Facebook so called “real names” and Drag Queens

So, Just when we thought the Nym Wars were over at least with Google / Google+. Here is my post about those ending including a link to an annotated version of all the posts I wrote about my personal experience of it all unfolding. Facebook decided to pick on the Drag Queens – and a famous group of them the Sisters of Perpetual Indulgence.  Back then I called for the people with persona’s to unite and work together to resist what Google was doing. It seems like now that Facebook has taken on the Drag Queens a real version of what I called at the time the Million Persona March will happen. One of those affected created this graphic and posted it on Facebook by Sister Sparkle Plenty: MyNameIs Facebook meets with LGBT Community Over Real Name Policy  on Sophos’ Naked Security blog. EFF covers it with Facebook’s Real Continue reading "Facebook so called “real names” and Drag Queens"

We “won” the NymWars? did we?

Short answer No – I’m headed to the protest today at Facebook. A post about the experience will be up here by tomorrow. I’ll be tweeting from my account there which is of course @identitywoman  
Post from Sept 2014 Mid-July,  friend called me up out of the blue and said “we won!” “We won what” I asked. “Google just officially changed its policy on Real Names” He said I had  to write a post about it. I agreed but also felt disheartened.
We won but we didn’t it took 3 years before they changed. They also created a climate online where it was OK and legitimate for service providers to insist on real names. For those of you not tracking the story – I along with many thousands of people had our Google+ accounts suspended – this posts is an annotated version of all of those. This was the Google Announcement: Continue reading "We “won” the NymWars? did we?"

T.Rob Wyatt Explains the Respect Trust Framework (and May Not Even Know It)

How to explain how we got here?

  1. I wrote a blog post called Please Send Wicked Simple Email inspired by the jaw-dropping great messages T.Rob Wyatt was sending to the VRM (Vendor Relationship Management) and personal cloud mailing lists. I lobbied for T.Rob’s thoughts to be going onto his excellent blog for easier & longer term sharing.
  2. Today T.Rob does just that and puts up a killer blog post about why we need VRM from a privacy and personal data rights standpoint that argues the case as strongly as anything since John Kelly’s killer talk on personal clouds at Gartner Symposium or Doc Searls book The Intention Economy.
  3. I read T.Rob’s post and realize he’s nailed it so well that he explains exactly why we needed to define the Respect Trust Framework before we could build the Respect Network.

Here is the paragraph where T.Rob nails it:

VRM, or Vendor Relationship Management, is a new approach to conducting business in which the missing physical constraints [for protecting privacy and personal data] have been replaced by technological and policy constraints that restore the balance of power between individuals and their vendors, and perhaps to some extent also their governments.

Now read this purpose statement from the first line of the Respect Trust Framework:

The purpose of the Respect Trust Framework is to define a simple set of principles and rules to which all Members of a digital trust network agree so that they may share identity and personal data with greater confidence that it will be protected and only used as authorized.

Separated at birth…and I don’t know if T.Rob has even seen the Respect Trust Framework.

genieGiven the depth of his knowledge and research, I wouldn’t be surprised—I just haven’t heard him mention it yet. But no matter—he came to exactly the same conclusion as those of us founding the Respect Network: the privacy-invading technology genie is out of the bottle and there’s no stuffing him/her back in. So the alternative is to “restore the balance of power” a different way, with an opt-in network where everyone agrees to play by a new set of rules.

I can hardly wait to get the network fully operational—all I can say is that the 24 Respect Network Founding Partners are working like mad to get there. If you want an in-depth progress report, come see us at the next Internet Identity Workshop coming up in Mountain View May 7-9.


Another Bill of Rights

I did a collection called the Bill o' Rights o Rama. 

Here is a new proposed one a Gamers Bill of Rights  based on another gamers bill of rights (this one looks beautiful)

Preamble
Gamers are customers who pay publishers, developers, and retailers in exchange for software.

They have the right to expect that the software they purchase will be functional and remain accessible to them in perpetuity.

They have the right to be treated like customers and not potential criminals.

They have the right to all methods of addressing grievances accessible by other consumer.

They have the right to the game they paid for, with no strings attached beyond the game and nothing missing from the game.

Gamers' Bill of Rights
I. Gamers shall receive a full and complete game for their purchase, with no major omissions in its features or scope.

II. Gamers shall retain the ability to use any software they purchase in perpetuity unless the license specifically and explicitly determines a finite length of time for use.

III. Any efforts to prevent unauthorized distribution of software shall be noninvasive, nonpersistent, and limited to that specific software.

IV. No company may search the contents of a user's local storage without specific, limited, explicit, and game-justified purpose.

V. No company shall limit the number of instances a customer may install and use software on any compatible hardware they own.

VI. Online and multiplayer features shall be optional except in genre-specific situtations where the game's fundamental structure requires multiplayer functionality due to the necessary presence of an active opponent of similar abilities and limitations to the player.

VII. All software not requiring a subscription fee shall remain available to gamers who purchase it in perpetuity. If software has an online component and requires a server connection, a company shall provide server software to gamers at no additional cost if it ceases to support those servers.

VIII. All gamers have the right to a full refund if the software they purchased is unsatisfactory due to hardware requirements, connectivity requirements, feature set, or general quality.

IX. No paid downloadable content shall be required to experience a game's story to completion of the narrative presented by the game itself.

X. No paid downloadable content shall affect multiplayer balance unless equivalent options are available to gamers who purchased only the game.

The Real Killer App for Personal Clouds

safe-w-gold-barsI’ve been working for several years now on building infrastructure for personal clouds (that’s the entire goal of the Respect Network based on the Respect Trust Framework). I’ve helped design, discuss, and debate dozens of powerful new apps for personal clouds (see several that were shown at the SWIFT Digital Asset Grid session in Osaka last October). During that time I can’t count how often I’ve been asked: what will be the killer app for personal clouds?

But just in the last few weeks—since the first Personal Cloud Meetup in San Francisco last month—the answer has started screaming at me: the killer app IS the personal cloud!

What does this mean? Read this (about having all my digital gear stolen). And then this (about having Facebook access turned off). And then this (Phil Windley’s latest blog post about the Tesla car spying fiasco). And then answer me: do you have a place to safely store all of your personal and household digital assets (files, photos, receipts, contacts, calendars, financial records, medical records, product usage data, etc.) where you know:

  1. They will always be safe, even if your house burns down or you lose all your devices?
  2. You, your spouse, or your family’s access to them cannot be turned off by a third-party service provider because of its own terms-of-service provisions?
  3. If you permission apps or services to store data there, you alone will control the rights to access and share that data (like you do on your own computer)?
  4. You can share any of your digital assets with any party you want on your own terms?
  5. All of your personal digital assets are all fully portable, and ideally mirrored across multiple independent service providers?

