The Social Media Security Podcast

I find that the only people saying privacy is dead seem to be those named in its will. Social media researcher danah boyd highlighted some of these conflicts of interest when she admonished, “No matter how many times a privileged straight white male technology executive pronounces the death of privacy, Privacy Is Not Dead.”

Privacy is not simply about confidentiality. Privacy is about control – you having control over the nature, disclosure, dissemination, and usage of your information. Privacy is about ensuring data exchanges happen under certain norms and in appropriate contexts.

Many Silicon Valley executives, however, seem to think users should embrace sharing most of their data with the entire web. This attitude is typified in a comment by blogger Robert Scoble: “We are all going to have to learn new ways to deal with privacy. Personally I think privacy is dead. Get over it. If you want it to be private don’t put it on a computer and don’t put it on the Internet. My entire life is public. If you want, you can search for naked photos of me (there are three out there).”

But can we really extrapolate the experiences of certain social media personalities and apply them to web users in general? Would we be as comfortable with a thirteen-year-old girl commenting that you could find three naked photos of her online?

In fact, the incongruence between Scoble’s public living and the worlds that even other US bloggers navigate became apparent in a post by Michelle Greer on geolocation. Greer does not oppose geolocation services, but she does note how they can increase risks for a person dealing with stalkers. And such risks are not eliminated by the person simply avoiding these tools – if trusted friends start using them without careful thought, an attacker can exploit data beyond their target’s control.

Robert Scoble may be able to have his entire life public, and in an ideal world, perhaps everyone else could too. The difficult reality, however, is that people in a broad range of circumstances require a greater degree of privacy to thrive socially – and at times, even to survive.

Of course, Scoble is far from alone in his outlook. I often see reactions to various stories that include sentiments I can describe at best as oversimplifications or misunderstandings. In some cases, these ideas seem to carry an appalling amount of arrogance as well. I’ll give four examples with short rebuttals:

• “No one cares about what you ate for breakfast.” What if you died of poisoning one morning? Suddenly your family, the police, and many other people would care very much about your breakfast. But while I could offer dozens of other similar scenarios, they can distract from a more important point: Who are you to decide whether anyone cares about my breakfast? Why should I or others rely on your judgment in determining the value of the information that I choose to share? We all know people who care about details as mundane as our meal choices simply because of their relationship with us, even if that knowledge seemingly provides them no tangible benefit (unlike the poison investigation).
• “What use would basic profile data be to a malicious third party? Disclosing it would not really matter.” This perspective includes an informal logical fallacy familiar to many in the scientific community: an argument from incredulity. In other words, since the questioner cannot imagine a certain scenario happening, it must be impossible. As before, I could easily frame a few situations where simple information disclosure could cause serious consequences for a given user (and the Google Buzz roll-out provided real-life examples) but doing so would fail to address the real issue: Only a profile’s owner has the knowledge and background required to outline all possible implications of disclosing their particular bits of information to various other parties.
• “If you don’t want everyone to see certain content, you shouldn’t post it online to begin with.” Nearly everyone who routinely interacts with websites sends them content that carries expectations of confidentiality. Would you be comfortable with sites publicly sharing your credit card information? After all, you’re not liable for unauthorized charges, a point Blippy noted after a few of its customers’ credit card numbers leaked out on Google. The flexible nature of the Internet has always allowed people to share content in a way that limits the audience. Nothing technological has to prevent users from enjoying degrees of disclosure between encrypted e-mail transfer and publicly indexed web pages.
• “Participating in social media is a choice. If you don’t like Facebook/Twitter/etc., don’t use it.” This advice assumes that personal choice is the only determining factor for using a social media service. Under the same assumption, I could argue that driving a car, using a mobile phone, having indoor plumbing, and buying groceries instead of farming are also choices no one is forced to make. Many Facebook users could leave the service in the sense that doing so would not affect their physical survival, but many of them cannot leave Facebook without significant negative effects on social, relational, and perhaps even economic aspects of their lives. Once again, few of us are in any position to evaluate such situations for other individuals.

In essence, no social media executive can assume that he or she understands the ramifications of reducing user control over information. No algorithm can make the same social judgments a human being can. And yet, what sort of trends do we see in the market? As an example, Facebook has gradually widened the definition of “publicly available information” while also adding features that aggregate and publicize data unexpectedly.

As Bruce Schneier notes in an excellent video presentation, however, you and I are not Facebook and Google’s customers. We are their products. They sell information about us, and hence they have a business interest in us sharing more information with more people. Yet for us, this approach tends to increase the amount of noise we deal with. I would submit that the market for online social networking needs to shift towards a model where business interests somehow align with users’ best interests. Obviously such a proposal is easy to state but difficult to implement and monetize, but it’s time we started rethinking how we approach these services.

For instance, many social networking sites have been structured more around technological paradigms than social ones. Most sites include a private messaging feature generally intended for confidential, one-on-one communication, then a method for sharing information that’s generally public, but perhaps includes features for limiting the audience. Perhaps we should design a more fluid communications system that reflects the sort of individual and group interactions we make offline or shoehorn into existing online services.

Another practical step towards ensuring user privacy would be to implement restrictive default settings. Which would be worse for the user: posting content privately that was intended to be public, or posting content publicly that was intended to be private? Rather than require a user to complete long lists of privacy settings prior to engaging with a service, keep content locked down by default and make it simple for a user to then open up their content more broadly.

Privacy is not dead, but many of today’s web applications seem intent on killing it. We desperately need alternatives that empower users with intuitive, defensive privacy controls. Note that by calling for better privacy models, I’m not saying we should avoid public sharing. If users want to live as Robert Scoble, a social media service need not stand in their way. (While Facebook once had more restrictive privacy defaults, it also used to prevent most content from ever leaving the site.) But rather than assume most people are Scobles, we need to find value in also enabling less-public sharing and protect the information that users themselves value.

I do agree with Scoble on one point: “We are all going to have to learn new ways to deal with privacy.” I also see a grand opportunity for entrepeneurs to help shape those “new ways” while keeping privacy very much alive.