Afternoon Session 2 – Room 2

Liveblogged David Fono | 19 June 2010 | 0 Comments

(come back later for edited version!)

Ryan Kellen – Software art, copyright and intellectual property, advertising

- It’s great that we’re talking about privacy, but he thinks that the way the market is working right now is working just fine

- As an advertiser on Facebook (the customers of Facebook), privacy is protected

- Privacy issues we’re worried about are more issues of advertising, majority of our culture is being funded by advertising…we’re mad that our information is being used by marketers

- Paid services right now fail, so you need the advertisers.

- How do we create markets for ourselves so that companies don’t need to go to advertisers to get paid

- What about involving the ISPs? Using people’s spaces that they pay for and get coders to use that?

- Push everyone to block every ad!

- Massive costs with running Google, Facebook, etc. and if you’re successful then they can just remove service…that’s a bigger weapon

- Use a more peer-to-peer model and rather than upload to one place and access there

- Problem here is that we need more IP addresses

- When you buy blank CDs, there is a tariff that goes to Canadian Recording Artists. Why not a tariff on internet connections? Make Canadians the customer.

- Is getting rid of advertising the end goal? Do all people hate it? Love it?

- Do robots reading your email bother you?

- If you want to solve privacy, we need to be the customer and there needs to be no market for advertisers

- Is the worry that advertisers are going to find out our personal information…or our bosses?

- Data tracking in companies: someone keeps on getting personalized ads that have trigger words in them, (i.e. Pride Week) and they put together that the employee may be gay without the employee disclosing it

- Various ways to target advertising: behavioural, search based, profile

- What about demographic syndicalism? Our information has value to advertisers, the more info we give the more they will pay. Sell aggregate data, requires that we trust the company that’s compiling the data.

- What about pooling and aggregating our data on our own, syndicate it…and then sell it!

- Have a third party have your data and they protect it and act as a third party on the site and they protect your data with Facebook

- Make it easy to sell and pay for content, get rid of advertising

- Payment should be voluntary

Yukari Seko – Photography of self-harm on social media platforms (Flickr)

Photography display of self-harming challenges of social norms, what is public and what is private?

- Hard to define what “privacy” is, more a discussion of risk

- Touches on voyeurism, exhibitionism

- There is the extremely private person and there is the person who over shares, we all choose the level of what we share

- One of the problems is triggering and copycatting

- What if people are saying photographs of self-harm as art?

- The internet used to be very anonymous (you had a nickname)

- Where is a social media site that we aren’t judged for not using our real name

- What is your responsibility for seeing something online and public that should perhaps have professional intervention?

- Regulated internet for kids, for 18+, etc.

- How do we even set that bar?

- The boy in Florida who committed suicide while streaming on webcam. There were people who encouraging/challenging.

- Is there responsibility? How do we identify who is responsible? Shouldn’t we protect their information just like we want ours protected?

- Who decides what is right and wrong?

- Seeing a cigarette ad versus seeing someone smoking, seeing a photo of someone self-harming versus seeing someone self-harming.

- – Public confessional. Role filled by priests where it is individual to individual, postsecret is individual to Internet

- Is calling something art an excuse? Should that protect content?

- Who has control over our bodies and how we express ourselves?

- There are a lot of steps between self-harm to photographing to uploading to viewing on Flickr.

- If we hide things we think aren’t “good” then should we hide things like source code? (Once again how do we define “good”)

- By allowing this are we glorifying it?

- Stop thinking about social media as default, being human is the default. Social networks are extensions of personal relationships

- Some degree of warning for glorified  acts of violence

- Who defines norms? What about someone who is just slightly off the norm?

- Artists push the boundaries of social norms

- Fiction vs. Documentary

- Artists take in their experience of reality and share it

Afternoon Sessions 2, Room 1

Liveblogged luke | 19 June 2010 | 2 Comments

Online privacy and Gender Kate Raynes-Goldie (kate at k4t3 dot org @oceanpark) and Leigh Honeywell

  • Geeks design software for other geeks, but as social media becomes ubiquitous, geeks are designing software for everyone. The designers do not represent the same diversity as the users.
  • Online vs. Real-life distinction is no longer true. As a result, many of the same power structures showing up.
  • Assumed/neutral avatar is a straight right male. They are the designers, and it’s the cultural default.
  • Hard to think outside own experiences, so life experiences often lead us to miss side-effects of the systems we design.
  • Privacy is often a personal safety issue.

Google Buzz Launch Incident

On launch, Google assumed that the people you had a lot of gmail contact with were people with whom you would want to share your “Buzz” information. Blogger’s real email (she had been using an alias and forwarding) was shared with abusive ex husband, and UI quirk seemed to give husband access to many very personal comments, including current location (ended up not being the case).

