Thoughts

Thoughts17 Comments
14
Apr 10

Twitter and the Library of Congress

I’m currently at the CHI conference, which is commanding all of my attention, but the news about Twitter and the Library of Congress is too big to ignore (see also Zimmer, RWW).  Quoting the LoC:

Have you ever sent out a “tweet” on the popular Twitter social media service? Congratulations: Your 140 characters or less will now be housed in the Library of Congress.

According to Biz Stone, Twitter will begin transferring all of their public tweets, after a six-month embargo, to a permanent, public archive at the Library of Congress.  Let me say something (probably) unpopular: I’m a little horrified.

If you talk to people about things shared online, you generally run into two assumptions.  The first is that things shared publicly are meant for the general public.  The second is that things shared publicly are meant for posterity.  Both of these assumptions are dangerous.  Some of my recent work has identified that people do share privately in public, and that individuals do engage in the grooming (i.e. removal) of content shared publicly.  danah’s found this.  So have lots of others.  If there’s anything we should know by now about social media, is that a deterministic, one-size-fits-all approach to privacy is a bad approach to privacy.

This is what makes Twitter’s “gift” troubling.  It assumes that all content shared publicly is truly public and for posterity.  Let’s consider some edge cases.  Bob has two Twitter accounts, one for work and a personal account.  Both are public, but the only way people find out about his personal account is that he tells people the obscure handle.  Bob wants to be practically obscure – private in public – without going to all the trouble of setting up complicated privacy controls.  So what happens, two years from now, when Bob accidentally discloses his handle in the wrong context, and he needs to remove some Tweets?

There’s probably a certain class of reader that looks at Bob and says, well, Bob’s out of luck.  There’s Google cache and third party tools and a whole host of other ways tweets are preserved.  The difference I’d argue is that these tools have certain properties – they react to API calls, they decay, etc. – that make them qualitatively different from a professionally managed archive.  Through the creation of a permanent, public, third-party archive, Twitter changes the privacy-management strategies that are going to be available to users in the future.  This is critical, because if Bob can’t trust his down-the-road privacy management strategy, Bob might share less today.

This is a great opportunity to plug the work of Helen Nissenbaum, whose most recent book Privacy in Context extends the argument for privacy as contextual integrity.  Nissenbaum argues that disclosures have contextual expectations, and that shifting these expectations constitutes a meaningful violation of privacy and freedom.  Even though the tweets are public, it is a fallacy to assume that digital content shared in public was created with an understanding that the content would end up in a third-party, government-managed archive.  Facebook’s helped us demonstrate again and again that privacy is both qualitative and quantitative.

Practically, there are some questions that Twitter needs to address about this move.  First, Twitter’s terms of service specifies that:

You retain your rights to any Content you submit, post or display on or through the Services. By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distribution methods (now known or later developed).

The way I read this is that as long as your content is on Twitter, Twitter can do what they want with it.  Fine.  But what if you remove your content from Twitter?  Wouldn’t Twitter’s licensing of your content to the LoC also expire?  Twitter needs to address exactly how we can pull our content out of the archive when we want.  Michael Zimmer thinks that Twitter users won’t have the ability to remove tweets from LoC, so how will Twitter rectify this in the terms of service?

A broader question is why Twitter didn’t just build this as an opt-in service.  Or even, less preferably, an opt-out service.  Is the collection so important that it is worth compromising user privacy?  I’ve got a feeling that there are certain assumptions around “public” content and the feel-good vibe of the Library of Congress that led to a lack of critical thinking about the implications of this move.  It’s time for Twitter to start sharing more information, opening up an earnest conversation about this move.

Noticed / Thoughts9 Comments
29
Mar 10

Facebook Again to Test Privacy Boundaries

I’ve been paying attention to the discussion regarding Facebook’s proposed changes to the privacy policy (so has Michael Zimmer, TechCrunch, RWW and VentureBeat).   The most controversial is a proposal for Facebook to automatically share personal information with third party websites.  The mechanics go something like this: If you’re logged in to Facebook, and you visit a third-party site that has an established relationship with Facebook, Facebook will provide the website with your General Information, which is:

“your and your friends’ names, profile pictures, gender, user IDs, connections, and any content shared using the Everyone privacy setting.”

How would this work in practice?  Let’s imagine that CNN and Facebook team up.  If you’re logged into Facebook and visit CNN, the website would be able to welcome you by your full name, display gender-relevant content, show you recommendations from the people in your network who also visit CNN, and so on.  Going a little further, if you share your interest information, CNN might be able to dynamically display stories that match your interests.

