy is irrelevant in the 21st century, nevertheless until the law changes, institutions need to be careful to stay within the law. What I take away from this article is that if you are using Facebook for institutional purposes, be afraid – very afraid, unless you have very good lawyers and a comprehensive and coherent set of privacy policies.
Thanks to Academic Impressions for directing me to this article