IBM works to manage privacy, identity in Web 2.0 world

IBM has launched a project to create tools to help people manage their privacy and identity on the Web, including social networks, virtual worlds and web 2.0.


Responding to the rise in adoption of social networks, virtual worlds and other Web 2.0 technologies, IBM has launched a project to create tools to help people manage their privacy and identity on the Web, taking a stab at what could become one of the most pressing issues in online collaboration and data sharing.

The project, called "PrimeLife," will involve 14 other partners. It will be funded with 10 million Euros from the European Union, and spearheaded by Big Blue's Research Lab in Zurich.

Though the exact functions of the service are somewhat unclear, Jan Camenisch, PrimeLife technical leader at IBM's Zurich Research Lab, did release a statement regarding its objective.

"We aim to develop a toolbox, which you could describe as an integrated electronic 'data manager,'" says Camenisch. "The data manager provides users with an overview of which personal data he or she uses when, where, and how. It lets users define default privacy settings and preferences for all kinds of applications, and it prompts the user if applications request data for any other purposes."

The issue of identity has taken on a particularly prominent role as social networks have become ripe with abuse. Users have often started fake profiles of prominent world leaders and celebrities, and perhaps more seriously, of ordinary people.

The amount of information social networks can broadcast, sometimes unknown to the user, can be astonishing. In Facebook's Beacon controversy, some advertisers were able to track the purchases of Facebook users on their site (generally when the individual was logged in to their profile simultaneously). If, for instance, a man was buying his fiancée a wedding ring on one of the Beacon advertisers' sites, the purchase might be broadcast to his bride-to-be's newsfeed before he had a chance to pop the question (this actually happened, as shown in the comment thread of Forrester Analyst Charlene Li's blog here).

Facebook's CEO, Mark Zuckerberg, later apologised for the service overstepping its users' privacy. He offered users an opt-out function on their profiles from such advertising methods, and months later took steps to allow people to control their privacy with greater specificity than before.

But that's just Facebook. The number of social networks and other web-based communities to track is nearly impossible for a person to do on his own.

The idea of creating a tool to manage your identity across the web is nothing new. claimID, for instance, provides users with a free service to keep a link résumé-a list of approved sites that the user verifies they actually engage in or manage.

Larry Ponemon, founder of the Ponemon Institute, a privacy and business ethics think tank, says that while it's encouraging to see the technology industry take an active interest in the issue, the allocated amount of money might not be enough to really address the problem fully. "A small consortium of organisations with a budget of 10 million Euros appears to me as too little too late," he says.

But Ponemon emphasises that he likes how the service will track users over their entire lifetime, not just for a brief snapshot in time. "It pursues a life-cycle approach for managing privacy by individuals," he says. "In my opinion, promoting individual responsibility and accountability with enabling technologies is real genius."

"Recommended For You"

Facebook and MySpace giving user private data to ad firms NHS Choices criticised for leaking information to Facebook