May. 19, 2010

Posted by in Facebook, General | 8 comments

Why the Current Facebook Privacy Debate Matters

Privacy has been a hot topic of discussion among all sorts of technology-minded people lately. But take a moment to consider why this debate is even happening. One could list several events involving several companies that have all influenced the controversy, but generally, much of the talk stems from changes made by Facebook over the past year.

Why the Change?

And why did Facebook make those changes? There’s no technological reason for many of them. Nothing about liking pages or using social plug-ins forced the company to remove old access controls or make “instant personalization” an opt-out feature. Facebook’s executives made a policy and business decision to push users into more public sharing. In many ways, we’re having this debate because Facebook chose to make it an issue.

That’s not a criticism, simply an observation. In fact, many would probably say that Facebook was right to challenge ideas on privacy. Popular tech blogger Robert Scoble has repeatedly argued that Facebook’s changes bring many benefits to users. One writer at Fortune questioned any backlash and gave this response to Pandora’s new social setup: “My first reaction? Creepy! My second reaction: Cool!” Is it wrong to force users into a new situation that’s uncomfortable at first if it ultimately brings significant value?

In this case, however, the ultimate value to users remains unclear. Many users will certainly find advantages to a freer flow of information. But does Facebook really have the right to decide whether content people had previously restricted should now be available publicly? How can any of us judge whether the benefits outweigh the downsides for each user? Many users chose to put information in their profiles that they did not want shared beyond certain limits. If exposing that information seems trivial, are you certain you understand why the profile owner thought limits so important to begin with?

I would argue that by pushing the envelope on our understanding of privacy, Facebook’s leadership made changes that benefit the company, partly by also benefiting developers and partners. That’s not necessarily a bad thing – Facebook is a business and has to make money. But while those changes do benefit some users, perhaps even a majority of users, they also harm the trust of many other users who had shared private content on Facebook.

Where’s the Backlash?

In the short term, the benefits outweighed the downsides for Facebook. Several high-profile users have deleted their accounts, and others are following suit. But keep in mind that even if 10 million people stopped using the site, that would only be a 2% reduction in user base.

As the company faces widespread criticism and possible regulatory changes, you might expect Facebook to back down on some of their changes. I doubt it. Facebook’s executives know the company enjoys a very strong position in the market right now. They can afford losing 2% of users without breaking a sweat. And if people do leave, where will they go?

Given that level of security, why bother talking about Facebook privacy? Why does it matter if techie types bail on the service? Should we simply get used to having less control and move on?

To put it another way, should we let Facebook dictate our understanding of online privacy?

I realize Facebook will probably never go back to the way it once was and that there’s essentially no hope of meaningful competition in the short term. Yet Facebook didn’t reach this place overnight. Industry shifts take time. And many influential people in technology are often on the bleeding edge of such shifts.

Is Privacy Dead?

For the time being, though, Facebook users will likely react in one of three ways. First, they may not understand the implications of updates and keep using the site as before. Second, they might embrace the new capabilities and voluntarily unleash more content. Third, they will decide that they derive too much value from Facebook to let it go, and thus will, perhaps begrudgingly, keep their account – but they’ll be far more careful about what they post in the future.

I suspect that as awareness grows of how much data Facebook now distributes, many people will take more precautions in using the site. That’s not necessarily a bad thing – I’ve long argued for increased education of online dangers. People need to be careful online, regardless of how “private” a service seems. But care is not the same as paranoia or having to manage your identity the way a celebrity might. If Facebook wanted to increase intimacy and authenticity among online friends, they may find they’ve actually done the opposite.

Some people, such as Scoble or perhaps Mark Zuckerberg, have chosen to live their lives with “radical transparency.” Most of us probably still want to keep certain information private, and yet we routinely share that information with parties we trust – even online. I use my credit card number when shopping at Amazon, but I’d prefer they keep it to themselves. When I filled out web-based job applications last year, I often had to disclose my social security number – a small bit of data I would not want passed around. In a more offline example, I’ve often shared personal struggles with close friends in other states by talking with them on my mobile phone.

I realize that a determined hacker could possibly steal my payment info or even my SSN when I send that data to websites. I also know that my phone can be tapped or that my friends could repeat our conversations to others. But based on a wealth of factors, I make a decision to take those risks, since I judge the likelihood of these scenarios (especially given certain precautions I take) to be minimal.