If your answer is yes, please tell me more. If your answer is no, now you know why the personal cloud—a truly PERSONAL cloud that can deliver all of the above— is the killer app.


Book as API: A Perfect Job for XDI

alistair-croll-book-as-api-headshotsWhen we first started working on XDI at OASIS in 2004, the goal was a standard format and protocol for data sharing. We were thinking mostly about the data that was already in databases and other conventional data sources. But now that “everything is turning into data”, the problem space to which XDI applies keeps growing wider.

My latest favorite example is the Book as API post from Alistair Croll’s Solve for Interesting blog. It’s about a talk he and Hugh McGuire gave at O’Reilly’s Tools Of Change conference about the future of the book. It describes how havng an API can unlock the value of the intellectual energy in every book the same way a user interface unlocks the power of a software program.

Read it and you will never look at a book the same way again.

In my case, reading this post through my XDI lens, I saw something even deeper: the future format of books. It starts with the point Hugh makes on slide 97 of his and Alistair’s 100 slide presentation:

Books are made of stuff that can be named.

Hugh then goes on to say in slide 98:

If you name your stuff in HTML (while indexing!), then we can (easily) build new uses/interfaces for our books…

Of course he’s right. The “indexing” Hugh refers to is semantic HTML as explained earlier in his presentation (slides 59-73). But if you “name your stuff” in XDI, then it’s not just semantically understandable, the book and all its contents are globally addressable and composable and semantically reusable (subject to the relevant XDI link contracts) anywhere else it can provide value.

Alistair ends his post:

The killer feature of the book [of the future] is it’s API.

I would go a step further: the killer feature of the book of the future is that it’s an XDI graph.


Real Names vs Nyms at Quora & Unconferences

I am again in a #nymwar [wikipedia & Botgirl's Scoop.it] situation that I actually care about. I have been denied full participation in Quora for a long long time now because my last name was listed as IdentityWoman (ironically my answer to why having control over your identity and personal data online matters did go through but then was put into suspension when they insisted on changing my name to a WASPonym).

Now there is a thread all about an unconfernece for women of Quora and they have mentioned both Unconference.net my business and She's Geeky that I founded in the threads. I for this one important conversation bow to the "feudal lord"  of Quora as their humble "content producing servent" share my so-called real name...and help them have a good unconference and raise the issues of real name requirements within the context of real human beings who engage with the site all the time and hopefully staff as well.  Until we have the freedom to choose our names for public interactions on the web - to define our own identities based on our context and how we wish to appear where - we do not live in a free society.

 

Before they "banned" me for having the wrong color skin name. I got to write an eloquent to this question (posted below since it isn't on their site).

Why does owning one's own online identity and personal data matter?

and was voted to the top (with 5 votes) by others...but now that answer isn't there cause I didn't use my real name.

So now you can't see it...this is akin to not letting me sit somewhere in a public space because the color of my skin is the wrong one OR I happen to sit in a wheel chair to get around and there isn't room in our restaurant and they are in violation of American's with Disabilities Act.

The women of Quora are talking about organizing an unconfernece and found two of my organizations/sites and are enthusiastic about them. I am totally unable to talk to them about their ideas or my sites unless I pass their "real names" test....you know like a pole tax ... that Bob and I talked about in our Cloud Identity Summit closing Keynote about Identification and Social Justice (slides and videos will be online soon).

My answer to:

Why does owning one's own online identity and personal data matter?

We own our own bodies - we have freedom and autonomy to move around the physical world.  We have rights and freedoms; If our physical lives are terminated there are consequences.

In the digital world many people are not the primary "owner" of their own identity (in digital space the equivalent of a physical body is a persistent identifier like an e-mail address or a URL or phone number).  Most people's identity on the web is "under" terms and conditions of a private company and they can terminate people's accounts, their identities, without recourse.

Many companies with which people have their identities "under" choose to in exchange for providing identity provisioning services and things like e-mail. They also track and aggregate user's activities on their services and across the web via cookies and other beacons.  This profile of activity has real value and is being used by the companies to profile them and then sell abstract versions of the profile information on ad exchanges.

Some have said we live in an age of digital feudalism, where we are serfs on the lords' manors (the large web portals).

Having the freedom and autonomy to choose who we are online and how we express ourselves is important to ensuring a free society  with rights and liberty.

Adding some more: About one's social graph... The links in your social graph in the current architecture of the web exist within particular contexts - you have friends in Facebook or Followers on Twitter or Professional Contacts on LinkedIN. Those links, those connections in a "social graph" are ulitmately owned by the company within which you made those links. If you choose to leave any one of those networks - all your links to those people are terminated.

This is an architecture of control. You are locked into those systems if you don't want to loose the links to others in them. To own your own identity would be to have an identity that would give you the freedom to not loose the links to your contacts, they would be peer to peer autonomous of any particular service.

The next time there is a major social revolution like in Egypt governments are not going to try and turn of the internet or mobile phone system it is likely they will simply call facebook ans ask them to terminate the accounts of dissidents.

 

 

Good news and bad news from Delaware Lawmakers

Reading the following SFGate story was a real rollercoaster ride: 

DOVER, Del. (AP) — State lawmakers have given final approval to a bill prohibiting universities and colleges in Delaware from requiring that students or applicants for enrollment provide their social networking login information.

The bill, which unanimously passed the Senate shortly after midnight Saturday, also prohibits schools and universities from requesting that a student or applicant log onto a social networking site so that school officials can access the site profile or account.

The bill includes exemptions for investigations by police agencies or a school’s public safety department if criminal activity is suspected.

Lawmakers approved the bill after deleting an amendment that expanded the scope of its privacy protections to elementary and secondary school students.

First of all there was the realization that if lawmakers had to draft this law it meant universities and colleges were already strong-arming students into giving up their social networking credentials.  This descent into hell knocked my breath away. 

But I groped my way back from the burning sulfur since the new bill seemed to show a modicum of common sense. 

Until finally we learn that younger children won’t be afforded the same protections…   Can teachers and principals actually bully youngsters to log in to Facebook and access their accounts?  Can they make kids hand over their passwords?  What are we teaching our young people about their identity?

Why oh why oh why oh? 

 

Support Standard Information Sharing Labels

One more a tip o’ the hat to Phil Windley for saving me a thousand words. He’s wonderfully articulated the reasons you should support Joe Andrieu’s Kickstarter project for the Standard Information Sharing Label.

