Call today! 1 866 3 NYMITY
Username: Password:
Nymity News
Nymity logo
Home About Us

IAPP's Interview with Avner Levin

April 2008

 

Interviewee: Avner, Levin, Chair of Ryerson Unviersity's Law & Business Department

 


Subject:  Social Networking and Privacy in Canada

 

 

IAPP:  Social networking has been a hot topic in the media over the past couple of years. Where do you see the debate headed in Canada?

 

Avner Levin: It’s actually interesting but it’s not shaping up as a traditional privacy debate in Canada. People are coming to it from all sorts of directions. The traditional way of thinking is: is personal information being collected, and are people consenting to it? And organizations think they’re okay as long as they’re complying with Canadian privacy legislation. But we are seeing that social networking user concerns are different from the more traditional privacy concerns. People will put personal information on their page or wall and they will make it available to many other people. Still, if it’s exposed to someone they didn’t intend to have see it, such as parents or bosses, they are very concerned about why that person was able to see their information. They don’t think that, just because they made it available to a bunch of other people, that it should necessarily be available to anyone else.

It’s the new digital divide between the younger generation and the older generation, and by older generation I mean 35 and older.

 

IAPP: Ouch! Since when is 35 the “older” generation?!?

 

Avner Levin: Unfortunately you are clearly ‘over the hill’ by then, as far as the generation of young adults that we surveyed is concerned. You just don’t get it…

 

IAPP: Seriously, is it realistic for these younger generation users to expect that their information won’t be exposed or otherwise passed along to people outside their online network?

 

Avner Levin: Good question. Many people who look at it from the traditional point of view feel it’s totally unrealistic, that people must educate themselves. Many think these users will probably change their behavior once they realize what they’re getting into. But the fact is, these individuals are not ignorant or apathetic—they are technologically savvy. They know how to control access to their information. They know there’s a privacy policy. I couldn’t say many of them actually read the policy, but they know it exists. They are controlling their use in a certain way. What they are saying is, I’ve got a network of people that I’m comfortable sharing with. They think other people should adapt to this way of thinking about it. It’s important to recognize this mindset if you’re a company hiring someone from this generation. We call it network privacy. There’s a measure of privacy that’s within a network, and an expectation that the privacy remains intact within the social circle.

 

IAPP: It seems funny that they share so much online when the risks of someone spreading their personal musings is as great as it is in the offline world. Is there some type of unwritten “code” or “brotherhood” for social networking that makes it seemingly less dangerous to divulge?

 

Avner Levin: I’m not sure we’re seeing this in terms of a social networking “etiquette” or brotherhood. From the people we talk to, we haven’t seen this as an independent online culture. They draw analogies to the offline world. They think, just because I’m sharing information with these people, doesn’t mean I want these other people to know about it. It’s exactly analogous to what happens in offline world.

 

IAPP: What is the future of internal organizational social networks? Do you think we’ll begin seeing more of them so employers can better accommodate this newer mindset?

 

Avner Levin: Yes.  Many organizations are already doing it. They have their own products for that or are piloting products. This process is in its initial stages. What organizations are recognizing is that people are using social networks with almost the same penetration level of technology as television, which has a 97 percent penetration rate, and telephone. Many access social networks many times a day, same as we would with email. For organizations that want to have effective communications from within, they have to develop for these people a different platform. So they are experimenting with it. And it’s good for them, in terms of other stakeholders. They have a product they control that clients can access and have all of this as a communications platform. It’s the next generation of corporate Web sites.

 

IAPP: At the upcoming Canadian Privacy Summit, you will unveil the results of your Privacy & Cyber Crime Institute research on the risks of social networking related to privacy, reputation, and personal information in the public and private sectors. Can you give us a preview of the findings?

 

Avner Levin: First, I’d like to thank the Office of the Privacy Commissioner of Canada, which funded our research through its Contributions Program. Generally, we see risks surrounding the recruitment and selection of employees. Specifically, we are concerned about organizations using information they come across on social networking sites. It’s the next stage of Googleing, basically. But it is not a formalized process. Organizations usually have formal processes for hiring employees, for example, some positions require criminal background checks, or other methods of verification. [Social networking research] is very loose in comparison, and not necessarily sanctioned by the organization, but there’s temptation there. This should go one of two ways. It should become part of a formalized process, or or it should be prohibited if the decision is made that such information is not actually necessary.

The other risk I’d like to mention here is the risk to the organization’s reputation. This is a significant concern. There is more potentially negative exposure on online social networks where users frequently discuss organizations than there is on traditional websites. We see that organizations react to this risk within a spectrum that ranges from actively trolling web sites to a ‘we’re not going to do anything about it’ approach. Then there is the behavior of employees and customers that use proprietary information from organizations on networks without necessarily being affiliated or sanctioned. Many organizations actually believe that their existing policy instruments, such as their codes of conduct, enable them to deal effectively with such risks, while we see that organizations that have had such risks materialize hasten to modify and add to their policies and guidelines. We’re telling everyone to create more definitive guidelines.

Then of course there’s the productivity issue, where organizations are concerned about wasted time. 

 

IAPP: We should stop wasting your time now. ;>)

 

Avner Levin: This has actually been the most productive part of my day so far. See you in Toronto next month.

 

 
  

 

 

 

 

 

 

 

 


Contact Us | Privacy Policy | Terms of Use and Disclaimer © 2003 - 2008 NYMITY