According to the Associated Press, a Pennsylvania teacher has been suspended without pay for 30 days because of a picture posted to Facebook. Why the harsh punishment? The article says the teacher “appeared in a picture someone else posted on Facebook that included a male stripper.”

The context of the picture, which was taken at a bridal shower, is not entirely clear. Was she in the background of the picture minding her own business? If so, that doesn’t seem very fair. If she was front and center waving around a wad of ones, the school board probably has a better case. On the other hand, it’s not like she brought a stripper into the classroom. She was celebrating with her friends in her spare time, right? Unfortunately, in the Internet age, that doesn’t make a difference.

This isn’t the first time we’ve talked about teachers getting in trouble over Facebook or Myspace pictures, and it probably won’t be the last. By now, it’s a known fact that social networking for teachers is a risky proposition. In this most recent example, the teacher wasn’t even responsible for posting the picture online and yet she still found herself in hot water because the picture became public.

If this teacher had been monitoring her reputation online, she may have been able to spot the photo before the school board did and ask her friend to take it down. Unfortunately, she wasn’t able to, and now she has to forfeit 30 days of income. To many out there, myself included, it doesn’t seem fair that teachers are so harshly scrutinized for content about them online, but that’s the way it is in the age of oversharing, and that’s why proactive online reputation management is so important.

The good old days of paper records.  Image courtesy Ed Uthman via CC license.

It’s time for web companies to learn how to forget.  It’s particularly time for Web 2.0 companies to learn how to forget.

The digital nature of the Internet makes it easy for websites to collect massive amounts of data: every click, every interaction, every search term, every referrer, every error… you get the idea.   This massive data harvest can be dumped into a SQL database to be analyzed, cross-tabulated, summed, totaled, averaged, and dissected.  In general, this is good.  Web companies should learn from their visitors, and web companies should take advantage of the power of digital data collection.  Important trends can be spotted, and products can be improved.

The problem comes when companies keep too much data too long.  Take the example of a search engine.  To a search engine, it is very useful to know what search terms are popular today:  Google uses each day’s search terms to compile a list of the hottest search terms of the day, and undoubtedly uses the same data for anti-spam and quality control.  So far, so good.  Google is using its data in interesting ways for an appropriate amount of time.

The problem comes when data connecting search terms to individual users is kept too long.  Six months from now, your search queries don’t matter.  Maybe there’s some data that is useful in the aggregate (like the hottest search terms of the year, used to create Google Zeitgeist), but Google doesn’t need to know who entered each search query; the data has become stale and less valuable.  Keeping non-aggregate data around too long is an invitation to privacy breaches, like what happened when AOL revealed thousands of search histories.  AOL claimed that the data was anonymized, but it was possible to identify many individuals.  Even more data can be revealed when web servers are hacked—Google claims that its servers were recently attacked in China, and it is not publicly known how much data was accessed.  The more data that was still on Google’s servers, the more data could have been revealed.  The same goes for insider theft, computers left unsecured, and any other means of getting at the data.

To put it simply, the cost-benefit tradeoff of keeping data changes as the data gets older.  The benefit of keeping data decreases as it ages; data that has business value today (like clickstream data, search queries, and website interactions) loses value over time because it becomes too stale to use for business decisions.  If long-term trends need to be spotted, then data can be aggregated and the original fine-grained data destroyed.

But the cost of keeping old data doesn’t decrease: to end-users, revealing old data can be just as harmful as revealing new data.  A site that reveales embarrassing search queries from 2 years ago is just as dangerous as a site that reveals embarrassing search queries from last week.  Here, Web 2.0 companies are particularly at risk.  They know a ton about users’ social, political, and inner lives — information that is often very personal.  They often know every interaction between two users — what profiles have you been clicking on?  what messages have you been sending? who have you “poked” lately?  were you on the Jersey Shore fanpage for an hour looking at pictures of Snooki?  A site that collects this information is constantly at risk of losing it.