The level of disclosure proposed in this new policy is similar (or even identical) to the information disclosure required for use of a Facebook app.  The critical difference in the new policy is that while applications require an opt-in, it appears that this new process will require an opt-out.  Facebook spokesperson Barry Schnitt:

“The opt-out hasn’t been built yet. We just want people to know they’ll be able to opt out. We’ve made that commitment. There will be an opt-out right when the user gets to the site, and there will be some opt-out functionality on Facebook. But as to where the button will be or how it will look, I don’t know, because they don’t exist right now.”

In theory, there will be two opt-outs.  The first will be the hypothetical button that Schnitt talks about.  The second will be to log out of Facebook and remove the Facebook cookie.  In reality, though, if you’re a Facebook user, you can never really opt-out, because any time a Facebook friend visits a third party site Facebook will share some of your information with that site.

Although it is a good sign that Facebook has gone on record regarding privacy control, the previous comment reveals Facebook’s cavalier attitude towards privacy.  Quite literally, they’re talking about pushing identity information of 400 million people around, yet privacy is treated as an afterthought – something they’ll figure out later.  When will companies like Facebook and Google start bringing privacy teams in at the beginning of the design process, rather than at the end?

Shifting topics a little bit, I see this move as notable because it marks Facebook’s first foray into large-scale warehoused behavioral targeting.  Targeting companies like Doubleclick (owned by Google) routinely mine our travels around the web, allowing third-party consumers to generate targeted recommendations based on our habits.  Because this happens behind the scenes, we’re less likely to notice it (which doesn’t make it any less troubling).  Facebook’s move stands to confront us with behavioral targeting, and they should consider the boundary they’re confronting.  It may not seem to be a big thing to have a third party website welcome you by your first and last name, but it is a paradigm shift on the web.

TechCrunch argues that it is time to sharpen the pitchforks, in preparation for the major backlash against the service.  Let me explain why this is frustrating.  In my opinion, the role of the privacy team is to navigate the necessary tension between our freedoms to disclose and how companies can ethically and morally profit from our data.  Facebook’s failures with Beacon or Google’s failure with Buzz are not “wins” for privacy; rather, they are losses for companies, consumers, and the market.

This brings me back to what is troubling about the “sharpening pitchforks” mentality.  It doesn’t and shouldn’t have to be this way.  Compared to Doubliclick, Facebook’s move really isn’t any more troubling – if the system is implemented properly.  And if the system is implemented properly, it could be a win – for consumers, for Facebook, and for third parties.  So how can Facebook navigate this challenge?  Let’s start with research, sensible design, and a different style of rollout than the traditional ask-for-forgiveness-later approach Facebook seems to believe in.

At Facebook’s current size and scale, they can’t afford to get this wrong.  Through research, testing, and a willingness to put the customer first, Facebook could navigate the challenges of this new feature.  But make no mistake, more than anyone, they are in the bulls eye right now.  And if Facebook does decide to play cavalier with privacy, the mobs TechCrunch describe will be waiting.

Thoughts2 Comments
25
Feb 10

Generations and Technology

Recently, the Pew Research Center released an interesting report about Millennials, a group described as “the American teens and twenty-somethings who are making the passage into adulthood at the start of a new millennium.”  The report is fairly wide-ranging, covering topics such as values, political and civil engagement, work and education, and technology use.  Using an RDD frame, the the report provides a useful, comprehensive picture of what makes the milllenials cohort unique.

A few years ago, on recommendation from danah boyd, I read Thomas Hine’s book The Rise and Fall of the American Teenager.  It is a wonderful history of the evolution of teenage identity.  Particularly interesting was the book’s social history of the management of teens excluded from the post-Industrial workforce (e.g. the growth of high schools, greater access to college).  In Hine’s book, the teenage years are cast as something of a holding stage between adolescence and adulthood, a social limbo of sorts.

Early studies of youth, such as James Coleman’s Adolescent Society, capture society’s perception of evolving youth cohort as exotic, needing to be managed.  To his credit, Coleman humanized youth, elaborating the social structures in which high school students developed status, affinities and values.  Regardless, the exoticisim of youth is a persistent and ongoing research thread.

Recently, developmental psychologists have argued that the social “holding stage” exists up to and beyond age 25 – a period of elongated “emergent adulthood.”  The individuals in this holding stage are interesting for a number of reasons, whether it be spotting emergent social trends, identifying new technologies, forecasting the future of professions.

