Take out your calendars for the new year! Intel is sponsoring its second Data Privacy Day on January 28, 2009. Data Privacy Day, which is sponsored by a combination of tech companies, government organizations, and academic groups, aims to facilitate discussions on privacy, especially with regards to teenagers and social networking sites. The three-part framework includes educational materials, events, and government involvement. It was also nice to see the Digital Natives project, which has been active in all three of the above components, under their resources for data privacy issues.

I was most interested in the educational materials for teenagers that were presented Data Privacy Day. They bring up some important points, and I’d like to add some of my own thoughts to them here. I’ve have tried to pick out tips about privacy that may not come across as immediately obvious. None of them are myth-busting, per se, but they probably aren’t things we think about the minute we hit the tempting “Sign Up” button. Since the material on Data Privacy Day mostly focuses on privacy on social networking sites, I’ll draw on some examples with Facebook, which I have the most personal experience in.

1. Treat what you put online as permanent.
It’s easy to think of digital content as ephemeral, mutable, and easily edited, which is true except for caching. Search engines take snapshots of websites and makes these snapshots, rather than the live website, searchable. That means that anything you post that gets cached will show up in a Google search even if you later remove the content. Google caches are updated every so often – usually in a span of a few weeks – but you have limited control in the intermittent time. Even when pages and Google caches are updated, old webpages may still be archived and accessed on places like the Internet Archive. (Note: Here are Google’s policies on excluding pages from its cache and search results. Most of this information applies to other search engines as well.). Aside from automated archives, other users can of course copy and save your content to display on their own sites. The bottom line is: Once it’s online, it’s out of your hands.

2. Default settings usually allow sharing.
Privacy, as works at almost all social networking sites, is opt-in rather than opt-out process. From the point of view of a social networking site, it’s always in their advantage for their users to share as much as possible. Unfortunately, this means that people who are least aware are also the ones most at risk. Settings can be sneaky or complicated. On Facebook, you can have strong, custom privacy settings enabled, but when you join a new network – a regional network for example, which are often the largest and most open – none of those custom settings apply. It is important to be vigilant and take affirmative steps to be aware of your own privacy settings.

3. Companies usually reserve the right to change their privacy policies without notice.
Remember when Facebook came out with Newsfeed? Or ads that tied your name to online purchases on third-party sites? Facebook didn’t tell its users about the changes until they were live, and these changes were strictly opt-out only. (Not to mention that the initial privacy controls in both cases were either nonexistent or insufficient.) Facebook’s own privacy policy also says, buried in the middle of pages of text, “We reserve the right to change our Privacy Policy and our Terms of Use at any time.” and, “We encourage you to refer to this policy on an ongoing basis so that you understand our current privacy policy.”

4. A closed network is only as private as the people in it.
As I said in number 1, any content that is put online is no longer completely in your hands. To take Facebook as an example again, it’s easy to think of Facebook as semi-private because it requires a log in to access the site and is not indexed by search engines. But that doesn’t mean that photos on Facebook are strictly accessible only to friends or networks based on privacy settings. All it takes is a simple right click and “Copy Image Location,” which gets you an URL linking to a Facebook photo that can be copied and sent to anyone. Essentially, if leaked, anyone can see a Facebook photo.

This post is not supposed to come across as alarmist– it’s just crucial to think of privacy as something for which we have to be proactive. Privacy isn’t the default mode of the Internet – the Internet does, after all, serve to connect people – so it is also important to understand the privacy implications of all our actions online. Data Privacy Day does well to play a part in this educational process.

– Sarah Zhang