IBM’s submission to the Dept of Homeland Security regarding Social Media and Privacy

For a while I’ve been wanting to put together a longer post detailing the full background behind IBM’s Social Computing Guidelines and some our Social Computing experiences overall. While you can glean quite a bit about those topics by perusing some prior posts I’ve written and presentations I’ve given on related topics, unfortunately, I just haven’t gotten around to putting it all in one place.

However, I was recently involved in a small project that helped capture much of this content. Along with a few colleagues, I was asked by Harriet Pearson, IBM’s Chief Privacy Officer, to help put together a public submission to the Department of Homeland Security as part of their Privacy Workshops they hosted in Washington D.C. earlier this week. It was a great exercise to capture many of the lessons we’ve learned at IBM over the years about privacy, guidelines, boundaries and institutional opportunities in this space we now term social computing. The paper was selected for review at the workshop, so you can read the full submission here on the DHS site (warning, pdf).

There are a few parts I wanted to call out here regarding IBM’s experience in this area (I’ve added emphasis below):

As we all know, another major shift occurred early in this decade with the emergence of Web 2.0. These new capabilities were enormously empowering for individuals – facilitating not just global access to information, but the capacity for anyone to become a global publisher for free, in minutes. In addition, the distinction between “inside” and “outside” became far less exact or defensible. This holds enormous potential for enhancing collaborative relationships, but also raises significant issues with regard to security, privacy and governance

Based on our previous experience, IBM recognized the opportunity to tap into individuals’ use of social media as a way to flatten a geographically and organizationally dispersed employee population and to encourage more learning, collaboration and development – both inside the company and with external parties. Further, our research indicated that the personal interactions individuals have with IBM employees – online or face-to-face – have a more powerful influence on shaping the individual’s perception of IBM’s brand than any other form of communications, marketing or advertising.

With that in mind, in 2003 IBM was one of the first companies to provide employees access to social tools – blogs, social networks, wikis, video and podcast publishing — inside and outside the firewall.  We did so in order to encourage collaboration and provide greater outside exposure to IBM’s greatest asset – its employees.

In providing such unfettered access to Web 2.0 technologies, the company’s management – and IBMers themselves – were not blind to the need for appropriate governance and risk management in relation to how these tools are used.  In an effort to protect the IBM brand and employees themselves, in 2005 IBM became one of the first corporations to issue specific guidelines for employee behavior in social computing environments. Now called the IBM Social Computing Guidelines,  they were initiated and written in significant part by interested employees themselves, were created on an internal wiki, and continue to serve as the framework by which employee behavior is guided in these online social contexts.

By empowering all employees to participate and engage within the clear framework of the IBM Social Computing Guidelines, IBM and its employees have embraced social media in dramatic numbers. Following are a few examples of some of the tools most popular with IBMers: 

• Internal blogs: 60,000 users, 17,000 different blogs
• Internal wikis: 1 million page views per day
• Employee-created podcasts and videos: more than 8.5 million downloads
• Facebook: more than 70,000 employees
• LinkedIn: more than 250,000 employees

We believe that IBM’s experience over the past 25 years has shown that, with the proper guidelines and instruction for employees, the use of Web 2.0 technologies by large organizations can be managed and an open, more collaborative and efficient environment developed.

The paper then goes on to describe some more prescriptive recommendations for how the government can engage – safely – in these spaces. But if I were to sum it all up in just a few sentences, we believe the businesses – and certainly governments – have much to gain from empowering their employees to engage in these environments. And by working with employees to establish clear – but fair – guidelines for behavior, organizations can do so without opening themselves up to unsatisfactory levels of risk.

Take a read through the paper and let us know what you think.