Privacy has become the watchword in social networking. We all worry about an invasion of our privacy, usually thought of as a direct release of confidential information or an indirect insight garnered by concatenating a lot of little separate pieces of information about us (e.g., knowing when to rob our house by noting travel plans or location of tweets).
Facebook is no stranger to privacy complaints. Despite its checkered past and flashpoint status, Facebook has no choice but to continue to test the boundaries of privacy — its business model depends on people divulging things about themselves. Its privacy policies have been gradually shifting, in ways users realize and in ways users don’t quite see or understand.
As an Electronic Frontier Foundation (EFF) post detailing the timeline of Facebook privacy policies concludes:
. . . the successive policies tell a clear story. Facebook originally earned its core base of users by offering them simple and powerful controls over their personal information. As Facebook grew larger and became more important, it could have chosen to maintain or improve those controls. Instead, it’s slowly but surely helped itself — and its advertising and business partners — to more and more of its users’ information, while limiting the users’ options to control their own information.
Recently, Facebook announced the Open Graph Protocol, which makes it easier for outside sites to share information with Facebook when visitors want to recommend a page.
On the heels of this new initiative, Technology Review interviewed Danah Boyd of Microsoft Research New England. Boyd is a social media researcher and a vocal critic of Facebook’s approach to privacy.
Facebook argues that social norms are changing, and the old definitions of privacy are outdated. Critics point out that Facebook itself is a major force in changing these social norms in its efforts to erode privacy to drive its business. As Boyd says:
I think the social norms have not changed. I think they’re being battered by the way the market forces are operating at this point. I think the market is pushing people in a direction that has huge consequences, especially for those who are marginalized.
We all inhabit multiple roles in life — employee, researcher, parent, spouse, child, friend, neighbor — and what may be fine in one role (sharing a long night with friends over drinks) may look completely inappropriate when seen by people expecting you to fulfill another role (boss, parent, spouse). Erosion of privacy erodes the bulwarks we expect between these, and that can make us nervous or prove embarrassing or awkward.
We’ve all seen religious, political, or social views of old friends and co-workers revealed on Facebook despite the fact that these views have never mattered to our relationships with these people and, worse, may make it harder to look at those people the same way afterward. You can’t unlearn the fact that Person A was just revealed as a Scientologist, for example.
As Boyd notes, it’s especially bad for teachers:
[Teachers] have a role to play during the school day and there are times and places where they have lives that are not student-appropriate. Online, it becomes a different story. Facebook has now made it so that you can go and see everybody’s friends regardless of how private your profile is. And the teachers are constantly struggling with the fact that, no matter how obsessively they’ve tried to make their profiles as private as possible, one of their friends can post a photo from when they were 16 and drinking or doing something else stupid, and all of a sudden, kids bring it into school.
Some reactions to these perceptions of privacy erosion are stronger than others. Some critics urge others to dump Facebook specifically, and accuse Facebook of nearly evil behavior. Business Insider has a list of 10 Reasons to Delete Your Facebook Account. They include:
- Facebook’s Terms of Service are completely one-sided
- Facebook’s CEO has a documented history of unethical behavior
- Facebook has flat-out declared war on privacy
The essential message from the full list is that Facebook is trying to redefine privacy to suit its purposes — commercial purposes based on a plan to become the dominant force online.
Expectations for privacy are very high among the critics of Facebook. As Thomas Baekdal stated in his first rule of privacy:
I am the only one who can decide what I want to share.
In light of this very simple and reasonable rule, it’s tempting (and perhaps too easy) to say that these social networks must reflect social expectations and norms as they exist, and not try to shift them to suit their engineering preferences, business models, or tin-eared anthems of social media utopianism.
However, a recent paper in arXiv calculates a mathematical threshold of privacy for social recommendation engines, one that is probably lower than current social norms would accept. The authors believe their calculations indicate a fundamental limit on privacy in social networks, and show that the more people and recommendations that are present, the more this threshold moves toward a lack of privacy. In other words, to get social recommendations, we have to give up some of our privacy — and the more people who share and seek social recommendations, the less privacy there is. As the authors state it:
This finding throws into serious question the feasibility of developing social recommendation algorithms that are both accurate and privacy-preserving for many real-world settings.
Facebook is a flashpoint among social networks — being the leader, it’s on the forefront of criticism. But if this recent paper is correct, the genre itself may demand a change in social expectations of privacy among users. It may not be Facebook’s fault or Mark Zuckerberg‘s business cynicism at work. It may be reality, and the critics may just be scapegoating Facebook.
Perhaps Facebook’s sense of shifting social norms is right, informed by years of watching a major social network blossom around them. The trade-off their observations might have identified could be: If people continue to use and rely upon social networks, they are implicitly accepting a lower threshold of privacy.
20 Thoughts on "Is Facebook Eroding Privacy? Or Does Social Media Require Us to Lower Our Expectations?"
Important post, Kent. We need lots more like them.
