Who cares about privacy? In a research effort I began a year and a half ago I asked myself that question.  I didn’t care about the ‘right to privacy’ someone claimed when a photo he posted on Facebook came back to haunt him in his search for post-college employment. What changed? My relationship with Facebook began just four years ago, the summer after I graduated high school and began the obligatory dive into all Facebook had to offer. Facebook and I were cool back then. I posted photos and talked to my friends. And then news feed was announced: all of our information was suddenly out there on display, for more than a few Facebook stalkers to find. Second, Facebook released Beacon opting me into an advertising program while displaying my activities on other sites without my permission. Third, the privacy settings I knew and loved were getting annoyingly complicated. Finally, in the last few months, Facebook eliminated my control over some aspects of my profile, made privacy settings even more complicated and began opting me into ‘instant personalization’ and sharing more information with third party developers.

     My happy go lucky relationship with Facebook changed. I questioned my fun-loving partner and started an 18-month research binge to complete my honors thesis at Stanford in May, just when the Facebook privacy hailstorm was raining down on Zuckerberg’s birthday.  Before everyone threw their hissy fits, I had my own reasons for questioning Facebook’s privacy changes.  My relationship with Facebook (and the relationship of many other college students) was once thought of as one where we were on an equal playing field.  Serve me your display ads and I’ll post my information and photos on your site to stay connected with friends. That was the deal. I was aware of the privacy policies and TOS agreements. Facebook changed them again and again, giving me less control of my information and changing so rapidly I couldn’t keep up. A few days ago, a friend asked me how to add people to her limited profile list. I went out on a search through 45,000 word FAQ pages that gave me the wrong answers and couldn’t even find my limited profile list to add people to it. We all perceive that we have less control and we’re certainly less informed than we used to be about Facebook’s intentions for its future.

         In numerous Zuckerberg interviews, he’ll skirt the privacy questions and not give you the answers you expect from someone you once trusted to hold your information. In February 2009, Zuckerberg stated, “In reality, we wouldn’t share your information in a way you wouldn’t want.”  Oh really? So when you shared my information with Yelp without my permission, I really wanted that? There’s no longer a belief that Facebook will be honest and act in the user’s best interest.  Facebook only takes a step back with an apology when faced with legal action or a huge backlash from users.

     In looking at the design of Facebook’s privacy settings, the shortcomings and recent changes illustrate that the service I loved four years ago is a drastically different service today.  A few months into my research process, I asked myself - why is it so easy to share my information, yet so difficult to protect it? Facebook will tell you it’s because they want to give you control over every tiny piece of information. On the other hand, I argue that through choice architecture, Facebook has intentionally made it harder for you to control your information. When my friend found it too hard to edit her limited profile list, she just gave up. The likelihood is that most people won’t even go as far as the FAQ or asking a friend. Facebook knows this. It is not an accident of design and it’s negative choice architecture – pushing users in the direction they do not want to go. Why would Facebook do this? It’s time for the startup to make a profit and it’s coming with a price. It’s time to pay up with your information.

         We should expect Facebook to hold to ethical standards when using our information. And yes… there are ethical standards for using our information. Much of them are based off fair information practices we’ve held to for years in other industries. Here’s a quick tour:

• Facebook must notify you before it collects your information - Didn’t do that with Beacon or Instant Personalization
• Facebook should give you the opportunity to refuse consent to share – Nope, in fact, it forces you to share
•  Facebook should only use your information for the purpose in which it gathered it – No, you likely didn’t give your information out for the purpose of it going to advertisers without your permission
•  Facebook should ensure that the above exist to protect you – Security? What?

     Those concerned about privacy are not whining about change or ads or the fact that we can’t figure out those messy privacy settings. It’s not about some ‘right to privacy’ or reckless college photos that some are praying will just go away. It’s about the relationship we all hold with Facebook. It’s no longer a trusting one. The two-way street is under construction and we’re forced to figure out a new way to get where we want to go.

For more on my research effort, download my honors thesis or watch the video below.

The End of Privacy as We Know It?: The Ethics of Privacy on Online Social Networks

Share

My honors thesis in Stanford University’s Ethics in Society Program was completed in May of 2010.  I have posted it in its entirety below.  If you’re interested in learning more about privacy on online social networks, stay tuned to this blog for more! 

The End of Privacy as We Know It?: The Ethics of Privacy on Online Social Networks

Share