Posts Tagged: privacy

Noticed / Thoughts4 Comments
5
Mar 09

Facebook and the Death of Networks

InsideFacebook reports on the coming “opening up” of Facebook:

After Facebook’s press event yesterday announcing public profiles and the real-time home page “stream,” I briefly chatted with Mark Zuckerberg about the future of sharing on Facebook. Essentially, Mark said things are headed toward a hybrid model in which some information shared by users can be private and some information shared by users can be public, depending on users’ preferences.

This direction means users will need to think in new ways about sharing on Facebook. Historically, sharing on Facebook has been managed through Facebook’s robust privacy settings, with most of the default settings being set relatively strictly (usually limiting access to most information to others in your school or regional networks). Now, Facebook users will also have the option to easily share some information much more openly – even completely publicly for the whole world (and search engines) to see if they so choose.

While Zuckerberg said Facebook is still working on the user interface that would make such sharing settings robust and easy to use, these changes are going to have significant implications for the nature of sharing on Facebook.

Perhaps.  One of the stories that doesn’t get talked about much is the massive shift towards privacy in Facebook in the last few years.  In studies I’ve run, and in data I’ve seen, there is (and has been) a clear migration towards friends-only profiles in Facebook.  In my opinion, this is the result of 1) increased awareness and comprehension of privacy risks 2) context collapse and 3) the aggressive nature by which Facebook manages the community.  As I’ve written previously, Facebook’s users have adapted to this new reality, and accordingly enforce a high level of information control.  We’ve studied online community long enough to know that users won’t change practice simply because the community has new features.  To that extent, we shouldn’t expect Facebook’s move towards openness to radically affect the community.

I see this move as the death of regional networks. Facebook’s initial genius was to segment schools by network.  Schools are unique; they are closed communities full of individuals who interact daily, who share a strong common bond.  Because of this very strong group identification, Facebook users felt comfortable sharing and disclosing to other members of their school network.  When Facebook opened to everyone, they attempted to replicate this success by introducing regional networks.  As one might imagine, regional networks are vastly different from school networks.  There is no verification for entry, the networks are much larger and much less cohesive, and the group effects are meaningless.  Regional networks were simply an arbitrary segmentation so Facebook could keep up the master-plan nature of its community.

Fast-forward to 2009, and a few things have changed.  Primarily, lots of people have Facebook accounts.  Unlike college students who are heavily focused on interacting in their local, university network, older users operate without a focus on location or geography.  You don’t care about what network Bob from First Grade uses, because the nature of interaction isn’t about browsing Bob’s profile – it is about establishing a friend connection.  For older users, Facebook is much more about point-to-point use than browsing interaction (and if anyone wants to lament the “devaluing” of Friendship, they should consider how the system forces people into friendship to accomplish informational goals).  This nature of interaction has largely rendered regional networks and their privacy functions meaningless.

This takes us back to the original question – will all this new openness radically affect Facebook?  No.  Facebook’s contexts collapsed a long time ago.  Facebook is already open.  Users factor this openness into what they say and do, who they friend, and the privacy settings they maintain.  Sure, publicity seekers will like this new openness, but there may be a reverse incentive for other users.  This semi-openness may make users more findable, forcing more awkward friendship negotiations and context collapse, leading to reduced sharing of information (the lifeblood of Facebook).  This shouldn’t be taken as a criticism of Facebook, but just as a reflection of the social realities of a massive online system with real-world implications.  If everyone in the world was on the same listserv we’d behave the same way.

Upsides for Facebook?  This is a great chance to become a huge peer content-distribution network.  Take photo galleries.  If Facebook stepped their game up a little in photo galleries (hosting multiple size photos, offering printing services, etc), it could easily compete into the territory of Flickr, Kodak or Snapfish (Note: Why FB, with their 11 Trillion photos, hasn’t done this meaningfully yet is beyond me).  There are many valuable products that Facebook could provide via the public profile, any number of which are monetizable and provide real value (i.e. not just network value).  This would mark a serious legitimization of Facebook as a business – sort of like an inverse Google.  In the case of Google, you spread yourself over all of their services.  With Facebook, the individual would be the center of the network, and their profile could be a place for search, hosting, file sharing, chat/videochat, photo hosting, blogging, microblogging, and so forth.  As unglamorous as it sounds, there is still a huge market to be people’s webpage.

