Two recent cases in point:

* Project ‘Gaydar’: This Boston Globe article looks at some MIT researchers who analyzed Facebook friending patterns and figured out that they could pretty accurately predict which men were gay, even if they didn’t list it in their profile. They did this by looking at the subjects’ Facebook friends; apparently, gay men have more gay male friends than straight men, so by looking at someone’s followers and plugging them into a computer model, they could infer who was gay. (It didn’t work as well with bisexuals and lesbians.)

The reason it works is that people with similar interests tend to cluster. Call it birds of a feather flocking together, or guilt by association. Either way, it shows another way that indirect information — in this case, the company you keep — can be used to reveal more information about you than you might have intended, especially when that information is accessible online.

(A further example comes from another researcher cited in the article who used predictive models, combined with follower information, to predict political affiliation based on music preference. Again, while it may be an old stereotype to associate, say, the Grateful Dead with progressives, and while you might miss a few outliers — like noted Republicans who are Deadheads — the ability to cross-check against the stated preferences of your online friends, over whom you have little control — is a new thing to worry about.)

Although I’m sure many audience research, political polling, and marketing types are salivating at the possibilities, any privacy-valuing individual should take pause. Though the logical answer — don’t post information under your own name, which basically means don’t post anything — seems pretty draconian. [link via Slashdot]

* Online Compliments Can Haunt You, Too: From the Wall Street Journal, a lawyer who represents corporations in employment cases recommends they tell employees not to post recommendations for laid-off co-workers on job networking sites (like LinkedIn), on the theory that if someone is let go for cause, but gets good online recommendations from co-workers, it might be used as legal fodder.

You know the mom-ish advice — if you can’t say something nice about someone, don’t say anything at all. I guess we can amend that to simply say, “Don’t say anything at all.”

Online job recommendations are strange beasts — as Jeremiah Owyang notes, their value is already dubious, since people are only likely to ask for a recommendation when they think they’ll get a good one, but this is a new twist. Most of us are hesitant to give a less-than-shining recommendation if the other person can see it; take away the ability to give a good recommendation, and all that’s left is the mushiest of litigation-proof recommendation letters, or simply a very corporate verification of employment dates.

It’s easy to say, “Just stop posting stuff online,” though in practice, it’s getting to be like saying “so just don’t drive” or “just don’t talk on the phone” — you can do it, but the cost is increasing.

Got a comment (that’ll add to your online body of work, possibly lending more insight into your personality and purchasing habits)? Leave a comment.

Well, it looks like this scenario may have finally happened, as written up by travel blog Travelin’ Light: Twitter user @izzyvideo posted a Tweet saying he and his family were on vacation. A few days later, he tweeted that his house had been burglarized. (There’s more info in his blog entry, and it’s been getting mainstream press attention.)

Since his Twitter updates were publicly findable on any Web search and also appear on his Facebook page, there’s no way (that I see, anyway) to pin this on one of his online friends or followers. If any of them had a hand in the crime in the first place: It’s perfectly possible (in fact, I would say probable) that the burglary was just a random property crime that doesn’t have anything to do with any social media at all. But it’s a fascinating, if disturbing topic, especially since it has a link to Twitter. After all, Twitter is about socially broadcasting your status in realtime, as well as the ability to search those updates, also in realtime.

Transparency as Vulnerability?
I was struck by a passage in Everfree, a science fiction novel by Nick Sagan, where a protagonist is talking about the wireless links that people use to communicate:

Watch lists tell us who’s in the news, so if I’ve got Claire on mine and she’s featured on someone’s channel, an alert lets me know. Watch lists are also a measure of popularity, so the more watched you are, the better. Slick way to get citizens to enjoy being watched. “How do I get more people to like me? How do I move up in the rankings?”…

…If someone’s using a link anywhere in the city, I can find out where he is and what he’s linking — another person, an information site, entertainment, you name it. Blows my mind how many citizens are willing to give up their privacy. Total transparency may be the selling point, but the goal is control.”

Sound like any social broadcasting phenomena we know? (Incidentally, the book came out in 2006, the same year as Twitter’s founding. Also, one of the bad guys is named “Ning,” though I think that’s just a coincidence.)

Opsec as a Way of Life

Now, intelligence and military types (including military bloggers) often talk about Opsec (Operations Security), which means being aware of what you say that might reveal what you’re doing. It’s best embodied by that most famous WWII slogan, “Loose Lips Sink Ships.” (You can see a whole bunch of related posters at the WWII Poster Collection at the Northwestern University Library.)

Another aspect of Opsec is the idea that a single piece of information might not be damaging by itself, but a watchful adversary could combine it with other pieces to form a revealing picture, as illustrated by another poster: “Bits of careless talk are pieced together by the enemy.”

