Consumers and the press like to bash vendors and online social networks for lacking perfect privacy, but there is no such thing. Rather, this is the victim’s argument for getting pwned…
Whenever we perform an action, or fail to act, there are consequences. A popular zen teaching uses an analogy of picking up a stick; if you pick up a stick holding one end, the other comes with it. The same is true of sharing personal information online. There is always the chance your information will fall into the wrong hands. Whether or not you share your information should be a matter of trust, of your assessment of risk.
Trust varies between online services. For example, the steps my bank takes to protect my information are regulated and pretty strong–not perfect, but strong enough for me to take the risk of using its online services. On the other hand, I would never post anything I don’t want the world to know about on Facebook.
Social networks are not heavily regulated… yet. And we don’t want them to be. I don’t want the government sticking its finger into everything I do online. So, I need to take some responsibility for my actions and not complain to my congressman or senator when my pictures of my last frat party compromise my integrity and that of several others. Knowing Facebook is a social network, designed for SHARING, why would I assume the risk of putting sensitive content there? Why would I place my trust in any social networking service?
The same is true of doing business online. There are differences in how “due diligence” is defined between online business services. It is our responsibility to ask the right questions before using any service. If we don’t, we are just as responsible as the service provider when data is stolen… or worse. Further, regular audits or other assessments are necessary to ensure initial trust does not drift in the wrong direction.
Before sharing your business or personal information with anyone, ask yourself how much you trust the other guy. If the answer is, “not as far as I can throw him,” then go somewhere else.
Tom Olzak on Security 