Phil sums it up perfectly:

Just like we have a standard label for drugs so that people can more easily understand how to take a drug and what it does, we should have a standard label for sites that want you to share your personal information.

It won’t get us everything that the Respect Network will, but it’s a good step in the right direction. Move your cursor right on over to the project and show you care about seeing what’s really happening with your personal data.

(And what better time to show your support for the standard label than during Privacy/Identity/Innovation 2012 going on right now in my home city of Seattle. Hats off to Natalie Fonseca and Marc Licciardi for an outstanding set of talks on the first day.)


PLOA – Just What You Need to Know

On Friday I had a demo of PLOA – Personal Levels of Assurance — from it’s architect, Jay Glasgow at AT&T. I’ve known Jay since he attended an XDI retreat hosted by Scott David at Whistler two years ago, and at that retreat I learned just how deeply Jay was thinking about the problems of federated identity and user-centric identity. Which is to say, plenty.

PLOA is the outcome of Jay’s analysis about how a large identity provider (IdP) like AT&T should go about providing not just a user-centric identity system, but a developer-friendly and relying party-friendly system (relying parties being the sites that actually need the identity assurance). There’s an entire white paper about it on the Open Identity Exchange site, of which AT&T is an executive member.

But the biggest challenge with PLOA has been that it’s a worldview shift about how identity assurance really needs to work. As such, it solves so many related problems together that it’s hard to sum it up in a nutshell the same way you can for OpenID (“lets you use one username and password across all OpenID-enabled sites”) or OAuth (“lets you give access to your private stuff online without giving out your password”).

After seeing Jay’s demo, the lightbulb finally hit for me: PLOA is Need to know for assurance. It’s a clear way for any relying party to find out just what they need to know about any particular user — for any particular interaction/transaction in any particular context — in as lightweight and user-friendly a way as possible. It does this by:

  1. Decoupling assurance — what a relying party needs to know ABOUT you — from authentication — the act of proving you have a valid identity credential.
  2. Standardizing how a relying party can ask a third party (the IdP) for just what it needs to know about you to give you the service you are requesting – nothing more.
  3. Standardizing how the IdP — and the application developer creating the user experience — can obtain the necessary assurance data needed from you if it doesn’t already have it.
  4. Giving you complete control over this process, so you can revoke the assurance data and permissions you have given to IdPs if you want to.

By breaking down assurance into small, discrete, bite-size chunks, each of which is transparent and subject to user permission, PLOA makes identity assurance lightweight, modular, contextual, and privacy-friendly.

That’s a good thing. Now what PLOA needs is:

  1. Binding to a standard wire protocol, e.g., JSON over HTTP/S.
  2. Publishing by a standards body.
  3. Adoption adoption adoption.

Jay knows I believe PLOA is a great fit for the XDI protocol, since the main XDI binding is JSON over HTTP/S, and sending/receiving XDI triples in JSON is about as lightweight and modular as it gets. But that’s just one of many options for a PLOA protocol.

From my perspective, what’s exciting about PLOA is that it’s a perfect fit for where we are headed with the Respect Network (more about that coming soon — for now just see the Respect Trust Framework). So keep an eye on it – for identity assurance, it’s just what you need to know.

UPDATE: Jay advises me that he will be giving demos of PLOA at two upcoming AT&T meetings in NYC on April 19 and NOLA on May 7.


Kim Cameron on Google’s New Privacy Policy

When he first introduced them in 2004, Kim Cameron’s Laws of Identity changed the landscape of the Internet identity industry almost overnight. Though Kim has since stepped down as Chief Identity Architect at Microsoft, he still packs a helluva punch when he weighs in on important global identity, privacy, and security issues.

So he’s weighed in (hint: along with the Attorney Generals of the United States) on Google’s new privacy policy.

Read it. It’s even more important than you think.


The Fundamental Flaw in SOPA and PIPPA

After all the raging debate about SOPA (Stop Online Piracy Act) and PIPA (Protect IP Act), the fundamental flaw in both is captured succinctly in this public letter to Senator Orrin Hatch from Phil WindleyKynetx CTO and author of The Live Web, on his Technometria blog.

Thanks for summarizing the problem so nicely, Phil. And a tip ‘o the hat too to Cory Doctorow, whose talk on the subject Phil credits as well.

Incidentally, Phil’s point that we don’t need new laws governing technology, we need to enforce existing laws about harmful behaviour, explains why Connect.Me created the Respect Trust Framework. It is the legal fabric of a “purposeful network” where the incentives are so strong not to violate the trust of others that we will not have the kinds of rights violations that SOPA and PIPA are trying, misguidedly, to address.


A social network or the name police – but not both

It seems a number of people take the use of ”real names” on the Internet as something we should all just accept without further thought.  But a recent piece by Gartner Distinguished Analyst Bob Blakley shows very clearly why at least a bit of thought is actually called for - at least amongst those of us building the infrastructure for cyberspace: 

… Google is currently trying to enforce a “common name” policy in Google+. The gist of the policy is that “your Google+ name must be “THE” name by which you are commonly known”.

This policy is insane. I really mean insane; the policy is simply completely divorced from the reality of how names really work AND the reality of how humans really work, and it’s also completely at odds with what Google is trying to achieve with G+.  (my emphasis - Kim)

The root of the problem is that Google suffers from the common – but false – belief that names are uniquely and inherently associated with people. I’ve already explained why this belief is false elsewhere, but for the sake of coherence, I’ll summarize here.

There isn’t a one-to-one correspondence between people and names. Multiple people share the same name (George Bush, for example, or even me: George Robert Blakley III), and individual people have multiple names (George Eliot, George Sand, George Orwell, or Boy George – or even me, George Robert “Bob” Blakley III). And people use different names in different contexts; King George VI was “Bertie” to family and close friends.

THERE IS NO SUCH THING AS A “REAL” NAME.

A name is not an attribute of a person; it is an identifier of a person, chosen arbitrarily and changeable at will. In England, I can draw up a deed poll in my living room and change my name at any time I choose, without the intervention or assistance of any authority. In California, I apparently don’t even need to write anything down: I can change my name simply by having people call me by the new name on the street.

COMMON NAMES ARE NOT SINGULAR OR UNIQUE.

Richard Garriott is COMMONLY known as “Richard Garriott” in some contexts (check Wikipedia), and COMMONLY known as Lord British in other contexts (go to a computer gaming convention). Bob Wills and Elvis are both “The King”.

Despite these complexities, Google wants to intervene in your choice of name. They want veto power over what you can call yourself.