The solution is to destroy data, or at least take it offline and preferably move it into non-digital form.  Search engines have recognized this in part, and have generally similar plans to destroy clickstream data within 6-18 months.  But it’s not clear that a lot of Web 2.0 companies do.  I know that many of my old Facebook interactions are still stored in a production database because I can still access them.  There is simply no need for this data to still be in a production database that is vulnerable to hacking, data leaks, insider theft, and more.  One data security incident could reveal the entire history of social interactions on the site.  This is a privacy Sword of Damocles, silently hanging over every user’s head.  What embarrassing thing have you done on Facebook in the last few years?  What private messages have you sent?  With one data dump, it could all be revealed.

Instead, Facebook could simply announce a policy to archive all interactions more than 12 months old, then move them offline.  Or it could just delete them entirely: do we really need 5 years of history of “pokes”?  Or, if users really want to keep their data, then let users download an archive with all their interactions and delete them from the server.

To be fair, forgetting is hard.  Why don’t web companies forget more often?  Often, it’s just inertia.  It takes programmers’ energy to archive data, and it takes careful business decisions to determine when and how to archive data.  Sometimes it’s like an overdue library book: you know that you need to return it, but you just never get around to it until it is very overdue.

Sometimes, the good old days are best.  Remember paper files?  Paper records are nothing like digital: they are slow to process, hard to store, and are corrupted over time.  But maybe those are features rather than bugs.

In bullet points:

• Web companies collect massive amounts of data
  • Clickstream, social interactions, emails and messages, credit cards and payment info, preferences, actions, and activities…
• It often seems easier to keep old data than delete it
  • Disk space is nearly free, and databases make it easy to keep old records
  • Programmers often think that old data will have some kind of marketing value
  • Archiving is a pain
• But old personal data can be embarrassing or dangerous
  • Information about people’s financial, social, and political beliefs can cause embarrassment
  • Some data that seems benign (like your Netflix movie rentals) can reveal a lot more (like your sexual orientation)
  • Some data that has identifying information removed can still be used to identify you (like your AOL search queries)
  • Information about people’s names, addresses, and family can cause safety issues and encourage identity theft
• That said, information about places, things, and science should be more available
  • News reports, scientific papers, and scientific data generally do not present the same privacy problems
• Old digital data is particularly likely to be problematic
  • Data that is instantly accessible in a production database is instantly accessible to a hacker or data accident
  • Insiders can leak data, intentionally or accidentally
  • Once out, it can be digitally scanned, searched, sorted, and remixed
• Old data is less likely to be useful in a live environment
• There are solutions
  • Move content into an archive that the user controls
  • Delete marketing and clickstream data
  • Research and trend data can be aggregated
• There’s something to be said for paper records.  Paper records have a very high transaction cost; that can be a feature, not a bug.
  

In light of our earlier story about Scott Baio’s ill-advised Twitter joke, along with other recent Twitter-related posts, I thought it would be prudent to share a small guide offering simple suggestions on when you should and when you should not tweet about a given situation. Keep in mind, I’m only touching on a few scenarios here. If you have your own advice, please feel free to share it in the comments.

–

Situation 1

You’re out with friends at a bar or restaurant and you’re getting bad service.

When Not to Tweet – At the first instance of poor service. As I wrote in a recent post on “How To Use Yelp Without Being a Jerk,” you should resist the urge to share a scathing review until you’ve had time to consider the situation objectively.

When to Tweet – After you’ve spoken with the manager about the service. There could be a good explanation for the poor service that you didn’t know about, like they were short staffed. If you raise your concerns and they are ignored, however, you are well within your rights to tweet a complaint. Just make sure that you don’t overdo it. Civility can go a long way toward fixing problems.

Situation 2

You’re in an interminably long meeting at work and you’re trying to think of ways to pass the time.