This brings me to the question of technology.  When we talk about technology adoption, we often frame adoption through a generational lens.  For example:  Social networking is for young peopleTeens don’t tweet.  And my favorite, the assumption that digital natives have some sort of preternatural understanding of the inner-workings of operating systems and programming languages.

As a researcher studying adoption and use of technology, there is clear evidence that technology use varies by cohort.  Digital natives may not have superhuman computing powers, but it is likely they use some technologies differently (different tools at different levels) than other age-graded groups.  Since adoption of technologies by cohort is a value-laden concept (cf. Teens Don’t Tweet), I’ll use this post to highlight a few perspectives on what differentiates cohorts.

I’ll begin with a story.  When I was in college, the “social technology” my cohort used was instant messenger.  In our use of IM, we developed norms and expectations.  We knew what kind of communication was available, we had an idea of who would be present, and we developed codes of behavior.  The culture we created still holds today, many years after college.  And although many of us use newer technologies, the value of the context we created persists.

I would bet, that if we examined our own communication patterns, we’d find that these cohort-level structures guide a good deal of our use of social technology.  There are some people we email, some people we IM, some people we Facebook, some people we Twitter, and so on.  For some of these people we’ve fit the communication tool to our need (for example, IM’ing coworkers), but for others, we fit our relationship to the tool.

The fact that we communicate with different people in different media is not new or controversial.  But I think it is informative, and can help us better understand concepts of “generations” or “cohorts” and technology use.  If social contexts provide motivation for participation in a cohort-relevant technology, then it stands that participation has lasting (generational) effects.  One reading of this could be that the late-2000′s cohort will continue to use Facebook not for technical reasons, but for social reasons.  But then again, when do we ever make decisions purely for technology’s sake, other than counting pixels on the HDTV.

Sociology offers us the life course perspective as a way to understand generations.  Instead of a deterministic, age-graded approach, the life course perspective looks at the contexts, events, and technologies that shape a cohort over time.  Applied to technology, it helps us get past perceptions that technology is “for the young” (Club Penguin aside), but that technology represents an intervening effect that shapes the cohort.

The life course perspective allows us to inspect generational use of technology through a lens of access, networks, and motivations.  The technologies cohorts retain represent our social goals, the options available at the time, and the degree to which the technology lets us stay networked.  As we move through life, participation in new cohorts may result in the adoption and maintenance of new technology over time.  And perhaps this illustrates our growing concern with the “context collapse” inherent in Facebook; as the technology has become popular, communication cohorts that existed in other technologies have jumped into the single bin of Facebook (my email and IM friends are almost all there, but not my Twitter friends).

When we talk about technology, the question of generations comes up frequently.  By applying a cohort or life course perspective, we can move past deterministic notions of what technologies are appropriate for what generation.   At the same time, this social and contextual understanding may explain some of the reasons that generations retain technology.

Image CC A-N-SA by Circulating

Teaching / Thoughts8 Comments
16
Feb 10

What Google Could Learn From Goffman

In the week since Google introduced Buzz, the most interesting thing about the fiasco has been watching the company.  For an organization as risk-averse and PR-aware as Google, a public failure offers insight that can’t be gleaned from watching daily operations.  As Google attempts to fix the problems and move the conversation onward, I thought I might reflect on some of the teachable elements of this event.

First, a little bit of back story.  As part of my fellowship at the School of Information and Library Science, I teach a course about social network sites.  Each week, I sit down with my students to discuss the social, legal, ethical and privacy implications of social network sites, among other things.  Potentially noteworthy is that my course doesn’t spend a lot of time on social network science – graph theory, quantitative analysis of networks, etc.  Rather, we concern ourselves with the interaction of people with social technology at large scale.

In our readings and discussions, we’re often challenged to think about how people present themselves in technology.  When you create a profile in a social network site, or share a stream of Tweets, you’re essentially creating a representation of an identity.  As we’ve seen time and time again in Facebook, we run into problems when identities collide during “context collapse” – when people from a different segment of your life view an identity you’ve constructed for your friends.

Taken one way, it could be argued that this problem of separate identities reveals some sort of fundamental character flaw: “Why aren’t you the same person to everyone?”  As Google CEO Eric Schmidt pointed out, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”  It is the intersection of technology and philosophies like Schmidt’s that are causing companies like Google and Facebook to stumble again and again, creating “privacy nightmares.