Reversing the presumption that I choose what to be called happens – in the real world – only in circumstances which diminish the dignity of the individual. We choose the names of infants, prisoners, and pets. Imposing a name on someone is repression; free men and women choose their names for themselves.

But the Google+ common name policy isn’t even consistently repressive; it sometimes vetoes names which ARE “common” in the sense Google intends (Violet Blue is an example), it sometimes accepts plausible names based on clearly fraudulent evidence, and it even “verifies” fraudulent names.

Google+’s naming policy isn’t failing because it’s poorly implemented, or because Google’s enforcement team is stupid. It’s failing because what they’re trying to do is (1) impossible, and (2) antisocial.

(2) is critical. Mike Neuenschwander has famously observed that social software is being designed by the world’s least sociable people, and Google+ seems to be a case in point. Google wants to be in the “social” business. But they’re not behaving sociably. They’re acting like prison wardens. No one will voluntarily sign up to be a prisoner. Every day Google persists in their insane attempt to tell people what they can and can’t call themselves, Google+ as a brand becomes less sociable and less valuable. The policy is already being described as racist and sexist; it’s also clearly dangerous to some disadvantaged groups.

If you want to be the host of a social network, you’ve got to create a social space. Creating a social space means making people comfortable. That’s hard, because people don’t fit in any set of little boxes you want to create – especially when it comes to names. But that’s table stakes for social – people are complicated; deal with it. Facebook has an advantage here; despite its own idiotic real-names policy and its continual assaults on privacy, the company has real (i.e. human) sociability in its DNA – it was created by college geeks who wanted to get dates; Google+ wasn’t, and it shows.

If Google’s intention in moving into social networking is to sell ads, Google+’s common names policy gives them a lock on the North American suburban middle-aged conservative white male demographic. w00t.

The Google+ common name policy is insane. It creates an antisocial space in what is supposed to be a social network. It is at odds with basic human social behavior; its implementation is NECESSARILY arbitrary and infuriating, and it is actively damaging the Google+ brand and indeed the broader Google brand.

The problem is not flawed execution; it is that the policy itself is fundamentally unsound, unworkable, and unfixable.

Google can be a social network operator, or they can be the name police. They can’t be both. They need to decide – soon. If I were Google, I’d scrap the policy – immediately – and let people decide for themselves what they will be called.

 [Read the whole piece.  BTW,  Mike Neuenschwander has hit the nail on the head yet again.]

24 year old student lights match: Europe versus Facebook

If you are interested in social networks, don’t miss the slick video about Max Schrems’ David and Goliath struggle with Facebook over the way they are treating his personal information.  Click on the red “CC” in the lower right-hand corner to see the English subtitles.

Max is a 24 year old law student from Vienna with a flair for the interview and plenty of smarts about both technology and legal issues.  In Europe there is a requirement that entities with data about individuals make it available to them if they request it.  That’s how Max ended up with a personalized CD from Facebook that he printed out on a stack of paper more than a thousand pages thick (see image below). Analysing it, he came to the conclusion that Facebook is engineered to break many of the requirements of European data protection.  He argues that the record Facebook provided him finds them to be in flagrante delicto.  

The logical next step was a series of 22 lucid and well-reasoned complaints that he submitted to the Irish Data Protection Commissioner (Facebook states that European users have a relationship with the Irish Facebook subsidiary).  This was followed by another perfectly executed move:  setting up a web site called Europe versus Facebook that does everything right in terms using web technology to mount a campaign against a commercial enterprise that depends on its public relations to succeed.

Europe versus Facebook, which seems eventually to have become an organization, then opened its own YouTube channel.  As part of the documentation, they publicised the procedure Max used to get his personal CD.  Somehow this recipe found its way to reddit  where it ended up on a couple of top ten lists.  So many people applied for their own CDs that Facebook had to send out an email indicating it was unable to comply with the requirement that it provide the information within a 40 day period.

If that seems to be enough, it’s not all.  As Max studied what had been revealed to him, he noticed that important information was missing and asked for the rest of it.  The response ratchets the battle up one more notch: 

Dear Mr. Schrems:

We refer to our previous correspondence and in particular your subject access request dated July 11, 2011 (the Request).

To date, we have disclosed all personal data to which you are entitled pursuant to Section 4 of the Irish Data Protection Acts 1988 and 2003 (the Acts).

Please note that certain categories of personal data are exempted from subject access requests.
Pursuant to Section 4(9) of the Acts, personal data which is impossible to furnish or which can only be furnished after disproportionate effort is exempt from the scope of a subject access request. We have not furnished personal data which cannot be extracted from our platform in the absence of is proportionate effort.

Section 4(12) of the Acts carves out an exception to subject access requests where the disclosures in response would adversely affect trade secrets or intellectual property. We have not provided any information to you which is a trade secret or intellectual property of Facebook Ireland Limited or its licensors.

Please be aware that we have complied with your subject access request, and that we are not required to comply with any future similar requests, unless, in our opinion, a reasonable period of time has elapsed.

Thanks for contacting Facebook,
Facebook User Operations Data Access Request Team

What a spotlight

This throws intense light on some amazingly important issues. 

For example, as I wrote here (and Max describes here), Facebook’s “Like” button collects information every time an Internet user views a page containing the button, and a Facebook cookie associates that page with all the other pages with “Like” buttons visited by the user in the last 3 months. 

If you use Facebook, records of all these visits are linked, through cookies, to your Facebook profile - even if you never click the “like” button.  These long lists of pages visited, tied in Facebook’s systems to your “Real Name identity”, were not included on Max’s CD. 

Is Facebook prepared to argue that it need not reveal this stored information about your personal data because doing so would adversely affect its “intellectual property”? 

It will be absolutely amazing to watch how this issue plays out, and see just what someone with Max’s media talent is able to do with the answers once they become public. 

The result may well impact the whole industry for a long time to come.