Noticed / Research / Thoughts10 Comments
18
Feb 09

How Facebook Should Address User Rights

Earlier today, Mark Zuckerberg announced that Facebook would be significantly revising the new Facebook terms of service.  He writes:

Going forward, we’ve decided to take a new approach towards developing our terms. We concluded that returning to our previous terms was the right thing for now. As I said yesterday, we think that a lot of the language in our terms is overly formal and protective so we don’t plan to leave it there for long.

Our next version will be a substantial revision from where we are now. It will reflect the principles I described yesterday around how people share and control their information, and it will be written clearly in language everyone can understand. Since this will be the governing document that we’ll all live by, Facebook users will have a lot of input in crafting these terms.

Of the changes, Michael Zimmer writes:

Consider their declaration that “We won’t use the information you share on Facebook for anything you haven’t asked us to.” Ok, well, I never asked to be opted into an automatic News Feed, nor did I ask to be a part of Beacon, but Facebook used my data for these purposes without my informed consent. Will they do it again? Will a more robust behavioral targeting system be implemented? Will I have asked Facebook to use my proifle data for that purpose?

Zimmer’s comments reveal the fundamental conceit of this discussion – what is “our information” in Facebook and where does it begin and end?  Put another way, it is easy to imagine a photograph we upload as “our information.”  But what about the pokes we send into the ether, or even more abstractly, the deltas between our logins as recorded by Facebook’s servers.  All of this is “our information,” and all of this information would be coveted by marketers.

I would like to argue that the idea of owning one’s information in the context of third-party systems is impossible.  “Our information” is used, reused, extracted, archived, analyzed, recombined, logged and backed up in so many ways by third-parties, the idea of actually owning it (meaning we could “remove” it at our discretion) is an impossibility.  More practically, if we did own our information, we would be able to do just as Zimmer states – opt out of Newsfeeds, control how our information flows through Facebook.  I don’t forsee this happening any time soon.

To Facebook’s credit, I believe the terms update actually reflected this reality of information ownership dilemma.  There are so many derivatives of information, the company couldn’t reasonably promise ownership.  Information almost inherently shape-shifts in technical systems; this information-derivation “problem” affects everyone from Google and Yahoo to the lowliest blog.

How can Facebook address this issue?  First, Facebook needs to move the discussion away from this overarching concept of “information.”  Facebook cannot truthfully promise ownership of all of our information, at least to the extent is passes a “removal” test.  Second, Facebook needs to study user perceptions of information in the site.  For example, HCI literature shows us a number of gaps between “observable” information and systems- or backend-information.

A user may consider her pictures as information, but they may not consider their attention data as information.  By understanding the user’s conception of information, it can more accurately craft a terms of service that reflects user’s needs.  Facebook is ultimately responsible to its users.  While policy wonks may deride a system that does not promise “absolute” control, Facebook should focus primarily on user conceptions of information and start building the policy out from there.

Facebook should also adopt the following practical suggestions.  First, Facebook should place a reasonable lifespan (eighteen to twenty-four months) on information users identify as important.  Facebook should delete my pictures within two years from the time I remove my account.  Simple as that.  Second, Facebook should work with a few policy and ethics organization to create a Facebook code of information ethics.  A few members of this organization would comprise an external board that could review and approve that new features are in-line with the code of ethics.  Finally, Facebook should hire an ombudsman.  The ombudsman should be hired for a contractually-tenured period and be given a blog on a third-party server.

Mark Zuckerberg talks about Facebook as if it was a country.  If Facebook were a country, it would more accurately resemble North Korea or China than the United States.  Facebook must move forward aggressively to institute better corporate and ethical governance.  Facebook is in a very critical phase, where a new audience is flooding in.  Investments made into protecting user rights will be recouped many times over.  However, if Facebook does not act aggressively, or it simply pays lip service to the problem (e.g., just creating a Facebook group), they stand to alienate this increasingly older, more rights-aware audience.

