We have to keep reminding ourselves that the web is still in its infancy. Due to its rapid rate of change we’ve yet to really nail down some real best practices for using the web. This is especially true when it comes to privacy.
There are obviously issues with any number of web services but I’d like to talk about a rather small and niche area: staff photos on company websites.
Companies often put photos of staff on their bio pages but what’s the risk? It’s important to remember that due to historical archiving anything we put on the web is likely to be there for the foreseeable future. A simple search for someone’s name in Google could throw up any amount of personal information which includes that photo from their employer’s website.
I’m not about to suggest that we never put photos on the web but I would rather we didn’t make it easy for someone to produce a police state type dossier on us via a simple Google search.
Whilst a .htaccess file can be used to prevent hotlinking and, therefore, someone seeing the full image from a search it doesn’t prevent the image being indexed and the thumbnail showing up in an image search.
So, about all we can do for the moment to mitigate this is to add no-archive and no-index to the rel attribute. Links images should also be no-follow. This way legitimate users of the company website can view the images but Google wont keep copies.
Focusing just on this small area has show me how complicated the whole area of privacy is when you expose yourself to a global network that is indexed in one place and backed up in massive archives.
There are a lot of issues to sort out with regards to privacy and, for me, there aren’t any easy answers. There will always have to be a trade off between privacy and ease of communication.
So what do you think? Am I right or just paranoid? What solutions do you have?