(There are many reasons that someone with whom you have a lot of contact would not be considered a ‘friend’.)

Advertiser/user conflict (advertiser is the real client) mean corporations will likely never be perfect stewards of our data, but it doesn’t mean we shouldn’t make them try harder.


Fork of LJ codebase. Why it’s different: have made a series of explicit statements about what they will and will not do.

Significant access control. Paid by users, not advertisers. The user becomes the customer. Major shift in power relationship. Can install/run own ‘node’ and connect with other nodes. 75% of coders are women, non-trivial % have never participated in an open source development project. Has a significant impact on design of system/respect for privacy.


Definition: using one name/identity consistently online. Kate = Oceanpark. Controlling how you present yourself in various contexts is key.

Kate’s Foursquare experience: created a new pseudonym for Foursquare, but when linked to Twitter, her username was changed to her Twitter pseudonym, making her much less anonymous, which is a major safety issue with location-based services. ‘Outing’, association of pseudonym with real name, has long been an issue in many online communities, including fandom. Move toward real names happens over and over–believe it will improve level of civility. But two issues:

1) Doesn’t actually work

2) Many reasons one might want to use pseudonyms. Including use of female names makes you 25x more likely to receive harassing messages.

Parallel drawn to wearing of niquab in courtroom.

Children and Online Privacy:  How to support children’s autonomy while maintaining their rights to privacy – Ourania Xanthopoulos (oxanthop at ryerson dot ca)

How can parents/teachers/community/caregivers isolate childrens’ online autonomy and create a hegemonic environment, or create the opportunity to adventure and explore within a safe context.

Major concern is online predators. Most children lack the private/sharing filter. Provided anecdote of young girl in scarborough who was lured by online predator.

Autonomy = independence but free from reward or consequences–decision-making based on fact.

Provided anecdote of children who googled “Grand Bend”, got a number of pornographic results, and were punished by parents without chance to explain.

Ourania having trouble as an Early Childhood Educator getting computers into the classroom, because of safety concerns. But research shows that when computer is placed in a central area with supervision (but ambient, not ‘over the shoulder’/heavy), safe, autonomous learning can occur.


–parents don’t always help the situation. Setting up facebook accoutns for children who are too young, volunteering information about their children online.

–why don’t we integrate tech literacy early in the curriculum, like we do with reading. Banning it from schools/schoolrooms doesn’t do them any service.

–reward for buying things: many ‘safe’ online sites/games for give have heavy incentives for consumerism. Media literacy lacking as well.

–have to be knowledgeable, know that things happen innocently–inappropriate search results, etc. learn to deal with them.

Notice: Is it dead?

Liveblogged Julianna | 19 June 2010 | 1 Comment

Presented by Constantine Karbaliotis

Getting beyond privacy notices and consent.

  • problems with privacy notices
  • require legal approval
  • Europe is tighter on notice
  • no one reads privacy notices
  • companies may have multiple privacy notices, multiple jurisdictions and languages to consider
  • is notice dead? no one reads them
  • notices are there for when something goes wrong and lawyers and judges read them
  • more important to act reasonably
  • people don’t read notices; they just get upset when you do something with their data which they feel is unreasonable
  • increasingly moving to a concept of a social contract
  • notice is a dated concept because it is pre-internet
  • US economy very litigious
  • everyone agrees that no one really reads privacy notices
  • notice versus legal governing document
  • US requires companies to provide notice, but companies indicate in notice that they’ll do anything they want with the data
  • Canadian notices mostly just reiterate PIPEDA
  • if privacy is a right, you can’t write a contract that alienates you from that right
  • common language required for notice which is accessible
  • how to instill trust in the company? Trustee seal?
  • collection notices versus information usage notices
  • people should know what information is being collected, how it’s used, and how you can stop the information from being collected
  • “notice at the point of collection”

Debating the Non-Private Person

Liveblogged Julianna | 19 June 2010 | 1 Comment

  • blog post
  • non-private person = people who have nothing to hide and are very public
  • privacy is not binary – you don’t just have or not have privacy
  • how to control the information which is online?
  • is privacy a commodity or is it a right?
  • what about paying for privacy? (should it be commodity?)
  • will it cost us more & more to retain our privacy?
  • is there a profit to be made in being a non-private person? how can we control this exchange?
  • who is unable to afford to be a public person?
  • most people aren’t either totally private or public; they just start using networks and don’t think about privacy until something happens to them
  • people may only think about privacy concerns when they hear about stories of breach of privacy
  • stigma to privacy – “you’re just being paranoid”
  • public journaling as a new concept
  • people can have an audience and can feel like a star by being public
  • semi-private citizens like teachers who need to have a clear public and private persona

Afternoon Session 1 – Room 3

Liveblogged David Fono | 19 June 2010 | 1 Comment

(check back later for edited and non-note-like-version)

Morgen Peers – Personas

- J. Parkinson presented at Gov 2.0 Expo about patient-centred healthcare. Healing the American healthcare system is creating profiles for everyone, where doctors can have access and patients have read/write access.