Many of the readings in my class are influenced by Erving Goffman’s theories of identity and interaction.  Goffman, the legendary Chicago-school sociologist and former ASA president, elaborates in rich detail the process of social interaction in his books The Presentation of Self in Everyday Life, Behavior in Public Places, and Interaction Ritual.  In essence, Goffman argues that identity and interaction are performative, a concept that maps very well onto social network sites.  By “creating” identities, we’re not living dual lives, but rather engaging in a well-established performance of identity that lets us share the proper “front” in context.  We act differently on LinkedIn and Facebook because these sites have contextual norms, not because we’re duplicitous.

At the beginning of each semester of my class, I tell my students that they’re going to leave with a skillset that helps them negotiate human interaction with social technology.  I’ve sat up at night, pondering the value of such a skillset.  More than anything, the Buzz fiasco has driven home the point that we need interdisciplinary information professionals that can work with teams in negotiating the social implications of their tools.  These are the students I’m working with, and I wonder how Buzz would have rolled differently if their voices were brought to the table.

The builders of social technologies are challenged to manage the relationship between technical affordance and what is, for lack of a better term, human inertia.  That is, the tendency for people to act like people.  As Google Buzz engineers attempted to reconfigure our notions of a social group (work/friends/romantic/etc. was collapsed to “most frequently contacted”), they ran smack into human inertia.  Even though Google’s algorithms have likely figured out a more efficient way for us to group the people we know, it was simply too much to ask us to configure ourselves to the technology.

By fabricating new social groupings, Google ran head-on into Facebook’s biggest problem – that of context collapse.  When we merge social groups together, we are challenged to manage our disclosures across these groups, which have different norms of propriety.  How is it possible that Google didn’t see the potential problems of such context collapse at scale?  I’d like to offer a potential answer.

If you read a history of Silicon Valley (such as Katie Hafner’s or Michael Hilzitk’s), you’ll notice a theme of interconnection.  Silicon Valley’s tech economy is a dense series of highly entrepreneurial networks, where employment is characterized by acceptance of failure and short tenures.  The work of AnnaLee Saxenian reveals this trait as being fundamental in the Valley’s success; ideas are gestated frequently, teams assemble rapidly through the uncharacteristically large networks of oft-moving tech employees.  As good as this is for innovation, it is bad for the development of a social networking site.

Working in Silicon Valley is a classical embeddedness problem.   If you work in the Valley, it is likely that many of the people you know share similar traits.  They work at the same company as you, think about similar problems, went to similar schools.  Such homophily is beneficial for allowing entrepreneurial teams to assemble quickly, but it is bad for finding heterogenous opinions.  Consider the case-in-point of the Google Buzz test – it was rolled out initially to Google’s 20,000 employees.  These employees – similar on many traits, richly compensated, cognizant of privacy – are different in key ways from the rest of the Buzz ecosystem.  Perhaps the homophily of the test base accounts for how devastating edge-cases weren’t designed for, or perhaps groupthink shouted such possibilities down.  Either way, this is an important lesson about the pervasive problems of homophily when designing privacy systems.

While involving interdisciplinary information professionals like the ones I train in the design process would be a good step forward, it is easier said than done.  Just as Silicon Valley engineers collide with human inertia, the Valley has its own inertia of bigger, better, and faster.  Introducing the human perspective into such a culture is an ongoing, and challenging problem (see the work on Values in Design).  Right now, the market (and the opinion-sphere, to a lesser extent) regulates and acts as the proxy for human problems with systems.  I’d like to think that by introducing informed, professional voices to the discussion, we can move beyond this reactionary approach to privacy.  Perhaps Buzz is the case that moves this discussion forward.

Image used under CC-BY-ND, original source.

Noticed / Thoughts6 Comments
11
Feb 10

Google Buzz as Experience Pattern

Although Google has made a number of ventures into the social space (Wave, Latitude, Profiles, etc.), they have yet to capture audience and mindshare like competitors Twitter, Facebook, or Myspace. Google Buzz, an interesting and troubling new foray by the company, is the most recent shot across the bow of the major social players. Having spent a day or two looking at the product, I’ll share some of my early feedback.

At its core, Buzz is a content sharing network that exists loosely within Gmail and Google profiles; content shared publicly within Buzz is populated within Gmail and to the profile. To participate in Buzz, one must agree to have a Google profile, a place “visible on the web so friends can find and recognize you.” Notably, the Google profile is at the center of Google’s social search efforts.