Meanwhile, students of these matters would do well to look at Max’s many complaints:

no

date

topic

status

files

01

18-AUG-2011

Pokes.
Pokes are kept even after the user “removes” them.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

02

18-AUG-2011

Shadow Profiles.
Facebook is collecting data about people without their knowledge. This information is used to substitute existing profiles and to create profiles of non-users.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

03

18-AUG-2011

Tagging.
Tags are used without the specific consent of the user. Users have to “untag” themselves (opt-out).
Info: Facebook announced changes.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

04

18-AUG-2011

Synchronizing.
Facebook is gathering personal data e.g. via its iPhone-App or the “friend finder”. This data is used by Facebook without the consent of the data subjects.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

05

18-AUG-2011

Deleted Postings.
Postings that have been deleted showed up in the set of data that was received from Facebook.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

06

18-AUG-2011

Postings on other Users’ Pages.
Users cannot see the settings under which content is distributed that they post on other’s pages.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

07

18-AUG-2011

Messages.
Messages (incl. Chat-Messages) are stored by Facebook even after the user “deleted” them. This means that all direct communication on Facebook can never be deleted.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

08

18-AUG-2011

Privacy Policy and Consent.
The privacy policy is vague, unclear and contradictory. If European and Irish standards are applied, the consent to the privacy policy is not valid.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

09

18-AUG-2011

Face Recognition.
The new face recognition feature is an inproportionate violation of the users right to privacy. Proper information and an unambiguous consent of the users is missing.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

10

18-AUG-2011

Access Request.
Access Requests have not been answered fully. Many categories of information are missing.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

11

18-AUG-2011

Deleted Tags.
Tags that were “removed” by the user, are only deactivated but saved by Facebook.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

12

18-AUG-2011

Data Security.
In its terms, Facebook says that it does not guarantee any level of data security.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

13

18-AUG-2011

Applications.
Applications of “friends” can access data of the user. There is no guarantee that these applications are following European privacy standards.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

14

18-AUG-2011

Deleted Friends.
All removed friends are stored by Facebook.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

15

18-AUG-2011

Excessive processing of Data.
Facebook is hosting enormous amounts of personal data and it is processing all data for its own purposes.
It seems Facebook is a prime example of illegal “excessive processing”.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

16

18-AUG-2011

Opt-Out.
Facebook is running an opt-out system instead of an opt-in system, which is required by European law.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

 

24-AUG-2011

Letter from the Irish DPC.

 

Letter (PDF)

 

15-SEPT-2011

Letter to the Irish DPC concerning the new privacy policy and new settings on Facebook.

 

Letter (PDF)

17

19-SEPT-2011

Like Button.
The Like Button is creating extended user data that can be used to track users all over the internet. There is no legitimate purpose for the creation of the data. Users have not consented to the use.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

18

19-SEPT-2011

Obligations as Processor.
Facebook has certain obligations as a provider of a “cloud service” (e.g. not using third party data for its own purposes or only processing data when instructed to do so by the user).

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

19

19-SEPT-2011

Picture Privacy Settings.
The privacy settings only regulate who can see the link to a picture. The picture itself is “public” on the internet. This makes it easy to circumvent the settings.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

20

19-SEPT-2011

Deleted Pictures.
Facebook is only deleting the link to pictures. The pictures are still public on the internet for a certain period of time (more than 32 hours).

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

21

19-SEPT-2011

Groups.
Users can be added to groups without their consent. Users may end up in groups that lead other to false impressions about a person.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

22

19-SEPT-2011

New Policies.
The policies are changed very frequently, users do not get properly informed, they are not asked to consent to new policies.

Filed with the Irish DPC

Complaint (PDF)
Attachments (ZIP)

 

Is Google+ is being lynched by out-spoken users upset by real names policy?

Following my post yesterday Google+ says your name is "Toby" not "Kunta Kinte", I chronicled tweets from this morning's back and forth with  Tim O'Reilly and Kevin MarksNishant  KaushikPhil Hunt,  Steve Bogart and Suw Charman-Anderson.

I wrote the original post after watching the Bradley Horwitz (@elatable) - Tim O'Reilly (@timoreilly) interview re: Google+. I found Tim's choice of words about the tone (strident) and judgement (self-righteous) towards those standing up for their freedom to choose their own names on the new social network being rolled out by Google internet's predominant search engine disappointing.  His response to my post was to call me self-righteous and reiterate that this was just a market issue.

I myself have been the victim of a Google+ suspension since July 31st and yesterday I applied for a mononym profile (which is what it was before they insisted I fill out my last name which I chose to do so with my online handle and real life identity "Identity Woman") 

In the thread this morning Tim said that the kind of pressure being aimed at Google is way worse then anything they are doing and that in fact Google was the subject of a "lynch mob" by these same people.  Sigh, I guess Tim hasn't read much history but I have included some quotes form and links to wikipedia for additional historial context.

Update: inspired in part by this post an amazing post "about tone" as a silencing/ignoring tactics when difficult, uncomfortable challenges are raised in situations of privilege was written by Shiela Marie.  

I think there is a need for greater understanding all around and that perhaps blogging and tweeting isn't really the best way to address it.  I know that in the identity community when we first formed once we started meeting one another in person and really having deep dialogues in analogue form that deeper understanding emerged.  IIW the place we have been gathering for 6 years and talking about the identity issues of the internet and other digital systems is coming up in mid-October and all are welcome.  The agenda is created live the day of the event and all topics are welcome.

Here's the thread... (oldest tweets first)

 Note all the images of tweets in this thread are linked to the actual tweet (unless they erased the tweet). 


Steve, thanks for highlighting the bizarre choice to use a "lynch mob" as the metaphor to describe what is happening to Google around this issue.

From Wikipedia: Lynching is an extrajudicial execution carried out by a mob, often by hanging, but also by burning at the stake or shooting, in order to punish an alleged transgressor, or to intimidate, control, or otherwise manipulate a population of people.... Lynchings have been more frequent in times of social and economic tension, and have often been means used by the politically dominant population to oppress social challengers. 

The article on Lynch Mobs is part of the Discrimination set of articles in Wikipedia. Within sociology, 'discrimination' is the prejudicial treatment of an individual based on their membership in a certain group or category. Discrimination is the actual behavior towards members of another group. It involves excluding or restricting members of one group from opportunities that are available to other groups. An individual need not be actually harmed in order to be discriminated against. He or she just needs to be treated worse than others for some arbitrary reason.

 

From the Wikipedia article on Oppression: Indirect oppression is oppression that is effected by psychological attack, situational constraints or other indirect means. It has been a popular tactic practiced in single power, power monopoly or other authoritarian or totalitarian regimes.

The point I was making with my previous post Google+ says your name is "Toby" not "Kunta Kinte" is that Google is being discriminatory and oppressive towards people who refuse to use their "wallet names" and who choose to go by pseudonyms.  Which party in this situation is really acting like a lynch mob?

