Leave social networks at home
Attention friends and acquaintances: Please stop sending me invitations to join your electronic social networks. I know Plaxo, Friendster, Tickle and other networking tools help you remember my address and phone number, but I'd prefer you hand-write them in your little black book. At least the data will belong to you alone and won't be shared with the world.
It seems not a week passes that I don't get an invitation to join one of these social networks. So, being the skeptic that I am, I did a bit of research about them. What I found scared the heck out of me, and it's enough to give a corporate privacy officer heart palpitations.
Let's use Plaxo, a contact management application, as an example of an application that can run amok in the corporate environment. It might be fine for home use, but keep it out of the enterprise.
According to Plaxo's Web site, "Plaxo 2.0 plugs directly in to Outlook or Outlook Express. Your existing contacts, calendar, tasks and notes will be quickly backed up to the Plaxo Network and up-to-date - with no extra steps required! Not only will you have a secure backup of your vital information, you can access it from anywhere using Plaxo Online." (more on Plaxo)
Of course, this theft of private data is only going to occur if you install the Plaxo client and use Plaxo to maintain your social network. What's the harm in simply responding to a friend's request to enter your personal information into his Plaxo network? Well, duh, then all your private information goes off to the server in La-La Land, and there's no telling what happens to it from there.And it gets worse. I assume that at least a few people have my name in their Outlook contacts list. If those people install Plaxo at work, then my private data gets sucked into the Plaxo black hole, whether or not I agree to it.
As a network executive concerned with privacy and data protection, you should discourage your co-workers and colleagues from using the applications at work and from submitting information to these public networks. At the very least, your organization should prohibit entering any company-owned information into a social network. This includes company e-mail addresses and phone numbers. If Sally in Accounting wants to enter her Yahoo e-mail address and home phone number, that's her business, but she should not use her corporate e-mail address and phone number. And she should do it from home, not the office.
I'm not suggesting that these social networks intend to misuse private information, but we IT-savvy people know that accidents and abuse can happen.