Friday, May 11, 2012

What Happens in Facebook Doesn't Stay in Facebook


During the last 2/3 of this semester, I have talked about privacy on this blog. So I have decided to talk about Facebook and privacy as my "finale" of the semester. I might keep writing on this blog after the semester is over, so don't forget to keep coming back!! 

Facebook - The Online Profile that Gets You

According to a research study, there are more than 100 pieces of privacy-related information on Facebook’s online profile, including the user’s gender, marital status, age, number of friends, jobs, schools, profile photos, and so on.

Just less than ten years ago, when the world was introduced to Second Life(2003), World of War Craft(2004), and some other early stage social media, an Internet user’s online identity was still not very closely tied to the user’s actual identity. Although some of the users wondered about the real identity of the people that they met online, it really did not matter what you pretended to be on the Internet; at least it did not risk your job as your online profile was not taken very seriously.  

Now, when about half of Americans are on Facebook, and our devices help us upload our real life in real time, the nature of one’s Facebook identity and profile becomes somewhat different. It tends to resemble the user’s real life identity. Also, when the online society is closer to real world society, what is put out there onto the Internet is now considered as a serious reflection of real life.


Also, according to Boyd and Ellison, what makes social media unique is not that they allow individuals to meet strangers, but rather that they enable users to articulate and make their social networks visible. The backbone of social media networks consists of visible profiles. If you are in a social media network, sharing certain profile information in the network is inevitable, as social networking is somewhat restricted otherwise.

Online profiles are usually (at least partially) visible to the public and it is oftentimes viewed by employers, recruiters, supervisors and, of course, friends and family members. Then how seriously it is taken? Depending on how you present yourself, it might cost you your job. Recently, there was a court case in which the plaintiffs asserted that they were let go because of what they “liked” on Facebook, and Facebook profile viewing is now raising legal questions regarding privacy. This one-minute news video illustrates this issue:


However, the fact that the users have to reveal a certain amount of personal information to the world is not the biggest concern. The real concern is actually what the social media platform providers are doing to collect their users' private data and how they use/share it. 

On one of my past blog posts, I mentioned that Benkler has a way too positive point of view regarding the effect that the Internet and online community might have on us. As Benkler said, social media and other Internet tools may give us a better ability to publish and also to connect to each other, but this belies the fact that all the communities are now gathered into a very few service providers, and those service providers are businesses, which means they are aiming to make money.

One thing Benkler failed to consider in his calculation is the following:
Everything on the Internet is run by human beings, and there has to be central places to have the infrastructure work; for example, power hubs, servers, database storage, etc. All these core infrastructures are businesses and they aim to create revenue off of it. As an online business, social media platforms are not exceptions. While most of the social media services are free of monetary charge to individual users, they are asking for a different type of payment: your personal information.

What Happens in Facebook Doesn't Stay in Facebook 
- The Secret of the "Like" Button -



It has never really been a secret that Facebook collects our personal information, but did you know how? How many times did you click the "Like" button knowing that the action will allow the like button leave cookies on your browser to keep transferring your online behavior from that point on  for up to two years? Maybe you didn't know this until now.

Not only does your selection of the “Like” button show up on your friend's Facebook page as shown in this image below, it also keeps transferring your online behavior to Facebook and others.



According to The Wall Street Journal, Facebook, Twitter, and Google are informed each time a user visits a webpage that contains one of these company’s widgets, for example, Facebook’s “Like” and Twitter’s “Tweet” buttons.  These tools also let the makers (the companies and webpages that you click the "Like" button for) collect data about the websites you are visiting. The "Like" button notifies Facebook that you visited those sites even when you do not click on the buttons, according to a study done for The Wall Street Journal. This is how it works:



Facebook stores the collected data for two weeks. The data isn’t recorded in a way that can be tied back to a user, unless the user decides to “like” a webpage. Facebook asserts that they anonymize the data, but Warden (Pete Warden got his fame by scraping Facebook data!) says in an informative O’Reilly Radar essay that anonymizing data is harder than it sounds, and supposedly “anonymous” data sets have been successfully de-anonymized on several occasions. 

I mentioned above that Facebook is raising legal questions. As a matter of fact, the “Like” button indeed raised its own case in Europe. In August 2011, northern Germany announced that the "Like" button, with its ability to track a user’s movement across the Internet, violates German and European privacy law

Yet Facebook wants us to share more.

A Well Designed Strategy?

Facebook wants us to share more personal information with more people/(business) entities, so that they can place more micro-targeted advertisements on their sites and charge more money to the sponsors. The 2011 ad revenue of Facebook was over 4 billion dollars, and experts estimate the company's 2012 ad revenue will easily surpass 5 billion dollars. Make no mistake. They make their revenue by selling the users' information to their sponsors. 

Although, unlike other social media, Facebook is giving the impression that users have control over their privacy settings and have control over the visibility of the pages, the big social media platform has been changing its privacy policy constantly without users' consent. And it has consistently progressed towards one direction: lowering the bars to access to personal information. If you follow this link, you can see a brief summary of their privacy policy change that I previously posted on this blog, and if you follow this link, you can see in a timeline what Facebook has done with the privacy settings over the years as new features have been released.

Facebook recently launched the "ticker" feature on the site and it shows all the Facebook activities of the user’s friends. When the user moves the mouse over the activity, it shows details of the activity, which oftentimes contains the content of a “friend of a friend.”

Through the ticker, I was able to view activities of many people to whom I had no connection at all. The ticker has been in place since a few months ago with no advance notice or announcement. It was open like in the picture by default, but as of yesterday (May 9, 2012) it was collapsed by default with the expandable + mark on the right hand corner.

Privacy scholars Zimmer and Hoofnagle argued, in an op-ed, that the Facebook's privacy missteps are not examples of privacy clumsiness but are a successful strategy. They said Facebook follows the pattern of taking two steps forward with an aggressive misuse of personal information and creeping back the slightest bit once the criticism emerged. 

What Is The Problem? 

The real problem here is that we do not know "what information of our own is shared by doing what" on Facebook. While Facebook is taking advantage of their user information, the users have no idea what information is transferred to where/whom. We can always file a lawsuit against Facebook, if what they are doing is illegal. However, there are no clear legal standards or regulatory action on online privacy as of today. As lawsuits are reactionary, more robust regulations are in urgent need. Do people care about it? It seems like they do, as the following short video suggests:


The other problem and what really concerns me (and many others) about Facebook's arguably aggressive data aggregation is how safe all the data Facebook collects is. So far, there has been no major crisis in North America, but Facebook reported that it discovered a malicious code planted by the secret police of Tunisia that collected the passwords of every Tunisian citizen with a Facebook account, allowing them to hack into the Facebook profile of any citizen considered to be a political threat. This hack revealed contacts, who in turn become new targets of interest for the secret police.  As Morrozov said, aggregation of data may simply make the work of an authoritarian regime handy.

What Should I Do?  

Well... it is not easy to come up with one answer. For now, if you care about privacy, I will have to tell you that you should clear your cache on your browser as often as you can. Do not keep clicking the "Like" button for no reason and do not keep yourself logged in unless necessary. There also are some plug-ins like Disconnect that you can install on your browser to prevent unwanted tracking.
In the long run? I strongly support strong regulatory measures at least to disclose what data will be mined by which user action. Don't you think we have a right to be left alone?


*****



No comments:

Post a Comment