Anyway, especially with services where we announce our physical location, I predict we’re going to have to be a lot more sensitive to personal Opsec concerns, because eventually, the criminals will catch up.

As a bonus, here’s a version of the Someone Talked! poster that I’d worked up for a more up-to-date warning message:

Modified public domain source image from the WWII Poster Collection at the Northwestern University Library

Have you thought about how people might misuse the information you broadcast? [Incidentally, in case anyone gets any ideas, my house is hardened and alarmed -- a veritable fortress -- and my neighbors and roommates are all former police / Special Forces / ninjas.] Is this overblown hype? Are you planning your own social-media enabled crime spree? Leave a comment below.

Here’s a roundup of a few relatively recent Twitter mistakes — learn from them:

* Twitter + Child’s Funeral = Bad Idea: Back in September, a Rocky Mountain News reporter, Berny Morson, used Twitter to provide live event coverage of a child’s funeral. (Example tweet: “coffin lowered into ground“) Needless to say, it did not go over so well.

Part of the problem was that it’s hard to convey solemnity, especially in real-time, using 140 characters (or less) of text. Another problem is that funerals generally don’t get a play-by-play treatment, especially when done in a style more suited to, say, a basketball game. Lastly, even in a best-case scenario of respect, solemnity, dignity, and respecting the privacy of the grieving family, I can’t really find any value in the real-time tweeting a funeral.

* Twittering During Surgery: This example, while not nearly as egregious as the funeral, still falls into my category of “Things we can do are not necessarily things we should do”: Surgeons at the Henry Ford Hospital in Detroit used Twitter to post live updates during an operation to remove a kidney tumor. (While the image of a surgeon dashing back and forth between patient and laptop would be kind of amusing, this was not the case — another doctor, observing the operation, posted the updates using Tweetdeck.)

As a consciousness-raising effort and experiment, the Twittering of the operation was a success. The question becomes, how would Twittering an operation be valuable when it’s not done as a publicity stunt?

* Twittering That Jeopardizes Security: Earlier this month, Congressman Peter Hoekstra posted a Twitter update announcing his arrival in Baghdad, during a Congressional delegation’s previously-secret trip to Iraq. Despite a mini-uproar, the Congressman doesn’t feel he did anything wrong, and the Defense Department is re-evaluating its policy.

I’ll leave it to the security experts to debate the actual threat here, other than to note that there’s always a dynamic tension between the need for transparency and the need for security (with an additional push-pull between informing and grandstanding)

* Twittering That Insults a Client: On a trip to Memphis to meet with FedEx, PR guy James Andrews posted a less-than-complimentary comment about the city. Somebody at FedEx saw it, took it personally, sent it around, and started a big slapfight that culminated in lots of tut-tutting, and of course a public apology.

I don’t think there’s much more here that needs to be said other than be careful about what you post, because people will read it.

* Twittering Something Public That Would Be Better Kept Private: This is another silly slapfight, this one between a PR person and a reporter who goes off the rails. Because they took it to Twitter, it was public for everyone to see (including swears). Honestly, no one involved looks good (the reporter looks worse, though), and the whole thing is a pretty tedious reminder that you should never post while angry — especially when it’s public.

Twitter, as with any communications tool, has a learning curve, and as a relatively new tool, people are still creating the etiquette and norms around it. And as we can see, people — even folks who should know better — make mistakes. Sometimes, they’re trying to push the envelope; other times, they’re acting out in the heat of the moment and broadcasting things they’d be better off not saying at all.

Remember, as the saying goes, “Internet: It doesn’t make you stupid, it just makes your stupidity more accessible to others.”

Have your own Twitter faux pas you’d like to share? (My own are the garden-variety drunk-texting sort, not notable in any way.) Please leave a comment below.

To riff on Howard Rheingold, you know an online community is truly a valuable part of your life when those relationships benefit your offline life — you go to parties, babysit each others’ kids, develop business links, fall in love, etc.

This time, though, I was thinking about another impact of online networks on offline interactions — the event RSVP.

For starters, do people even send out paper invitations and RSVPs anymore, other than for formal events (weddings and fancy dress dinners) where the invitation and RSVP are still part of the ritual? Has the realm of the birthday party invite been completely taken over by Facebook and Evite? Do little kids still get paper birthday invites to take home, or are the contacts all parent-to-parent now?

