The Arrival of the Privacy Discussion
Unless you were living under a rock last week, you probably heard about the latest uproar by the traditional and blogger media about Facebook’s privacy (or lack thereof). As the site approaches its 500 millionth user, the world’s most popular social networking site can’t seem to shake the negative press surrounding its approach to privacy and security. In fact, privacy and security was such a hot topic at this week’s mesh 2010 conference that you couldn’t have a conversation where the subject wasn’t mentioned.
Back in the day, I was a Friendster user. I gave them my email address and a few details about what I did for a living, some general interests and that’s about it. That was in 2003. A lot has changed since then.
Earlier in the year, Read Write Web had argued that privacy is still important and that Facebook should be accountable and provide its users with full control over their privacy settings. The EFF argued similar points exhaustively. Posts last week by also highlighted the growing concerns as high profile industry leaders shut down their Facebook profiles, a major security hole exposed private chat conversations and even a member of Facebook’s own board suffered from the result of a hacked account. Danah Boyd, a favourite of mine since I first saw her at her SXSW keynote on privacy this year, has also chimed in with a self-described rant on transparency and her thoughts on Facebook as a utility.
With the growing concerns about privacy and security, a website called quitfacebookday.com (Matthew Milan and Joseph Dee) is rallying Facebook’s users and encouraging them to delete their personal profiles on the world’s most popular social networking coming this May 31. So far 3,302 users have committed to leaving the world’s most popular social networking site through the website and assuming that users actually cancel their Facebook accounts as promised on May 31, the loss of subscribers to Facebook’s almost 500 million base will be the equivalent of an allergy sufferer’s sneeze while facing into a wind tunnel, but to say this would be missing the point. Although many will argue that it’s not the actual number of subscribers that leave Facebook on May 31 that will matter, but the attention generated by this event to the mainstream audience, exposing the decline of privacy in the space where our children and us play (and work).
Matt McKeon wrote an insightful piece about the evolution of Facebook’s default privacy settings from 2005 until April 2010, based on its terms of service. As you can see below, privacy defaults for a brand new user expose nearly everything about the user with the exception of birthday and contact information.
Over the past several years, online services have helped us stay in sync with our friends’ daily lives, with little effort. All we had to do was upload our photos, contacts, emails, employer information, schooling, interests, birthdays, etc, etc. The data store is growing and the potential for misuse becomes greater each day.
This post isn’t a rant about what marketers want do with all of this data, although this is a hot debate amongst privacy advocates around the globe. This also isn’t meant to be a preachy post about the terrible power and ulterior motives of Facebook, Google Buzz and whatever other online service that might house data we expect to be protected. My concern is with the evil-doers that benefit from gaps in privacy and security do with our data and it’s a call to action to all those who would design a system that captures an email address, a phone number, a photo, or something as simple as answer a seemingly simple question, “What are you doing?”
We have a long way to go before we see improvements in the area of online privacy and it’s going to get a lot worse before it gets better. For starters, these online services must have incentives to protect their subscribers data. Right now, there are none. Perhaps we’re at the point where legislation will be needed to protect us, but forcing an organization to care about privacy through legislation isn’t my favourite option.
Until the big media backlash arrives and online users stand up and tell these companies it is unacceptable to use our data by their rules, users of these services are not in a strong negotiating position. Will they delete their online accounts with Google? Facebook? Sure, some will. But the majority will refuse. They’ve come too far and they refuse to go back now.
In light of our weak bargaining position, I’ll sign off with a polite request of developers writing social software for the web: On behalf of Internet users everywhere, please remember that you have been entrusted with data that may or may not seem important to you. Protect it anyway, at all cost. It’s an enormous responsibility and a thankless job, but it is the path we must take to build a better, safer Internet. Thank you.