Chris Hoofnagle on Privacy and Search Engines

If any of the readers who have complained about Spock are in the Bay Area, you may want to check out Chris Hoofnagle’s talk tomorrow (Monday October 15, 10am-noon, 155 Kroeber Hall) on the subject of privacy and search engines in Marti Hearst’s search class at the Berkeley I-School. Marti sent out the following description:

Many people complain that personal information about themselves
appears in Google search results. However, Google is not the
internet. It and other search engines simply scan the internet for
documents that are responsive to individuals’ search. These
intermediaries are digging deeper into the web, finding more of these
documents, and in so doing, making it easier to access and aggregate
personal information. This discussion will focus on defining
information privacy and describing the traditional legal framework for
addressing privacy problems. We will also discuss value-conscience
design, the idea that information services can be tailored to promote
privacy; the competing incentives of search providers, which drive
companies to log and store information; and the vulnerabilities that
search creates for individuals.

Brief Bio:

Chris Jay Hoofnagle is senior staff attorney to the Samuelson Law,
Technology & Public Policy Clinic and senior fellow with the Berkeley
Center for Law & Technology. His focus is consumer privacy law.

From 2000 to 2006, he was senior counsel to the Electronic Privacy
Information Center (EPIC) and director of the organization’s West
Coast office. At EPIC, he concentrated on financial services privacy,
telemarketing regulation and consumer profiling. He was also a
non-residential fellow with Stanford University’s Center for Internet
and Society for the 2005 academic year.

Hoofnagle is a nationally recognized expert in information privacy
law. He has testified before the U.S. Congress and the California
Senate and Assembly numerous times on social security number privacy
and credit transactions. The text of his written testimony is online

I don’t know what Chris might have to say about Spock, but it seems to me that it, like Google, is just the tip of the iceberg. As we see more and more focus on online social networking and people search, you’re not going to be able to rely on security by obscurity any more. If something is on the net, it will be found. This creates new responsibilities for companies to provide recourse for individuals who feel that their privacy has been compromised or that inaccurate information is being returned, but it also creates new responsibilities for individuals, to be aware of what’s known about them online, and whether or not it’s correct. (It’s a lot like staying aware of your credit score, and I’m hopeful that search engines can do a better job than credit scoring agencies do of making sure that the user has access to this information without having to pay for it, and the ability to correct it.)

Services for managing this kind of information will definitely need to be part of the coming social network operating system (or more precisely, of the identity subsystem of the coming internet operating system.)