I’d call upon tech journalists and bloggers to begin educating the public about what data are passed along with their wall updates and tweets and how companies can extract meaning from them. Getting the facts out there will help people make informed personal choices.
facebook clearly IS eroding privacy for those who choose to use it (I don’t by the way – for those very reasons).
facebook’s privacy argument doesn’t hold water as 6.6% of the global population (a generous estimate equating facebook users to actual active people) is a minority (though heavily skewed to certain countries). Furthermore their ‘argument’ such as it is, fails to reference the fact that they keep changing the terms of reference via the end user agreement. The majority of users will not spot the differences or appreciate the truth of what those changes mean. I bet most facebook users would think that their privacy settings are fine, regardless of whether that’s actually the case. People worry about what they can see – and privacy isn’t one of those things – until it’s too late (just ask Tiger…).
facebook does not in any way map reality based social networks to its system of networks. The very fact that it can automatically add you to groups based on your interests shows that facebook is not interested in the math of person to person interactions. It’s more like a virus in its behaviour, seeking to invade and then co-opt the mechanisms of its hosts in order to further propagate itself.
To me, facebook’s approach to privacy is not in its best interests. Surely from a business perspective, the most money to be made lies in the idea that “No Matter What Your Interests Are – we can connect you discretely to the people/services you are most interested in”. Taking the privacy is bunk approach, AND connecting that to peoples ID’s via facebook connect tools, leaves them open to a catastrophic breach of trust event (probably via one of their 3rd party developers), where something happens to cause massive numbers of users to leave.
Your final sentence, Kent, is prescient I think. For if the argument is that use of such a complex service as facebook implies implicit acceptance of all current and future changes to that service (regardless of ability to understand the consequences those changes), then a Data Bill of Rights is needed (one with a global reach – like the global convention on human rights). Facebook, like Google, does have the reach of a large nation state, and they need to behave appropriately.
Privacy is certainly changing; I’m not sure I’d say it’s eroding.
The teacher example is a good one, but it’s only applicable when the real world allows teachers to hide their private lives from their students. In many college towns this attempt isn’t even made.
For example, I just came from my brother’s college graduation. He went to college in a place where it was normal for students and teachers to spend their weekend evenings at the same places. What difference is there between observing behavior directly versus through Facebook?
One possible difference is in permanence. Going through college with faculty, you know more by the time you’re a senior than when you’re a freshman because you’ve gotten to know your teachers over the years. With online social networks, you can look up things from years ago about people — things that might have changed, affiliations they may no longer hold, etc. The more temporal and fluid “real world” social interactions don’t leave such a mark.
As I’ve said earlier on this site, there’s a great business opportunity being provided here. Privacy is the new luxury.
It’s often been said that if a site like Facebook started charging users, it would immediately be replaced. But there are those (myself included) who would pay for a premium service that offered strict and well-protected control over privacy and the release of data to third parties. I’m proposing a two-level business model for a social network. Make it free to anyone who wants in, with the understanding that everything you do is to be made public and repeatedly sold to anyone who wants to pay. Premium members pay a subscription fee and get to control their own exposure.
And as someone above also noted, I’m not on Facebook for just these reasons. As the artist Banksy puts it:
“I don’t know why people are so keen to put the details of their private life in public; they forget that invisibility is a superpower.”
Hi David – I understand your proposal, though cannot agree with it.
As Kent suggested in January, nobody survives in a culture in which privacy is not acknowledged as a basic barrier to authority. Everyone deserves this protection, not just those who can afford to purchase it.
Sorry Jean, I should probably have been more clear–this is not something I’m triumphing, or something I think is good. It is an outgrowth of the revenue gathering plans of those behind social networking sites, essentially their desire to rob us of an important right in order to line their own pockets.
What I’m suggesting is that it does present an alternative business model, one based on taking care of your customers rather than on abusing them. Social networks need a way to pay the bills. Right now, the only way they’ve found is to shred your privacy. Is there instead a place in the market for respecting your users?
The reason I suggest a tiered system is that social networks require scale, meaning large numbers of participating users to be valuable. They’ve repeatedly proven that if you start charging, then the majority of your users head to the next free site. While I’d prefer a site that was pay-only and that put the users’ privacy as their top priority, I think this is unlikely to succeed in the marketplace as it now exists. Perhaps as users learn to value their privacy over time, the balance would tip toward the protective, paid accounts.
That’s one of the reasons I avoid such sites altogether.
Hey, thanks for the thoughtful reply. An astute blogger wrote in February (wink, wink): Rememberthat social media shares a lot in common with pyramid schemes. … and I, too am cautious in my use of social networks.
Great graphic here showing the evolution of the availability of your private data on Facebook year by year.
Thanks for the intelligent take on this Kent,
There’s a lot of information lately, and I haven’t been able to process it all myself (thanks for the help!).
One thing you seem to hint at is that rather than eroding privacy expectations with regard to Facebook, Facebook is actually trying to erode our expectations for social media in general.
Maybe you’ve read that Facebook had a meeting with Foursquare; a company that tracks your GPS to pinpoint your location, and that people have taken apart the Facebook mobile app and noticed code for a “places” function.
Up until (well, 10 minutes ago), I’d just thought that they were trying to capture the thriving “exhibitionist” market (Foursquare, Blippy); but the pseudo-paranoid idea that they’re trying to break down privacy in general is starting to give me a BAD feeling…
Giles, Senior Editor, TrustWorks
If you want to see what this all looks like, go here: http://www.nytimes.com/interactive/2010/05/12/business/facebook-privacy.html?ref=personaltech
I seriously doubt that informed consent is possible in an environment like that.