- My Gov in the UK – Who do I need here? who is best for me in these circumstances? Who is available? What can I expect? How can I share?

- How does my sharing connect silos?

- Can you have different personas? Do you have more than one profile? persona?

- Facebook is problematic because it trys to mash all of your identity into one place. No such thing as a persona, there is one identity and that identity is facebook.

- Many places offers different personas, people don’t just want to manage all of that extra.

- Profiles vs. personas.

- Zuckerburg believes that if you have more than one identity you are a liar.

- pseudonyms are an anchor.

- don’t want employers to know everything about you, governments too

- citizens expect that if they change their address that all government has the change, they don’t expect other data will be connected to that

- When you have the information people expect you to act on it, the other party must fulfil the deal that was made.

- Keeping information to themselves, we have contexts in which we share information.

- Serve me in a non-creepy way.

- Most of the time issues of privacy are mistakes made out of stupidity.

- Google buzz compiled the profile (with contacts) and put it in danger.

- Managing profiles is awkward, life is awkward.

- Managing interpersonal boundaries online.

- What is a good practice of information management? We need good literacy. Whose role is it to ensure that we are literate about our media sphere?

- Notion of defaults, what the default is becomes a very powerful decision.

- Human centred design.

- Wii teaches kids to vote.

- Why do we use social networks? telephones? canadians are far apart.

- What does a demography want versus what does an individual want? We’re still seeing state vs. individual, corporation vs. individual, government vs. corporation

Maybe law will come in and help people try and manage their data better.

James Walker from statusnet

- Facebook is taking things to the extreme and is the biggest company in the market

- Most people did not quit facebook on quit facebook day

- Facebook alternatives, growing movement to come up with them

- Work at StatusNet, how do you take centralized social network where you have all of your social capital and personal info on US servers

- Email works like this, you can host your own email, you can send an email to any email address on the internet

- Statusnet is seeing about how we can apply microblogging model, less about technical challenges, more issues of governance, policy

- Twitter like status updates in a completely decentralized manner

- Diaspora is trying to take on Facebook

- Twitter’s pain point is the protected profile, difficult to code. what happens when you have to do this across thousands of followers?

- Privacy becomes more difficult as you scale the product

- The technical solutions are difficult, the real problem becomes you now have a network where you don’t control every node.

- How do you treat reposts? Reposting people’s private posts…

- What do we expect and what do we have as a ramification when people don’t live up to expectations?

- Take statusnet code and install it behind your firewall

- Social norms around social networks are more difficult to figure out than the technicalities of code

- Attach privacy information to each status update, just like status update attaches licensing information

Privacy and Being Social: In life vs Online?

Liveblogged Julianna | 19 June 2010 | 0 Comments

Presented by Luc St. Laurent

  • how are people social and how do they interact in the real world? how to apply this to the online world?
  • why is it that online we can’t do what we do in real life
  • we are taught to behave differently depending on who is around us
  • different aspects of a person’s personality is shared with different audiences/social groups
  • what’s the concept of identity? –> starts at a young age and changes over time
  • expectations of social behaviour in different situations
  • what about social protocols online?
  • in real life, you know who is listening; online, you don’t know who listens
  • should the online community be the way it is now? should it be open?
  • eavesdropping on Twitter – we can’t always know who’s listening
  • Facebook privacy settings –> trickle effect of information and the settings
  • most people aren’t actively monitoring their privacy settings on social networks
  • self-censorship is key first step
  • need to define what is public space and information
  • information being “leaked” is sometimes not the full picture
  • many stories these days of people losing jobs due to information being leaked
  • how far are companies allowed to go to get information? we have more control over in-life information sharing versus online sharing
  • companies need more protocols around information gathering online
  • information online is often presented out of context
  • when there is so much information and no context, how can we put context around the information?
  • not sure if we can; the information constantly changes
  • how can we put context on something like microblogging and small bits of information, versus a single conversation
  • people need to research information rather than taking sound bites at face value; but everything wants information quickly
  • some online conversations are so fleeting–how to understand them if you are not a participant?
  • building profile of a person off bits of information versus putting context on the information
  • people act differently within different existing networks; people build new networks and social behaviour online
  • what happens when people don’t have many real life personalities to separate online?

