It is now some 20 days since the RedZone farrago came to an “end”. While that tool has now gone from Second Life, the wider issue of people’s right to a reasonable expectation of privacy while using the platform remains wide open – and Linden Lab remains resolutely silent on the matter.
Some might argue that the reason RedZone was removed isn’t important; it’s simply enough that it was eventually taken down. But the fact is, we do need to know why it went; was it finally considered to be in violation of the Terms of Service (ToS), or was it simply that the signal noise from the community reached a pitch where removing the device was viewed as the most expedient means of getting everyone to quieten down?
Beyond this is the fact that RedZone was not the only system grabbing information; some have been removed, others haven’t. Gemini CDS is still in use, for example; whether it is capable of account matching or not is irrelevant – it is sending information to a database under the control of a private individual outside of SL. Together with LL’s relatively low-key toughening of the Community Standards, it sends the message that the non-consensual havesting of user data – including that which might be regarded as “private” – for whatever purpose, is perfectly OK.
“Privacy is not something that I’m merely entitled to, it’s an absolute prerequisite” – Marlon Brando
While it is true that some link real life to Second Life as a natural part of their work, hobby or whatever, the vast majority are involved in SL as a means of stepping back from the realities of life and indulging themselves – and anonymity is important to this ability to do so. This point seems to be lost on the likes of Hamlet Au, with their constant (and completely inaccurate) cry that it is avatar anonymity that is “holding back” Second Life.
Even where people do link real life information with a Second Life account for business or other professional reasons, they may also wish to use alternative accounts to explore opportunities, activities and lifestyles that might cause them untold embarrassment if known to peers, family or friends. As such, there needs to be firm Chinese Walls between the accounts they create, and an assurance from Linden Lab that it is doing all it can to maintain those walls.
In short, any linking of real life to Second Life should always remain a matter of choice for the user, and never something thrust upon them by Linden Lab – and it should never be a matter of covert linking carried out without any form of explicit formal consent.
“The first duty of government is to protect the citizen from assault. Unless it does this, all the civil rights and civil liberties in the world aren’t worth a dime.” – Richard A. Viguerie
Linden Lab’s response to RedZone has been weak. There has been no public clarification of what will and will not be tolerated in terms of data harvesting within Second Life. While section 4 of the Community Standards now includes a reference to the sharing of avatar account information, it misses the point entirely – possibly deliberately so.
Attempting to regulate the sharing of data is about as effective as shutting the stable door when the horse has not only bolted, but is sitting on an exotic beach somewhere enjoying a quiet cocktail in the sun. Once data has been successfully culled from Second Life, then there is no way Linden Lab can prevent it from being howsoever those gathering it desire; and as RedZone ably demonstrated, when it comes to private individuals gather said data, it can never be assumed they are doing so with any honourable intent. Ergo, the issue is the gathering of such information in the first place that must be addressed.
What is not acceptable, however, is allowing people to attempt to drill through the existing Chinese Walls simply because it can be done (due to weaknesses in the Viewer software), or as a result of some unsustainable excuse (“the existing security tools aren’t good enough” – a weak excuse used when in fact someone is unwilling to take the time to use said tools properly, as this would inconvenience them far too much).
“I believe in a zone of privacy” – Hillary Clinton
A zone of privacy must exist for users of Second Life in order for us all feel confident that activating one aspect or another of the Viewer’s features is not going to end up in something unpleasant happening – or that we are being spied upon or possibly stalked.
While it is fair to say that no-one expects anything to happen overnight, the fact remains that time is passing – time in which Linden Lab have had the opportunity to do more to reassure the user community that they are in fact working to give each and every one of us a reasonable expectation of privacy. And yet, as it stands:
- The Media Filter is still not available in Viewer 2, despite the code being available to Snowstorm for nigh-on a month. Instead we have bouncy bits; and while these may have a short-term “wow” factor, as soon as the code is available in the likes of Firestorm and Dolphin 2, which do have the Filter code, people will quickly switch away from Viewer 2
- JIRAs such as SVC-6751, SVC-6793, and VWR-24807 – all common-sense measures to help provide areasonable expectation of privacy remain unassigned
- Sections 4.3 and 8.3 of the ToS remain somewhat in opposition to one another
It is understandable that the last two of these bullet points will take time to resolve – assuming they are being worked on at all. But given all that has happened around RedZone, keeping silent or avoiding the JIRAs and pushing back on the Media Filter – even as an interim solution – does not give any kind of indication that LL take people’s privacy seriously.
Frankly, people need the assurance that Linden Lab will not tolerate:
- The creation, distribution and use of any device that seeks to link and / or make available information on alternative accounts by any means, either directly as an in-world device, or via any method using the Second Life Servers or via transmission to any third party database or server
- The creation, distribution and use of any device that seeks to link avatar accounts with other ancillary information related to user accounts, such as IP addresses, for the purposes of alternative account detection or which may be considered by Linden Lab to infringe on the privacy and security of other users.
- That such infringements of privacy include the subsequent distribution of any gathered information, either directly (by providing online access to the data) or indirectly (through the transmission of the data to any devices held in-world).
“Privacy is extremely important for anyone putting themselves out there, expressing themselves, or expressing a side of themselves through an avatar. People don’t want other people to connect the dots from their avatar to their real life person – or even, for that matter, to an alt. One of the ethical obligations we have is to protect people’s privacy.”
- Rod Humble to Dusan Writer, 12th Feb, 2011.
In an age where people’s right to privacy is increasingly being looked upon disparagingly – often by those who will go to great lengths to protect their own privacy – Rod Humble’s comments to Dusan Writer have considerable resonance among the Second Life community. It’s really about time that Linden Lab gave some indication they are taking this position to heart – not just with regards to integration with Facebook or whatever – but in giving us the fundamental assurance that our privacy when in-world is being duly safeguarded.