Noticed / ResearchNo Comments
5
Feb 09

Legal Analysis of Social Marketing

Bill McGeveran has posted a draft legal analysis of social marketing, to appear in the University of Illinois Law Review.  Bill writes:

I’ve completed a manuscript for my newest journal article, which began life as some posts (starting here) musing about the legal implications of Facebook’s then-new advertising programs, including Facebook Beacon, which notified users’ friends of their purchases.

The abstract:

“Social marketing” is among the newest advertising trends now emerging on the internet. Using online social networks such as Facebook or MySpace, marketers can send personalized promotional messages featuring an ordinary customer to that customer’s friends. Because they reveal a customer’s browsing and buying patterns, and because they feature implied endorsements, the messages raise significant concerns about disclosure of personal matters, information quality, and individuals’ ability to control the commercial exploitation of their identity. Yet social marketing falls through the cracks between several different legal paradigms that might allow its regulation — spanning from privacy to trademark and unfair competition to consumer protection to the appropriation tort and rights of publicity.

This Article examines potential concerns with social marketing and the various legal responses available. It demonstrates that none of the existing legal paradigms, which all evolved in response to particular problems, addresses the unique new challenges posed by social marketing. Even though policymakers ultimately may choose not to regulate social marketing at all, that decision cannot be made intelligently without first contemplating possible problems and solutions. The Article concludes by suggesting a legal response that draws from existing law and requires only small changes. In doing so, it provides an example for adapting existing law to new technology, and it argues that law should play a more active role in establishing best practices for emerging online trends.

This article along with James Grimmelman’s recent Facebook and the Social Dynamics of Privacy, are must reads for scholars interested in the legal implications of information sharing in online social networks.  Both are wonderful contributions from some very right-headed scholars.

Software / Thoughts1 Comment
2
Sep 08

Google Chrome Privacy Information

Via Vowe.net, the Google Chrome Privacy Policy (scroll down, soon to be located here).  It appears that Chrome will follow a pattern similar to the Google Toolbar – that is, all browsing behavior is sent to Google, but an opt-out is provided.  From the Chrome Privacy Policy:

  • When you type URLs or queries in the address bar, the letters you type are sent to Google so the Suggest feature can automatically recommend terms or URLs you may be looking for.
  • If you navigate to a URL that does not exist, Google Chrome may send the URL to Google so we can help you find the URL you were looking for.
  • Your copy of Google Chrome includes one or more unique application numbers. These numbers and information about your installation of the browser (e.g., version number, language) will be sent to Google when you first install and use it and when Google Chrome automatically checks for updates.  If you choose to send usage statistics and crash reports to Google, the browser will send us this information along with a unique application number as well.

The last bullet is particularly interesting – each Google Chrome browser is fingerprinted so it can be uniquely identified.  It should be noted that Google isn’t the first to fingerprint their browsers – Microsoft tags Internet Explorer with a Globally Unique ID.

As I previously noted, Google is allowing users the ability to opt-out of statistical reporting.  I worry that those who opt-out will not be provided the full browsing experience, compelling users to participate in the statistical reporting.  Furthermore, close attention should be paid to “advanced” features that provide additional reporting, above and beyond the standard statistical reports.  Google Toolbar contains a number of these features that report URL’s, typed information and page content.

The best approach is for Google to be extremely open with Chrome and its privacy practices.  Indeed, open sourcing the code is good – but Google should go a few steps further and meaninfully address the issue in a human-readable format.  Google’s argument about a next-generation browser is solid, and I would be willing to give it a shot.  First, however, Google must win my trust.

Hacks / SoftwareNo Comments
29
Aug 08

Firefox 3 Tweaks

I’ve recently moved to Firefox 3, and I’m pretty pleased with the performance.  Firefox 3 feels snappy, seems to handle JS and memory leaks well, and is all-around pretty impressive. Here are my tweaks:

I’m not a fan of the awesome bar – I simply don’t like interfaces (like Google Suggest) that create a lot of activity while I’m typing.  To disable the URL bar, set browser.urlbar.maxRichResults to -1.

