Don’t talk too loud I have a hangover, and possibly your bank details
Take a moment to picture the scene. We’re aboard a train, traversing the English countryside between Birmingham and Bristol. It’s a glorious Sunday afternoon. I’m hungover. I have been sleeping on and off since Leeds, much to the annoyance of my traveling companion Chris.
About an hour prior to now, four young lads joined the carriage. They’re polite and chat amongst each other for a half hour or so before running out of energy and falling asleep. From catching bits of their conversation I gather they’re Marines, on their way back to Taunton. They’ve clearly had a big night out too. The carriage falls quiet once again.
I awake a short time later to the tones of a well spoken, if slightly loud girl in her twenties conversing on her phone via bluetooth to her Friend. No harm in that what so ever, apart from maybe the volume. This conversation however soon escalates into a full blown out-pouring about her personal life. Her voice is the only real sound to be heard for the next hour.
We leave the train in Bristol knowing everything about this girl’s weekend. I’m glad for her sake she wasn’t making a payment over the phone or a lot of travellers might well have had a shopping spree at her expense.
So what am I getting at here?
It dawned on me a while later that this girl had clearly felt OK talking opening about her affairs in earshot of the strangers around her. She’d assessed the level of privacy and amount of disclosure on a sub-conscious level, and filtered what she should and should not say in a public setting (assuming she wasn’t a sociopath). In its very essence this is an example of a self-regulated, social privacy setting. You know, the kind that exists on that “bookface” site. In this case, with the privacy levels at an all time low, discoverable by anyone.
I was left wondering somewhat if she’d provide this much disclosure in an online setting, where things are of a more permanent nature. They’re indexed, logged, cached and discoverable. You’re never totally in control of who accesses what. In his book “The Art of Deception”, Kevin Mitnick tells us.
In reality penetrating a company’s [or an individual’s] security often starts with the bad guy obtaining some piece of information or some document that seems so innocent, so everyday and unimportant, that most people in the organization wouldn’t see any reason why the item should be protected and restricted
Put simply, it’s no longer enough to rely on sites and software to control your privacy for you. They’ll fail you time and time again. If you want something to remain private, don’t put it online.