by C.G. Lynch

IBM Begins Work on Service to Manage Privacy and Identity in Web 2.0 World

Mar 27, 20083 mins
Consumer Electronics

Working with 14 partners in Europe, IBM will work on the three-year project, called PrimeLife, from its lab in Zurich. Privacy experts say the program will focus on individuals managing their identity across social networks and other online communities.

Responding to the rise in adoption of social networks, virtual worlds and other Web 2.0 technologies, IBM has launched a project to create tools to help people manage their privacy and identity on the Web, taking a stab at what could become one of the most pressing issues in online collaboration and data sharing.


When a Colleague is a “Friend”: Facebook Users Get a Crash Course in Reputation Management

Fake Social Networking Profiles Still Big Problem, But Don’t Expect Social Networking Sites to Care

A Wake-Up Call for Users in Facebook-Beacon Controversy

The project, called “PrimeLife,” will involve 14 other partners. It will be funded with 10 million Euros from the European Union, and spearheaded by Big Blue’s Research Lab in Zurich.

Though the exact functions of the service are somewhat unclear, Jan Camenisch, PrimeLife technical leader at IBM’s Zurich Research Lab, did release a statement regarding its objective.

“We aim to develop a toolbox, which you could describe as an integrated electronic ‘data manager,'” says Camenisch. “The data manager provides users with an overview of which personal data he or she uses when, where, and how. It lets users define default privacy settings and preferences for all kinds of applications, and it prompts the user if applications request data for any other purposes.”

The issue of identity has taken on a particularly prominent role as social networks have become ripe with abuse. Users have often started fake profiles of prominent world leaders and celebrities, and perhaps more seriously, of ordinary people.

The amount of information social networks can broadcast, sometimes unknown to the user, can be astonishing. In Facebook’s Beacon controversy, some advertisers were able to track the purchases of Facebook users on their site (generally when the individual was logged in to their profile simultaneously). If, for instance, a man was buying his fiancée a wedding ring on one of the Beacon advertisers’ sites, the purchase might be broadcast to his bride-to-be’s newsfeed before he had a chance to pop the question (this actually happened, as shown in the comment thread of Forrester Analyst Charlene Li’s bloghere).

Facebook’s CEO, Mark Zuckerberg, later apologized for the service overstepping its users’ privacy. He offered users an opt-out function on their profiles from such advertising methods, and months later took steps to allow people to control their privacy with greater specificity than before.

But that’s just Facebook. The number of social networks and other Web-based communities to track is nearly impossible for a person to do on his own.

The idea of creating a tool to manage your identity across the Web is nothing new. claimID, for instance, provides users with a free service to keep a link résumé—a list of approved sites that the user verifies they actually engage in or manage.

Larry Ponemon, founder of the Ponemon Institute, a privacy and business ethics think tank, says that while it’s encouraging to see the technology industry take an active interest in the issue, the allocated amount of money might not be enough to really address the problem fully. “A small consortium of organizations with a budget of 10 million Euros appears to me as too little too late,” he says.

But Ponemon emphasizes that he likes how the service will track users over their entire lifetime, not just for a brief snapshot in time. “It pursues a life-cycle approach for managing privacy by individuals,” he says. “In my opinion, promoting individual responsibility and accountability with enabling technologies is real genius.”