When Not to Tweet – Anytime you’re in the meeting you shouldn’t be tweeting. You may not get caught writing a tweet under the conference table, but remember that all Twitter updates are time stamped. If your manager looks over your Twitter stream and notices a series of updates at precisely the same time they were talking about the quarterly earnings report, you could find yourself packing your bags.

When to Tweet – Like I said before, when you’re not in the meeting. Seriously, unless you’re having some kind of open web event where you’re incorporating Twitter into the meeting, it’s not a good idea to tweet on the job.

Situation 3

Your spouse has gone into labor with your first child and you’re rushing to the hospital.

When not to Tweet – During the actual process of labor. Not only is it inappropriate information to share with the world, but there’s no way your spouse is going to be happy when she sees you fiddling with your iPhone instead of helping with the lamaze breating.

When to Tweet – When your healthy baby boy or girl has been successfully delivered. For maximum cuteness, you can even have a nurse Twitpic a picture of you holding the newborn. Adorable.

–

Any other scenarios that you think are worth mentioning? We’d love to hear some thoughts.

Twitter is a dangerous beast. It’s easy to set-up, you can access it from practically anywhere, and it appeals to the narcissist in all of us. (Why wouldn’t the world want to know what I’m having for lunch today?)

Of course, Twitter’s ease of use means that it’s also easy to misuse. If you’re not careful about what you say online, you can invite the wrath of the Twitterverse down upon you, especially if you’re a celebrity. Just ask Scott Baio.

According to the Huffington Post, former Happy Days actor and current reality TV star Scott Baio has caught some major heat on Twitter for posting a joke about First Lady Michelle Obama. The joke itself is nothing of major consequence, Baio shared a picture of the First Lady looking less than lady-like and said “WOW He [President Obama] wakes up to this every morning,” but that hasn’t stopped Twitter users to come out in droves calling him a racist and even threatening his life.

One would think that given his celebrity, Scott Baio would know better than most the importance of showing discretion online. Yet, along with many other celebrities, Baio doesn’t seem to understand that what they do on the web is going to put under a microscope and analyzed by thousands of people. In an age where we are all microcelebrities, the real celebrities should be even more concerned about their online reputations.

While I doubt Baio’s problems will be enough to drive him off Twitter (like some other celebrities) it’s become increasingly apparent that everyone who tweets should be careful about what they say and how they say it.

If you’re an avid Facebook user, you may have noticed an interesting development. Over the last year or so, the number of older users (older being a subjective term referring to users 35 and up) has increased dramatically on Facebook. We first wrote about this development over the summer, and it hasn’t stopped since. In fact, it this increase of older users that has helped propel Facebook to its current gargantuan size, more than 350 million users worldwide.

It’s not just Facebook that’s seen an explosion of older users either. Across the board, social media websites are seeing an increase in the number of older users. What’s more, they are not only signing up for the sites, but actively participating in conversations and creating new content. Of course, “participating” can mean a lot of things. Are you participating if you’re on Twitter, but only follow and don’t tweet? What if you leave comments on blogs, but don’t have a blog yourself?

Recently, Forrester Research created a pretty cool graphic that visualizes web users as rungs of a ladder. In analyzing this new wave of older social media users, they came up with a new category: Conversationalists. Conversationalists are social media users who use social networking websites to have, well, you know, conversations. Forrester deemed an individual a conversationalist if they posted an update to a social networking website or shared a Twitter update at least once a week. Some of the other categories on the list include Creator (that’s me), Critic, and Spectator.

Where do you fall on the Internet usage ladder?

Truthfully, my Internet behavior would place me on multiple rungs of the ladder, and, increasingly, I would say that’s the case with the majority of web users. As people become more and more aware that their actions online have consequences in the real world, we are seeing an increase the number of people who actively focus on personal branding and reputation management. If Forrester releases another version of this graphic next year, I’m willing to bet that the number of creators will rise substantially.

For more analysis of Forrester’s findings, check out this article from the Wall Street Journal as well as Liz Gannes’ excellent coverage at GigaOm.