The idea that any data you transmit to another computer should be considered public has significant merit. In practice, though, much of our offline lives face the same technical threat of publicity, and channels have long existed to share electronic data with only a limited audience. Most of us would not want the entire world to see all of our e-mails, and a range of businesses let only certain people access certain servers.

Which brings me back to one of my original points: nothing forced Facebook in a direction away from privacy. They chose it. I doubt whether they would have around 500 million users today if they had chosen that direction years ago. But even if Facebook now thinks I should share all of my content with everyone, I still find value in keeping some information limited. For me, that’s the essence of online privacy. And while one website with a very large audience may have reduced privacy by keeping me from using their features in a limited way, I will continue to exercise control over my data in other ways.

What Now?

The current debate about Facebook and privacy may seem confusing, futile, or even pointless. But it’s important to evaluate the background and ramifications of Facebook changes, especially given the company’s influence on industry trends. It’s important to realize that visible competition and meaningful alternatives to Facebook will require months or even years of development. And it’s important to understand how much privacy still plays a role in the way people manage and share information, whether online or offline.

Perhaps Facebook will end up right, and most people will move away from old ideas about privacy. But I’d rather see companies educate users on new features and empower them to choose more public sharing rather than expose previously private content and encumber such a change with illusory settings. Facebook may try to say most people don’t mind their new take on privacy, but I think they’ll find this debate is far from over.

  1. Ooh… I was just checking my settings before I commented.

    Initially, when they’d first done these recent changes, “Likes” was visible by everyone *despite* what you’d set likes & interests to be.
    However, I now see that likes can be restricted to friends only & also “Friends: Except … group” – which is what I’d set it to, only it was ignoring it.
    I’ve just checked & now Joe Bloggs can’t see my interests :)

  2. robertmunich says:

    Actually a 3G session is encrypted. Unless you are stuck on an older system, 3G blocks network impersonation and evesdropping by checking that session encryption failure was not initiated by an attacker. 3G also uses central storage of keys (not on transmitters but centralized provider switches.) This effectively blocks false base stations from honey potting you into connecting to them and then falsifying an encryption failure for the purposes of evesdropping.
    GSM and 2G are relatively exposed these days. Keep in mind if your device does not support 3G then the security measures are not in place merely because you are on a 3G network (downward autonegotiation will take place.)

    Likely you are good to go in discussing anything you want unless the NSA or CIA have you on their radar…but then you have other problems if you have provided them cause to do this. :)

    The offenses of Google (WiFi ennumeration and StreetView) here in Europe, and now the repeated facebook opt-out exposures is a more serious matter than I think most folks think. At least Germany has laws regarding privacy, and if facebook continues its offenses they open themselves up to a major lawsuit or criminal prosecution. Even in the USA, class action lawsuit for damages could loom on the horizon (we all know lawyers go where the money and attention is.) A business claiming ownership of personal data is tantamount to owning part of a person. This was abolished by Constitutional Ammendment.

  3. ttarvai says:

    If I choose to leave Facebook, theharmonyguy, what site do you recommend?

  4. You crack me up Joey. says:

    Lies by omission are still lies. You know better.

  5. robertmunich says:

    Follow up re. Google (hit the news one day after my last post.) Class action lawsuit regarding Street View Wi-Fi collection is underway here in Germany, and legal hold has been placed on the evidence. Zuckerberg must be in panic mode, since he has followed Google’s lead in the Washington Post with a Mea Culpa OpEd. You will love his 5 points in the article.

    Here in Germany, one must only go to police and claim an offense. They then have only to decide whether they will follow up. If they do, it costs you as a citizen nothing.

  6. Amazing stuff,Thanks so much for this!This is very useful post for me. This will absolutely going to help me in my projects .

  7.” Then a place to discuss various open the car to go Also, another good and thought taekwondo YOYO said she could not find on week, and at that Court entered a formal procedure, the first indictment by the prosecutor read out text” That woman did not laugh, tone and restore the seriousness of the bureaucratic, said: “then so be it, we look at, if necessary, we will inform your father Based on his own share of social relations more than ten percent and nominally dry stock Longhua architectural company that some of the country that would rather attack inside and outside the group to manipulate, finally got his wish in a standard, get a large amount nearly 800 million live children She did not speak, could not sleep She sent 1,800 to the family, he left 1,700


  1. Tweets that mention Why the Current Facebook Privacy Debate Matters | Social Hacking -- - [...] This post was mentioned on Twitter by Social Hacking, greychampion and Vladimir Nagy, sin3rss. sin3rss said: Why the Current ...

Leave a Reply