An important business aspect of investing in Second Life is proving return. Most people can enjoy Second Life and evaluate it based on if they are having fun there. Business don't have that luxury. In a pure commerce model you can use your bottom line as a judgement. I.e. "are you making money?" But most businesses in Second Life are not purely there to drive the bottom line, but have more abstract goals such as brand projection, community interaction, and exploration. To assess return on investment in these areas some sort of monitoring is necessary. Much like http-access logs can tell a lot about how users use your web site, simliar monitors can be written in Second Life and similar information gleaned.However useful these statistics are, as soon as you start collecting them you need to start thinking about privacy implications. At this point in time, it is probably a little premature to consider someone's avatar name to be personally identifiable information. However as a business you are not going to be satisfied for long with just knowing the number of people visiting your build. Optional surveys with low cost linden rewards can help establish baseline demographics of exactly who is visiting your sim. [There are, in fact, a lot of places out there that will pay you to take basic demographic surveys. I wonder if they are building databases associating avatar names with demographic information to sell!] I know that within IBM we have very strong standards in place for how we handle data repositories that contain PII. While there is a business need to collect such information, it is good business sense to have solid privacy policies in place for customer reassurance and it may even be a legal requirement in some places.So, to get ahead of the game, I have a suggestion. There are algorithms out there known as "one way hash" algorithms. These are functions that operate on data which transform it from one form to a condensed form. The condensed form is always the same for the same input data, and is highly likely (but not guaranteed) to be unique for a given set of values. It is also very hard to reverse and work out the original values from the condensed form. They have been used for years as checksums on messages and packets, and for storing digested passwords in clear text.In this context, it is possible to put an avatar's name through such a function. LSL even provides one llMD5String. For example, applying this function to my avatar's name "Jaymin Carthage" results in "7d022d06044604cd9fa14d93c41a6937". Each time you use the function on my name you will always get that same string. And it's very hard, from that string, to go backwards and work out it came from my name.One approach, then, in any reporting function you might write for Second Life is to not record an avatar's name, but rather a hash of their name. Since the hash is always the same, each return visit will produce the same number and you can develop a history of behavior for that avatar. But since your persistent information does not record their name, you cannot use that information to personally identify them and so their privacy is maintained.
|Jo Grant||Jaymin Carthage|