The decline of the paper RSVP we can chalk up to the march of progress. But the replacement, the online RSVP, has its own implications. We, of course, see the phenomena outlined by NYT writer Hal Niedzviecki, where he learned that a Facebook “yes” is actually a “maybe”, and a “maybe” is usually a “no.” (I definitely saw it in full effect for one meetup last week, where the turnout was shockingly lower than the online RSVPs would have suggested.)

Given that it’s so easy to RSVP online, and to update your RSVP if you need to, why do so many people say “yes” when they mean “maybe,” and “maybe” when they mean “no”?

Maybe it’s because of the paralysis induced by too many choices. Though I think that the way people deliberately overbook themselves is a rational strategy — it’s so they can maximize their social capital and ensure that they hold out to the last minute for the very “best” event. And this process, of course, got a whole lot easier with the public attendee list, where you can see who else (ostensibly) is going to be there.

It’s rare these days that I see an event host hide an RSVP list. By keeping attendee lists public, they change from informational utilities solely for the host, to a marketing opportunity for both the host and the attendee. The host shows off, “Hey, these are all the cool people who are interested in my event,” and the attendee shows, “Hey, I’m cool enough to be attending this event.”

Of course, it could be rudeness. Though it’s probably more likely the desire not to be rude — when your RSVP response is public, you’re transmitting more than your actual attendance — you’re showing off your allegiance to the group, and also endorsing the event with your alleged attendance. (Maybe we need a new category to help hosts in their planning: “I would if I could, but I can’t, but you should.“)

True rudeness would be attending but not responding. I mean, that doesn’t help anyone, right?

And what of the poor “no”? No still means no, but it better be an honest no with a legit explanation, because if you make an excuse and people see that you just decided to go to another event (via your Twitter or other social media tool)… that don’t look so good.

Anyway, enough rambling. I’m an anachronism — I try to say yes only when I mean actually mean yes. How about you — what strategies do you employ when you’re a host of an event, versus when you’re an event attendee — how do you take into account the public nature of your RSVP? Please leave a comment and help out all those poor event planners out there try update their attendance formulas.

What are you going to say?

I talked a little bit before about what small business owners should say when they blog. But you know that Tolstoy quote about happy families? “Happy families are all alike; every unhappy family is unhappy in its own way.” Small business blogging is kind of the flip side of that: The things you should write about will vary according to you and your business, but the things that you shouldn’t write about are pretty similar.

Most of the blogging best practices truisms for regular folk apply to business bloggers, only more so: Don’t steal content (instead, excerpt and link to the source, and add original thoughts). Don’t be a sockpuppet (posting comments to your own blog using fake names, to make yourself look better). Don’t post while you’re angry or chemically altered.

Looking to business-specific advice, a good primer is the article, “Corporate Blogging: Pitfalls and Guidelines” (it’s all over the place on the Web). It’s geared towards larger companies that need employee blogging policies, though — it’s hard to pull off the good old employee disclaimer (e.g. “I don’t speak for my employer”) when you’re the employer.

A few more business-specific blogging truisms:

* Don’t post trade secrets — yours, or anyone elses.

* Don’t talk trash about your competitors. Just tell the truth about yourself.

That’s the easy stuff. Then things start getting interesting.

Talking About Your Customers — Should You?

What’s your business about? Your customers. That’s where the interesting interactions happen. So how can you talk about your business without talking about your customers? You can’t… but what you can do is avoid violating their privacy (and just as important, their expectations of privacy).

There are some explicit red lines you must not cross. For example, if you’re in the medical field, you can’t reveal Protected Health Information (outlined in HIPAA) — it’s basically stuff you can use to identify specific people: names, full-face photos, etc.

However, there’s a thriving medblogging community out there (including nurses, pharmacists, and yes, even doctors), and they manage to stay out of trouble by anonymizing data, and applying good judgment.

But removing personally identifying information is just one part of it. No matter how much the lingo changes, talking about a patient is still different than talking about a customer. The next part goes to intent and expectations. Say you post an anonymized “dumb customer” story. If you’re posting the story for the sole purpose of mockery, not education, will your other customers think, “What are they going to say about me?”

A good gut-check guideline when writing about a customer (even an anonymized one) is, “How would I feel if the person I’m writing about knew I was writing about them?” Call it sensitivity or self-censorship, but I know it helps temper my own acid pen.

Or flip it around, and let people know you’re going to write about them (”You mind if I mention this in my blog?”); they can express any preferences, they might enjoy the recognition, and they might help you get some word of mouth.

So maybe you leave out customer mockery and tawdry gossip. What’s that leave? Plenty: Trends you’re seeing among customers; challenges and solutions; lessons you’ve learned; customer success stories; and advice of all sorts.

Have you run into problems with your small business blog? How do you blog about your customer interactions? Leave a comment (but only if you feel like it).