Afternoon Session 1, Room 2

Uncategorized luke | 19 June 2010 | 0 Comments

Weekend Pictures Redux: 2008-2010 – Steven James May Weekend Pictures)

  • Created out of a concern for people who had never blogged prior to the evolution of Facebook/social networks
  • Two camps re: privacy and social networking: “no big deal” and “I just want to see pictures from last weekend”
  • Goal of project: literacy and “harm reduction” –privacy concerns associated with online activitie


  • Why people aren’t concerned about privacy (Sass – early 20s blogger):
  • - An expectation that people know you’re different from your online personal
    - Rewards!
    - It’s cool and hip and young and free… chill

  • Findings from Ryerson report on social networking/use/perceptions (2008):
    - users expect platforms to be neutral
    - don’t expect such platforms “to do anything
    - in reality, media are never neutral. More akin to amplifiers.
    - new general divide re: privacy in online social networks – born pre and post 1985 have very different perceptions of public/private
  • Findings re: personal info in social networking services:
    - sharing personal data extends being direct friends
    - exists the possibility that corporations will use personal data irresponsibly or out of context
    - potential of Web 2.0 platforms as a surveillance platform.
  • Findings: Chris Avenir: charged with 140 counts of facilitating academic misconduct by being an admin on a facebook group–allegedgly sharing answers to course assignments. Suing Ryerson (on-going).
    - understand digital environments are public
    - but not adequately versed in pitfalls. risks will become more apparent as use grows.


  • “Sass” traded in persona for “Joey”, started new more professional blog, but didn’t actively attempt to remove Sass content, knowing that it would all be accessible somewhere, somehow. Focus has shifted with age, but not trying to hide anything.


  • Risk online personas pose to employment, etc. are largely generational issues that will disappear once people who have grown up with social media become decision makers.
  • “Managing the wrong kind of risk”–didn’t get full context.
  • Discussion still focuses on the fault that lies with the user, or with the company using online personas as a filter, but what fault/responsibility/role do the companies operating the platform have?
  • Why doesn’t privacy have the same place (in terms of enforcement/accountability) as copyright on user-generated content sites.
  • We have the desire to live our lives online as we do offline, but the tools/behaviour create conflicts.

Why a less private, open, social internet will save the world – Ujwal Arkalgud (

  • We’re all already screwed
  • MacArthur Foundation Digital Youth Project – primary reference
  • Shift from ‘messing around’ to interest-based network. This shift is driving us to action (points to, socialvibe)
  • Only way to graduate from “messing around” to “utopian scenario” of interest-based network, we need to be able to share information about ourselves.
  • Corporations can build goodwill by taking action in the areas of interest their customers care about
  • Non-profits finding it easy to get people ‘involved’ on FB, but very difficult to get them to press ‘donate’ or engage outside of Facebook.
  • No dispute that new tools are making it easier to mobilize people, but disagreement about whether this necessitates a reduction in privacy.

Privacy by Deletion: The Web 2.0 Suicide Machine – Gordan Savicic (

Presented earlier to catch flight.

Privacy Law & The Internet

Liveblogged Julianna | 19 June 2010 | 2 Comments

Presented by Julianna Yau

  • lag in privacy legislation versus emerging technologies
  • minority government impact
  • problems with integrating specific technologies with legislation
  • do we feel the law protects our privacy, even without taking the internet into account?
  • do companies abide by PIPEDA now? examples that they don’t
  • companies use legalese to trick people into giving consent for things they don’t want to give
  • law doesn’t protect – it is reactive
  • companies are “oopsing” all over the place — where’s the accountability?
  • is there any accountability within companies to be proactive about privacy?
  • issues of ownership of data — is it yours because it is information about you, or does the entity that took your data own it because they are storing it and/or have been provided the data
  • companies need to understand privacy and think about why they need to collect information
  • some people don’t like all the security layers
  • people want choice of information being provided for security
  • someone was able to create a fake identity (there is a Wired article about this)
  • issues of privacy and globalization – our laws only apply within Canada
  • Rogers One Bill – problems with implementation
  • paying for privacy – not technically legal, but phone companies charge for private listings

Statements to consider

Liveblogged Julianna | 19 June 2010 | 1 Comment

  • eavesdropping is not lawful access
  • Never attribute to malice what can be attributed to stupidity
  • there’s no such thing as a free lunch
  • you’re not the customer, you’re the product
  • money can’t compensate for lost privacy (can it?

Questions to Consider

Liveblogged Julianna | 19 June 2010 | 0 Comments

  • how can you really have ultimate control of your privacy if you have to give up a little bit of information everywhere (e.g. ID at bar & drivers license at video store)
  • can you regulate non-disclosure?
  • where do you instill your trust?
  • is trust a commodity that can be digitalized?
  • who owes you what?
  • where does paranoia end and good practice begin?