LTE: Update the Northwestern directory to meet modern privacy norms
November 17, 2019
Privacy norms change over time. When I was little, the local phone company published a big book with the name, phone number and address of every person in the city. Nobody thought it was strange. It was called a “phone book.” Sometimes, when I needed to talk to a classmate about a group project, I’d just look up their parents’ names in the phone book and call them up. Sounds bizarre and invasive to modern ears, but it’s true.
You might be surprised to learn that Northwestern keeps a similar directory and that it includes your email, phone number and home address by default. Any member of the Northwestern community has access to it. Even people outside Northwestern have access to some of this information.
There is a process to opt out of the directory, but it’s somewhat hidden, and incoming students are included by default. This common university practice of the past century is so out of step with modern privacy norms — it’s illegal in Virginia. In the internet era, we have become so used to violations of our privacy for nefarious purposes that we tend to cherish our personal information. We reserve it only for people who are close to us and that we trust.
And let me confess, I personally place no such trust on the Northwestern community as a whole.
The Daily recently came under fire for using the directory to text students who attended the Jeff Sessions protest last week for comments. I won’t opine on that particular use of the directory but use it to call attention to the many other ways the directory could be misused.
An enraged student could use it to anonymously harass someone they dislike politically or someone who published an opinion they disagree with on a student publication. A stalker could get his target’s number or show up at her home without her consent. A fraudster is only one security question short of getting into some of your online accounts. All of these problems are exacerbated for members of vulnerable populations.
I call on the University to review its privacy rules to get in step with the norms of the 21st century. The directory should only list what students explicitly opt into, and they should be encouraged to share as little as possible. Students who wish to share their contact information have many safer ways to do so.
— Mauricio Maluff Masi, philosophy graduate student