Photo by abc.net.au
By Brody Levesque (Washington DC) Oct 1 | As a mother and son sue for damages over a falsified Facebook profile in an Illinois court, yet another reminder of the darker side of social networking sites, the question becomes; how does one prevent this from happening?
Should social networking sites be required to have proof on file for users? Or, as some have suggested, "be warned that this IP address is being recorded for," {the user} and that user is liable for all contents? What happens when people get bullied, do we hold the site accountable?
In the United Kingdom, which has a fairly comprehensive law known as the 'Data Protection Act,' quoting from a recent White Paper analysis by DR. C. N. M. POUNDER, (July 2009) of the consulting & training firm Amberhawk UK, 'A DATA PROTECTION ANALYSIS;'
"There is a current, lively debate as to whether data that contains no name but is linked to an Internet user session via an IP address, URL or similar reference number is personal data or not. If the data are not personal data, then the person who controls the data has almost untrammeled power to decide the nature of the processing. By contrast, if the data are personal data, that controller would be constrained by the data protection obligations that serve to protect the privacy of the individual users concerned."
However, when the interests of privacy and data protection conflict with the need to protect persons who are at risk or under attack from Cyberbullying, what would a viable solution be? Tim Trent, an expert in the field of Data Privacy & Protection in Britain had this to say;
Social media itself has a duty of care towards people who have been impersonated. My view is that their duty begins and ends at first suspending an account that is suspected of impersonation, and then deleting the account if either no appeal is lodged, or alternatively deleting it if the impersonated person proves their impersonation.
Account deletion means exactly what it says. It means that the offending account, together with all record of transactions on it, is no longer to be preserved. The social media operator has no duty to retain any evidential matter for any period on the assumption that the impersonated person may wish to lodge some kind of law suit. However, if the impersonated person gives notice that they intend to file such a suit, then simple deletion would be an error. A duty of care exists towards the impersonated person to protect their interests if requested to do so.
The problem arises when a simple prank turns into defamation. Imagine how you would feel if someone impersonated you online and ruined your social life, or ruined your career prospects by pretending to be you and revealing things, untrue things, about you that had precisely that effect?
Or, what if you are someone well known and a misguided fan is pretending to be you? Twitter has one such example currently with the UK diving star, Tom Daley. In a newspaper interview he seemed relaxed about the twitter user http://twitter.com/Tomdaleydiving, who, he says, is impersonating him. His real account is http://twitter.com/ Tomdaley1994. Nothing bad is happening (currently) from the fan's account, but it might. Especially since he's a teenager, there may be more afoot than online pseudo-stalking. Only the impersonator knows for sure.
Twitter has a firm policy to handle such abuses, and implements the policy when the affected person complains. That;ls good and as it should be. Tom should lodge the complaint, but he seems to laid back and plain nice to do that.
With regard to proofs over who is using a service, very few people realise that the Internet is not anonymous. Even anonymising services may be subject to court orders to reveal which original source IP address, a unique number which, coupled with time and date, identifies the unique computer performing the online action. Linking that to an individual is harder but perfectly possible. We leave long traces, Even generic email services such as Hotmail, the original web based public free email service if I remember correctly, is not anonymous. It simply gives a false sense of security to those who think they are hidden and can thus get away with harassing others.
You can't protect yourself from cyber stalking and cyber bullying, but you can act fast and instruct social media providers to close it down, and to keep evidence if you intend legal action.A wise move is to collect screen shots yourself, using, on a PC, alt/Print Screen to put a screencap of the active window on your clipboard, and then paste it into a graphics suite or a word processed document. On a mac it's cmd-shift-4 then click on any open window.
Social media must support you, but it cannot act to protect you in advance. I can go now and open an account in the name of Joe Buggins in loads of places. And then I can do what I like using that name. But any unlawful acts come back to me, Tim Trent.
But, since I am Tim Trent I also make use of Garlik at http://www.garlik.com/ It monitors things I ask it to monitor about my contact details and alerts me if anything strange is happening. I can then choose what action to take.
This is not a new phenomenon, but in recent years it has led to several deaths and lawsuits around the globe. An Information & Compliance Manager for the Perth & Kinross Council in Britain has this to say in an e-mail:
Subject: Re: [data-protection] Social media, Impersonation, Defamation
Doesn't this mirror some of the concerns raised in the opinion on Social Networking Sites from the Article 29 Working Group? They clearly indicate that the SNS has responsibilities as a (joint) Data Controller (which they tend to deal with poorly). One of those responsibilities surely would be adequately confirming the identity of the person creating the account (mandatory ID card would help!
The opinion also points out that not all the usage of a SNS by an individual is necessarily covered by the domestic purposes exemption - particularly where harm is being caused.
In another e-mail, the person pointed out that;
The point then becomes, on whose shoulders does the primary responsibilities to prevent these behaviours fall on? Government? Social Networking sites? or the Users?I believe there is immunity from liability in the US for providers of an 'interactive computer service' who publish information provided by others. However cyber harassment is a Federal crime and there have been succesful prosecutions brought for 'Use of a Telecommunications Device (ie the Internet) with Intent to Annoy, Abuse, Threaten or Harass', including where the person charged has tried to hide their identity. I would be surprised if that couldn't be applied here.
Posts
3 comments:
The users. The burden is firmly on our own individual shoulders. We cannot expect social networks to nanny us. We, the users, we must protect ourselves and notify the provider of breaches.
After all, how can the provider possibly do that for us?
What about people who don't even use these awful sites, Tim? Which is still hundreds of millions of people in the developed world alone. Are we to be expected to allocate time on a regular basis to check that no-one is impersonating us? And how many of the sites do you expect us to monitor?
That is why I use Garlik. It does it for me, and reports to me proactively. I've found all sorts of interesting things while using it, fortunately none of which have been impersonation.
Monitoring our reputation is no-one's responsibility but our own. No-one can do it for you. Search engines will help, but you have to be the proactive one.
There may be sites that do a similar job to Garlik, perhaps even better, I wave no flag for it, I just use it. But use it I do. And it was a positive decision to do so. It;s a strange name, but it does the job. Maybe it keeps vampires away.
Post a Comment