As I said in my previous post the tone of those who are suffering at the hands of this policy implemented by THE dominant search utility on the web are loud, shrill, piercing, high-pitched and rough sounding and I imagine are heard by those within Google who are receiving them as grating and obnoxious. Rather then empathizing with human pain and suffering that is reflected in the tone, Tim and others are just dismissing them and their concerns.  Here is one of the clearest posts by someone very affected by what Google is doing: To those who say they "don't get it"...(Google, G+, etc) 

 

 

Really? Google+ is effectively lynching, that is killing the digital persona's of people who's names don't conform to its policies. So what is not extreme about that? is there a middle ground when you feel your digital life is threatened? Of course the reaction of people has some edge to it because people feel that the digital identifier that is the anchor for their "digital body" could be terminated and thus puts their digital lives are at risk.  They are being a bit shrill when the talk about the issues because they are deeply personal and have real impact on their lives because it impacts their ability, their freedom to communicate.

 

 

 

To close, Doc Searls has a great post up about what this might all really be about Circling Around your Wallet.

  Note all the images of tweets in this thread are linked to the actual tweet (unless they erased the tweet). 

Google+ says your name is "Toby" NOT "Kunta Kinte"

This post is about what is going on at a deeper level when Google+ says your name is "Toby" NOT "Kunta Kinte". The punchline video is at the bottom feel free to scroll there and watch if you don't want to read to much.

This whole line of thought to explain to those who don't get what is going on with Google+ names policy arose yesterday after I watched the Bradley Horwitz - Tim O'Reilly interview (they start talking about the real names issue at about minute 24).

More on my personal Google+ suspension that continues to Day 29.

Tim is struck by the Steve Jobs element of how Bradley and Google is talking about designing for the way the world will be not how it is....implying and even explicitly saying that in the future we will just all use our real names for everything so lets get started doing that now. :)   - you know happy future vision of benevolent design choice by humans of large corporate controlled digital systems.  Yes, many Googlers like Chris Messina who used to have a handle online "Factory Joe" made the conscious choice to bring it together with his "real name". For him the cost-benefit trade of for this and decided that for him it was no longer worth it. Totally fine choice for him. What is at issue is when his choice becomes all of our choice because he and others like him have the power to decide for all of us.

Young men like Chris have a lot of privilege in the world and they can do things/make choices that others have less freedom (privilege) to make without those choices affecting their lives in material ways (chances of employment, social acceptance between different contexts with different norms, having accepting family members who are not bigoted against their personal life choices).  I thought that one of the things Chris got form his years dating Tara Hunt was more of a clue about the issues that women and others who are not young white straight monogamous men living in western liberal democracy, liberal metropolises face. His posts on the topic include the following but some how...I guess he still doesn't get this issue in relation to Google (maybe he does but it seems like people who work at Google stop blogging upon their date of employ and Google employees who have spoken up on the issue have been gagged).

* Kirrily Robert: Standing out in the Crowd where he highlights these posts

  • Recruit diversity
  • Say it. Mean it.
  • Tools. (Tools are easy.)
  • Transparency.
  • Don’t stare.
  • Value all contributions.
  • Call people on their crap.
  • Pay attention.

* Future of the White Boys Clubs

* Future of White Boys’ Clubs Redux #fowaspeak

Fundamentally technology systems and techno-social systems are created by people making choices AND it is at this time in the history of the web we get to as a culture and society choose the range of options available for human expression of identity online.  IF THE PEOPLE WHO HAVE ALL THE POWER to make this choice in these digital systems have the demographic profile of Brad and Tim then we will get one outcome - it will favor them and their world view and exclude others who are different (ala the very long list of people negatively affected by real names policies). It is an abuse of power as danah boyd eloquently explains on her blog.

Tim goes on to say (at min 28) that his own reaction to "some of the strident calls for you guys [Google+] to change what you are doing" lead him to the conclusion "give me a break, lets try some different things lets figure out what we learn from them..the market will tell you what it really demands"

Lets look at this more deeply - Tim's specific labeling of the resistance to the policies as "strident" is coming from a position of power and privilege that is judging these people in a way that demeans, what they are saying.

From Wiktionary: Strident

  1. Loud; shrill, piercing, high-pitched; rough-sounding
    The trumpet sounded strident against the string orchestra.
  2. Grating or obnoxious
    The artist chose a strident mixture of colors.

Because the opposition is so sharp and clear - people are speaking up in shrill, piercing, "high-pitched" ways because they are being hurt so badly and deeply by requirement for real names and how suspensions are being handled.  The words of these people are being heard by Tim and others in power as grating and obnoxious because they aren't supposed to speak up...they should just accept what is happening to them right?

One response of Google+ leadership and technology leaders like Tim O'Reilly could have is to be to be empathetic, to look inward and connect to the human beings speaking and say something like:

Wow, we had no understanding of how "unfree" some people feel online and in our society broadly.

We had no idea about how many different kinds of people (who are not like us) are affected real names policies.

We didn't really realize existed, or had any needs different then ours and how can we struggle with them to make a more just society so they are not affected negatively if they were out/public about those things.

In the meantime lets really listen and get that they have real and valid needs for safety and the right to express themselves and lets and not ban them from our services for their choice not to use use their real name.

Instead Tim and others are dismissing the real hurt and anguish being felt by people saying they are being "strident" for speaking up for their right to pick their own name and to be for Google's continued insistence they have the right to decide what an acceptable name is for people.

This is about power and those who speak up to it being judged and labeled negatively for doing so. I asked in twitter yesterday if women suffragettes were strident, and were the stonewall rioters and the subsequent movement for gay rights strident? Yes they were! They were standing up for what was right and against and unjust social system that was harmful to people.  I am concerned about the rights and freedoms of nyms both because people have personal life issues they want to be free to create accounts to express/deal with AND because they have political beliefs they want to share.

Imagine if the people who were standing up and organizing for gay rights in the 60's and 70's had digital tools to do so and imagine all the major places were public discourse about this happened were in online social spaces where "real names" were required and imagine that all of their families and employers would therefore know about their status as a GAY  (LTBTQ) PERSON. Do you think we would have had the gay rights movement? Do you think it would have been possible? Do you think that enough people would have stood up knowing they would be laid off, fired, black balled, told their kids couldn't play with neighbor kids.

Many groups who are systemically and socially oppressed (yes in our modern liberal democracy there is lots of oppression going on) fear to speak up TODAY about the issues going on in the system that affect them.  Many people have ideas that would transform the social order but challenge power will fear speaking up about these new ideas if all speech in online public fora must be linked to real names seen by their real employers who could really fire/let them go.

Unless we embed the freedom to have pseudonymous speech in major online social spaces where serious public/political dialogue occurs then we risk not having a free society any more.  Free meaning the freedom to challenge injustice the freedom to seek greater accountability by those in power (government and corporate), to open up the systems that run our society.

