Notes from the 5th Internet, Law and Politics Conference: The Pros and Cons of Social Networking Sites, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 6th and 7th, 2009. More notes on this event: idp2009.
James Grimmelmann, Associate Professor New York Law School.
There are plenty of motivations to use Social Networking Sites (SNS) and many risky ways for your privacy and security in using them. Why, then, keep using them?
SNS have profiles for their individuals, links to other people and a social graph that maps your network.
Your profile expresses and identifies, in some way, with your identity. But it’s not only what you say about you, but what your “friends” say about you: the people you befriend in a SNS is also adding up to your own identity.
People that you befriend, talk about you, comment the things you say or state, and links between users are created. Links that, all together, form a social graph where you can map your friends, the friends or your friends, etc.
Some false assumptions in SNSs
- If everybody’s doing it, you do it too
- There’s many people doing it, so I’ll keep unnoticed
- False sense of privacy, “I’m alone here”
- Feeling that everybody’s like us in the SNS
- Electronic mediation makes us underestimate the impact of our actions
- Distorted sense of (real) friendship and of knowing who the others are
- Feeling that everything is under control and that one can “see” everything
- Disclosure: letting some intimacies known on SNS can spread quicker and broader than anywhere else
- Surveillance: the mere sense of being watched all the time is by definition a limit to your own freedom (and scary and creepy to many too)
- Instability: assumptions about an SNS that prove wrong along time, leading to privacy issues, e.g. seein photos you shouldn’t be allowed to see, Facebook Beacon, bugs…
- Disagreement: you might not agree with some privacy issues, e.g. you can remove a tag from a photo, but not the photo itself. Or you would want to remove someone as a friend, but this someone feel hurt if you do, which leads to an embarrassing situation.
- Spillovers: my decisions might have consequences to your privacy. Your decision on your profile affect who can see my information (e.g. you decide your friends list is public, hence I appear on your profile)
- Denigration: defamation, attacks to persona, including how you present yourself. And this can be really subjective: how you match different groups of people (professional acquaintances, family, friends) reading the same type of information about you, without context, without filtering. And more: your profile can degenerate into an advertising platform.
- Clearer privacy policies, but how to make simple what is complex?
- Better technical controls to customize your privacy levels, better definitions, higher accuracy or detail in controlling your privacy setup
- Data ownership: you should be free to take your information and move it where you want, data portability. If I’m your friend on a SNS: whose is this information (i.e. “we are friends”), yours or mine? Data portability is a solution but also a way to circumvent and decontextualize some security issues about privacy
The same motivations that drive us into SNS are the ones that lead to mistakes, and mistakes lead to harms. This makes really difficult how to solve some problems related to privacy.
Most privacy violations are produced by ourselves,
we have met the enemy and he is us, it’s individual users (not anonymous big brothers) the ones that are violating privacy on a peer-to-peer basis.
Privacy violations spread as a virus: SNS are privacy viruses that spread from person to person.
Miquel Peguera: how should default settings be set? is data portability the solution? A: default settings should be set to more privacy friendly levels. New features, for instance, are set on an opt-out basis, not an opt-in. The problem with data portability is whose is the ownership of data, specially when this “ownership” is shared?
Q: why is Facebook’s newsfeed a weapon? A: The problem is that there is a huge granularity on what you (and Facebook… and advertisers) can see and use for several purposes.
Ismael PeÃ±a-LÃ³pez: isn’t privacy overstated? A: Even if that might be true, the question is that people seeked some cover in SNS thinking that they privacy was assured there vs. the openness of the broad Internet. And the fact is that people got outraged when they found they search for privacy had been violated. So the point is not whether privacy is good or not, but that some people’s desire for privacy was guaranteed and then systematically violated.
Q: What happens when privacy can lead to crime? A: A big difference between SNS and typical surveillance tools is that the later are held by the power that should be having this kind of control, and opperated on a transparency basis. Instead, SNS surveillance systems are more complex, distributed and highly out of control.
MÃ²nica Vilasau: are we more confident on the Net than offline? A: Psicologycal effects are really important in how we behave on SNSs.
DaithÃ Mac Sithigh: What are going to be the next steps of Facebook in the subject of privacy? A:
Facebook is an extraordinary arrogant company. Dealing with privacy discussion, they would acknowledge they made a mistake, but won’t move back and, especially, won’t loose control.
Q: Can we increase control on existing or new SNSs? A: What we’ve been seeing so far is that this is a major challenge, that what people look for in networks is exactly the opposite of what would be needed to make these networks more privacy compliant.
- Grimmelmann, J. (forthcoming 2009) Saving Facebook In Iowa Law Review, #94
- IDP2009: Saving Facebook, by DaithÃ Mac Sithigh
5th Internet, Law and Politics Conference (2009)
If you need to cite this article in a formal way (i.e. for bibliographical purposes) I dare suggest:
Peña-López, I. (2009) “5th Internet, Law and Politics Conference (I). James Grimmelmann: Saving Facebook” In ICTlogy,
#70, July 2009. Barcelona: ICTlogy.
Retrieved month dd, yyyy from http://ictlogy.net/review/?p=2375