Also worth noting is that the malware and phishing protection that come default in Firefox 3 do send your browsing history to Google.  This is not new from Firefox 2, but it is worth mentioning, as you are uniquely identified and correlated in the data.  To turn this off, de-select the two “Tell me…” options under Firefox’s Security settings.  I ran packet traces and verified this does stop Google data collection.

Noticed / Thoughts3 Comments
7
Jul 08

Ongoing Analysis of YouTube-Viacom

News has moved quickly since Wednesday’s ruling by Judge Louis Stanton in Viacom et. al. vs YouTube et. al., the landmark ruling ordering the transfer of all YouTube user histories. Foremost, Google has indicated it will not appeal the ruling, choosing instead to fight the battle in the court of public opinion. To that extent, Google lawyers have reached out to Viacom, offering to anonymize the transferred logs. Viacom attorneys seem to be open to the option, but have not agreed to anything binding.

Viacom attorneys have stated that they won’t be able to follow the RIAA model and suing individual users. In an article posted today, Saul Hansell of the New York Times disagrees, stating: “Viacom says that it isn’t going to use the information from Google to sue individual YouTube users for copyright infringement, but there is nothing under the law to stop it from doing so.” This wealth of information, tied with a ribbon and presented to Viacom, will present intriguing, appealing options. Why not sue YouTube users, demolishing trust in the net’s eminent video-distribution brand?

What role does Google play in this mess? While not a viable option for a public company, Google could have settled the lawsuit in lieu of turning over our information. Additionally, Google’s practices of storing information for 18 months – far longer than necessary – compounds the snakebite here. If Google regularly expunged or anonymized our records, damage could have been minimized.

As Google rolls over, it is hard not to be angry about the situation. Why does Viacom get a record of every legal video I’ve watched? What right do they have? Wendy Seltzer writes about the dangerous precedent being set: “I worry that this discovery demand is just the first of a wave, as more litigants recognize the data gold mines that online service providers have been gathering: search terms, blog readership and posting habits, video viewing, and browsing might all “lead to the discovery of admissible evidence” — if the privacy barriers are as low as Judge Stanton indicates, won’t others follow Viacom’s lead? A gold mine for litigants becomes a tar pit for online services’ user.”

Furthermore, this class of data – one generated in a seemingly private transaction between one’s self and a server – should be recognized and protected as unique. Not only for the particularly private nature of the information, but the scope of the information that comes with these log transfers. It is one thing to subpoena phone records, it is another thing to get a digital recording of every phone call one has made. This transfer is both content and history; that the information Viacom is receiving is federally protected only adds to the terrible irony.

NoticedNo Comments
2
Jul 08

Data Portability

From the Los Angeles Times, a particularly chilling story about social websites and third-party data:

Jane Yang, a 30-year-old marketing coordinator, was curious the other day to see what would turn up if she searched for herself on Reunion.com, a Los Angeles-based social networking site.

Sure enough, there was her name, which didn’t bother the Oregon resident all that much. Nor was she particularly troubled that her husband’s name was included under her “Friends & Family.”

What did startle Yang was seeing the name of her 4-year-old son.

What happened?

Jeff Tinsley, Reunion.com’s chief executive, said the company recently purchased records on millions of people from a data broker. But he said the broker, which he declined to identify, was instructed not to include anyone under 18.

“We have no idea how this happened,” Tinsley said.

Buried in the terms of service and privacy policies of many sites are such third-party data collection agreements. For example, Facebook’s privacy policy states “Facebook may also collect information about you from other sources, such as newspapers, blogs, instant messaging services…” Rapleaf, an upstart third-party data vendor, promises to “find information about people on the social web, on behalf of businesses and consumers.”

Information leakages, such as the one discussed in the LAT article, provide insight into the scope of third-party data collection operations. Amassing data from public and private sources, these databases correlate identities based on facets such as names, birthdates and location. Unlike credit or background databases, there appears to be no special regulation of these archives. Perhaps that will change, the more we’re confronted with our information.

← Older Entries
Newer Entries →