You couldn't pay me to be in college again, faced with a choice between being a coward for complying with this downward spiral of data security, privacy rights and legal protections, or being a criminal for resisting and asserting what was until recently fair use and an acceptable level of misbehavior.
But one of the classic mistakes in information security programs is the treatment of end users as cattle. Just as RIAA and MPAA underestimate the power of their consumer and compliance targets, don't underestimate the kids' capacity for understanding and reasoned response.
More are learning that personal data is theirs to control. While the concept that their own self-published data lingers is an obscure one, even many younger pre-teen (and hopefully pre-MySpace) kids do understand that others' personal, medical or financial data is not theirs and is ethically off-limits. In some cases there is encouraging legal news to nudge kids in the right direction, if perhaps in a ham-handed fashion.
At the same time, kids inevitably will form a personal ethic about what data is not theirs but ought to be obtainable. However, impossible terms for information access will be met with resistance and eventual defeat as they grow older and put some sense back in this badly broken system. Vox populi, vox Dei.
Jon Espenschied has been at play in the security industry for enough years to become enthusiastic, blase, cynical, jaded, content and enthusiastic again. He manages information governance reform for a refugee aid organization and continues to have his advice ignored by CEOs, auditors and sysadmins alike.