Over the course of yesterday I continued to think more about the deeper nature of the issues going on and the fundamental nature of the power we have to name ourselves and what it means to have this freedom.  I remembered the series Roots  and suggested that young Googlers rent it from/watch it on netflix and then have dialogues about privileged and oppression.

For those of you who didn't watch it in the 70's (I was born in the 70's do didn't watch it then either),  it is the story of a Alex Haley's black family descended from a man who was stolen from his village in Africa and brought to America as a slave. He is very clear on his identity, who he is, he is a Mandinka warrior and his name is Kunta Kinte,.  One of the first things his white slave owner Master Reynolds does is rename him Toby.  He refuses to accept this new name, this identity that they have said he must take on...he does accept the name but only after great human suffering inflicted by his master to get him to comply with his wishes.

This is the sort version:

"Bonus suppression" Google runs YouTube and they took the clip of the movie scene down for "inappropriate nudity or sexual" - it has neither, it just made a dramatic point and made them look bad. In the clip Kunta Kinte is facing the camera with part of his chest showing being whipped from behind by a white man who is working for the slaveowner until he breaks. After repeating his name is Kunta Kinte when asked what his name is, he finally says... it is Toby. 

For slightly more context for the scene this is 8 min.

I highly recommend watching the WHOLE movie if you haven't seen it.

Just to be really clear for those of you who might not be tracking the point I am making. I and the other people in Google+ who choose to have handles/nyms that are persistent and that we are known by but are being rejected by Google+ are Kunta Kinte and the Google+ name police is the slave owner whipping him until he submits to calling himself Toby.

Metaphorically this IS what is going on.  "Yes" I and other people who use handles and use nyms have a choice "not to use the service" - we are technically "not slaves" like Toby is. However we have already been using Google e-mail and other services for years with the names we chose - in changing the rules on the Google plantation they have undermined the social contract that it had with existing users. Google is a major forum for expression of ideas and is THE dominant search engine (one could argue monopolistic search engine). It will be using people's +1's to determine search results and these will shape public discourse.

Many different people are now fearful of speaking up in Google+ about these issues (even if the are not affected) because they fear the will be affected (having their access to their accounts turned off). Just look at what has happened Google+ turned off Violet Blue's profile knowing full well it was her real name and people rightly so imagine this is because she was speaking out for those who were suspended and could not speak.

Back to what Tim said above - he says that "the market will decide" these things. The core issues here are freedom of speech and power within the social sphere not about "the market". It is about what is right and just in a society. The market decided that it was ok to do slavery for hundreds of years, the market decided that it was ok to discriminate systematically against black people with Jim Crow laws and the market decided it was ok to discriminate against women in professional fields like law and medicine until things changed in the 60's.

Continuing the quotes from Tim "lets the arguments be from efficacy not from self righteousness"

Let me ask you this Tim: Was Kunta Kinte being self righteous to insist on his own choice of his own name?

Update:

Tim thinks that I am being self-righteous for even asking this question. He agrees with me that Kunta Kinte is not self righteous to stand up for his name but adds that that I am self-righteous to ask this question which in this post was explicitly drawing the analogy between Kunta Kinte's struggle for his right to assert his own identity and mine along with others with handles and Nyms in relationship to Google+. The fact that he is judging us as being "self-righteous" kinda proves my point that we are challenging the the power and authority of the system and being judged negatively by the powers that be for for doing so.

Tim thinks that this issue is just a matter for the market to decide. Sadly he doesn't see it as the silencing of voices and the inability for those who are not as privileged as he is to speak with their own voice on the Google platform the dominant search utility for the web.

In the morning there was a whole much longer set of twitter responses kicked of by Kevin Marks and going back and forth with Tim O'Reilly and others.

Update: inspired in part by this post an amazing post "about tone" as a silencing/ignoring tactics when difficult, uncomfortable challenges are raised in situations of privilege was written by Shiela Marie.  

Lets try going with the Mononym for Google+

Seeing that Google+ is approving mononyms for some (Original Sai, on the construction of names Additional Post) but not for others (Original Stilgherrian Post Update post ).

I decided to go in and change my profile basically back to what it was before all this started.  I put a  ( . ) dot in the last name field.  In my original version of my google proflile my last name was a * and when they said that was not acceptable I put my last name as my online handle "Identity Woman".

So just now as I did put a ( . ) for a last name I was told that a ( . ) didn't meet the real names policy and I could appeal so I did. There is no text field where you can explain yourself -  you can only submit your "Identification Documents" and "Links" to prove your identity.  This lack of ability to actually communicate/talk in a human way with the people who are making these decisions is really alienating. I did put a link to this blog post so we shall see.

I really don't want to use or need a last name. I have yet to meet any one with my name IRL (In Real Life) and it is very uncommon. If you search for Kaliya in Google. I am all over the front page as Identity Woman along with the mythical Hindu sea serpent that I share a name with.

I refuse to headline my "real" last name it is not "mine" and identify with it as an "other" name.  I am fine with it being on my drivers license and passport but it is not what I want at the top of MY PROFILE in Google at the heart of the social web as it relates to "me" the "real me" not the one on my legal paperwork.

At the heart of User-Centric identity is the freedom to choose one's name and this choice of mine is mine to make not Google's. We shall see how this goes over.

Here is my next posts about:

1) the broader political meanings of all of this: Google+ says your name is "Toby" NOT "Kunta Kinte"

 

Here are the previous posts about interacting with the Google+ name police:

* Google+ and my "real" name: Yes, I'm Identity Woman August 1

* Nymwars: IRL on Google's Lawns. August 5th

* Google+ Suspension saga continues. August 9, 2011.

 

Linked In strikes out

According to this piece in Digital Trend, LinkedIn has “opted” 100 million of us into sharing private information within advertisements. This includes posting our names and photos as advertisers’ helpers.

“When a LinkedIn user views a third-party advertisement on the social network, they will see user profile pictures and names of connections if that connection has recommended or followed a brand. Any time that a user follows a brand, they unwittingly become a cheerleader for the company or organization if it advertises through LinkedIn.”

And in case that doesn’t surprise you, how about this:

“In order to opt out of social advertising, the LinkedIn user has to take four steps to escape third-party advertisements:

“Hover over the user name in the top right hand corner of any LinkedIn page and click ‘Settings’. On the Settings page, click ‘Account’. On the Account tab, click ‘Manage Social Advertising’. Uncheck the box next to “LinkedIn may use my name, photo in social advertising.” and click the save button.”

What a mistake.

I know there are many who think that if Facebook can take the huddled masses to the cleaners, why shouldn’t everyone?