As I’ve written in the past, Google’s has had to walk a very fine line with how they “reveal” what they know about your social circle. Realistically, Google sits on behavioral social network data that is of equal value to what is created in Facebook or Myspace. Mining our web search patterns, our chat and email logs, and our travels across the web with analytics, Google knows who we connect with. The challenge Google has always faced is putting this information into play in a way that doesn’t freak everyone out. Google Profiles were a first step in that direction, asking people to list their sites and friends with a promise of better search positioning (sound familiar?).

As the profile and social network play an increasingly important component in search relevance judgments, it is in Google’s interest to leverage the vast social network data it already has. With Buzz, Google can pre-populate friends lists in a slightly less than creepy way, and then leverage that information in social search via the profile. The big win with Buzz isn’t Google’s competition into Twitter or Facebook’s space (Buzz isn’t vaguely a Facebook or Twitter killer), but rather the data value Google is going to reap through a massive profile-creation effort. Buzz just might be glue necessary to encourage people to articulate the extant network connections in Google. For Google, it is more important that you use Buzz once than if you use it on an ongoing basis.

What are the implications of a system like Buzz? It is a pretty interesting case of what might be thought of as data leveraging. As more of our patterns are analyzed in a range of systems, corporations are going to be challenged manage our confrontation with our patterns.  I recall a conference I attended where some senior developers at a messaging analytics firm were discussing the creepiness factor inherent in showing people their behavioral patterns.  Experience and design patterns are rare for this sort of confrontation, and Buzz is an interesting case.

If such data-leveraged confrontations are going to become more frequent, we are challenged by implications of ubiquitous recording.  For example, Buzz is pre-populated with the “people you email and chat with most.”  One doesn’t need to be a Goffman scholar to know that a public listing of the people we chat with most presents social hazard.  It is remarkable to observe how often companies get the defaults of sharing wrong.

While we’re talking about privacy implications of Buzz, here are a few other points I’ve noticed as I look over the terms of service.

  • As I’ve mentioned, to use Google Buzz you must agree to have a Google profile created in your name.  Doing so shares things like your contact network and your accounts on other Google sites.  These are the defaults, which can be changed with effort.
  • You can’t delete your Google Buzz account.  If you create a Google Buzz account and wish to delete it, you have to delete your entire Google profile (killing your search listing, etc. at the same time).
  • If you wish to remove Google Buzz items, you must find them and delete them (“You have the option to remove your comments on others’ posts individually if you’d like”)
  • Finally, you are required to use your first and last name in Google Buzz (“you need to have a public Google profile which at a minimum includes your first and last name”)

Google Buzz is a truly interesting attempt from Google to leverage the vast social network resources that exist within their systems.  The implications of such a move are profound – for the company and for our experience with large-scale behavioral information.

Update: Google has responded to widespread criticism of the privacy defaults issue.  Many are uncomfortable with the following/follower pre-population, so Google has offered some new ways to manage these lists.  Notably, Google’s post still asks that you create a public profile – something completely unnecessary if you don’t have one already (that is, no one can see your pre-assigned contacts until they’re shared with a Google Profile).

I know this is cynical, but I’ve seen this happen enough to know that these “mistakes” often aren’t accidental.  As danah boyd has written previously, “In other words, this is “slippery slope” software development. Given what I’ve learned from interviewing teens and college students over the years, they have *no* idea that these changes are taking place (until an incident occurs).”  It is disturbing to see Google going down this road, trading PR for personal information as a calculated trust violation.

Thoughts4 Comments
11
Feb 10

Returning to Form

For all intents and purposes, this space has been defunct for the past year. I’ve posted announcements here and there, but for the most part I traded little “w” writing of blogging for big “W” writing of articles and dissertation. Reflecting on that choice, I’ve realized that both aspects of my written output are essential in my creative process. I can’t disentangle the big “W” writing from the little “w” writing, and I think I’ve suffered for trying to do so. With that as my explanation…

ThoughtsNo Comments
4
Nov 09

SETI Interview

This week, Peggy Orenstein and I appeared on SETI‘s (yes, that SETI!) public radio program to talk about Freedom.  Other guests on the program include Ray Kurzweil and Stephen Wolfram.

Link to the show (direct MP3 download)

The segment on Freedom is about 30 minutes in.  I enjoyed hearing Peggy talk about her work on the article, and her use of Freedom.

← Older Entries
Newer Entries →