It seems obvious that the overwhelming majority of people who participate in Facebook are still a few years away from understanding and reacting to what they have got themselves into.

But Linked In’s membership is a lot more savvy about the implications of being on the site - and why they are sharing information there. Much of their participation has to do with future opportunities, and everyone is sensitive about the need to control and predict how they will be evaluated later in their career. Until yesterday I for one had been convinced that Linked In was smart enough to understand this.

But apparently not.  And I think it will turn out that many of the professionals who until now have been happy to participate will choke on the potential abuse of their professional information and reputation - and Linked In’s disregard for their trust.

My conclusion?  Linked in has just thrown down the gauntlet and challenged us, as a community of professionals, to come up with safe and democratic ways to network.

This much is obvious: we need a network that respects the rights of the people in it. Linked In just lost my vote.

Who is harmed by a “Real Names” policy?

Skud at Geek Feminism Blog has created a wiki documenting work she and her colleagues are doing to “draft a comprehensive list” of those who would be harmed by a policy banning pseudonymity and requiring “real names”.

The result is impressive.  The rigour Skud and colleagues have applied to their quest has produced an information payload that is both illuminating and touching.

Those of us working on identity technology have to internalize the lessons here.  Over-identification is ALWAYS wrong.  But beyond that, there are people who are especially vulnerable to it.  They have to be treated as first class citizens with clear rights and we need to figure out how to protect them.  This goes beyond what we conventionally think of as privacy concerns (although perhaps it sheds light on the true nature of what privacy is - I’m still learning).

Often people argue in favor of “Real Names” in order to achieve accountability.  The fact is that technology offers us other ways to achieve accountability.  By leveraging the properties of minimal disclosure technology, we can allow people to remain anonymous and yet bar them from given environments if their behavior gets sufficiently anti-social.

But enough editorializing.  Here’s Skud’s intro.  Just remember that in this case the real enlightenment is in the details, not the summary.

This page lists groups of people who are disadvantaged by any policy which bans Pseudonymity and requires so-called “Real names” (more properly, legal names).

This is an attempt to create a comprehensive list of groups of people who are affected by such policies.

The cost to these people can be vast, including:

  • harassment, both online and offline
  • discrimination in employment, provision of services, etc.
  • actual physical danger of bullying, hate crime, etc.
  • arrest, imprisonment, or execution in some jurisdictions
  • economic harm such as job loss, loss of professional reputation, etc.
  • social costs of not being able to interact with friends and colleagues
  • possible (temporary) loss of access to their data if their account is suspended or terminated

The groups of people who use pseudonyms, or want to use pseudonyms, are not a small minority (some of the classes of people who can benefit from pseudonyms constitute up to 50% of the total population, and many of the others are classes of people that almost everyone knows). However, their needs are often ignored by the relatively privileged designers and policy-makers who want people to use their real/legal names.

Wait a minute.  Just got a note from the I Can’t Stop Editorializing Department: the very wiki page that brings us Skud’s analysis contains a Facebook “Like” button.  It might be worth removing it given that Facebook requires “Real Names”, and then transmits the URL of any page with a “Like” button to Facebook so it can be associated with the user’s “Real Name” - whether or not they click on the button or are logged into Facebook.

Google opposing the “Right to be forgotten”

In Europe there has been a lot of discussion about “the Right to be Forgotten” (see, for example, Le droit à l’oubli sur Internet).  The notion is that after some time, information should simply fade away (counteracting digital eternity).    

In America, the authors of the Social Network Users’ Bill of Rights have called their variant of this the “Right to Withdraw”.  

Whatever words we use, the right, if recognized, would be a far-reaching game-changer - and as I wrote here, represent a “cure as important as the introduction of antibiotics was in the world of medicine”.

Against this backdrop, the following report by CIARAN GILES of the Associated Press gives us much to think about. It appears Google is fighting head-on against the “the Right to be Forgotten”.  It seems to be willing to take on any individual or government who dares to challenge the immutable right of its database and algorithms to define you through something that has been written - forever, and whether it’s true or not.

MADRID – Their ranks include a plastic surgeon, a prison guard and a high school principal. All are Spanish, but have little else in common except this: They want old Internet references about them that pop up in Google searches wiped away.

In a case that Google Inc. and privacy experts call a first of its kind, Spain’s Data Protection Agency has ordered the search engine giant to remove links to material on about 90 people. The information was published years or even decades ago but is available to anyone via simple searches.

Scores of Spaniards lay claim to a “Right to be Forgotten” because public information once hard to get is now so easy to find on the Internet. Google has decided to challenge the orders and has appealed five cases so far this year to the National Court.

Some of the information is embarrassing, some seems downright banal. A few cases involve lawsuits that found life online through news reports, but whose dismissals were ignored by media and never appeared on the Internet. Others concern administrative decisions published in official regional gazettes.

In all cases, the plaintiffs petitioned the agency individually to get information about them taken down.

And while Spain is backing the individuals suing to get links taken down, experts say a victory for the plaintiffs could create a troubling precedent by restricting access to public information.

The issue isn’t a new one for Google, whose search engine has become a widely used tool for learning about the backgrounds about potential mates, neighbors and co-workers. What it shows can affect romantic relationships, friendships and careers.

For that reason, Google regularly receives pleas asking that it remove links to embarrassing information from its search index or least ensure the material is buried in the back pages of its results. The company, based in Mountain View, Calif., almost always refuses in order to preserve the integrity of its index.

A final decision on Spain’s case could take months or even years because appeals can be made to higher courts. Still, the ongoing fight in Spain is likely to gain more prominence because the European Commission this year is expected to craft controversial legislation to give people more power to delete personal information they previously posted online.

“This is just the beginning, this right to be forgotten, but it’s going to be much more important in the future,” said Artemi Rallo, director of the Spanish Data Protection Agency. “Google is just 15 years old, the Internet is barely a generation old and they are beginning to detect problems that affect privacy. More and more people are going to see things on the Internet that they don’t want to be there.”

Many details about the Spaniards taking on Google via the government are shrouded in secrecy to protect the privacy of the plaintiffs. But the case of plastic surgeon Hugo Guidotti vividly illustrates the debate.

In Google searches, the first link that pops up is his clinic, complete with pictures of a bare-breasted women and a muscular man as evidence of what plastic surgery can do for clients. But the second link takes readers to a 1991 story in Spain’s leading El Pais newspaper about a woman who sued him for the equivalent of euro5 million for a breast job that she said went bad.

By the way, if it really is true that the nothing should ever interfere with the automated pronouncements of the search engine - even truth - does that mean robots have the right to pronounce any libel they want, even though we don’t?