Thoughts on privacy and location: nosey neighbours and norming

This post is the extended version of the notes and research I made to prepare for a talk I gave at Local Social Summit 2010. Hence the length and odd format – if you’re thinking about or researching privacy, location and social media hopefully there’s some useful things here. Have a look at my Delicious bookmarks tagged privacy and location if you want to see the raw links…

Privacy is a complicated issue, to say the least. Giants like Facebook and Google regularly trip over it and look uncertain if not clumsy in their approach to it. Individuals are often either surprised to learn that this is an issue for them, or overly cautious about how they use the web.

Even as I started the talk and begin to write this post, I’m thinking of another post I need to write on the subject, along the lines of “designing for privacy”. It’s an issue everyone from developers to media and brand owners need to consider when thinking about the social web.

This is where I got to…

Privacy is a complex issue: Complex, but we keep trying to over-simplify it. Some talk about it as invioable right, without going into detail about what it entails. Web companies try to wish it away as an issue – I find it amazing that people as smart as Google CEO Eric Schmidt can use the“If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place” argument or Mark Zuckerberg can try to insist that the argument has finished and publicness-as-the-default has won.

Privacy is a proxy issue for people’s hope and fears about the web

In discussions I hear or read “Privacy!” thrown in like a rheotorical grenade. Bang! Stop everything! Privacy is under threat, and like motherhood and apple pie it is too precious to put at risk.

I sense that “privacy” is sometimes a catch-all term to encompass things that make people uncomfortable, their unease with social and cultural change that growing numbers of them realise is happening as a result of the web.

Privacy makes good headlines

Since I started researching for Me and My Web Shadow a couple of years ago, the number of stories about Facebook, Google and privacy in the mainstream media has grown. Last summer saw useful initiatives like Pleaserobme.com make the headlines and then be hi-jacked by insurance aggregators as a PR story, while the Daily Mail criticised BT “spies” who “trawl internet” conversations to find people having problems with the firm.

These stories are worrying because they raise fears about privacy without looking closely at the issues or giving practical advice.

ZZ52993CB0.jpg

People are often unaware of what they are revealing about themselves

Geo-tagging your photos can give away a lot of information about you, but many people don’t realise they are doing it. A project by a interesting bunch of security experts called I Can Stalk U is trying to raise awareness about this by using a crawler to gather information about where people are when they post photos to Twitter and then Tweeting an @ message to let them know (see the post about Educational stalking for a related initiative by a secondary school English teacher).

Even the very digitally literate get the odd scare, as Shea Sylvia’s story The Night I Was Cyberstalked on Foursquare shows.

The privacy debate in society may take place at a local level

It could well be that it is at a local levels that people face the implications and consequences of online publicness and start to work out where they draw the line between public and private, how the new social norms will work.

If local authorities are happy to abuse laws designed to combat terrorism to investigate and surveil their citizens for petty offences, it is likely that sooner or later we’ll hear of some bright spark trying to use geo-tagged photos and Tweets to prove parents are lying about the school catchment area they live in or not recycling their plastics in the appropriate way.

Privacy is not a personal matter

Writing Me and My Web Shadow coincided with my less geeky friends (“Hotmail friends” as Danah Boyd, once put it) really committing to Facebook, going past the addiction and over-enthusiastic social games phases and starting to use it as part of their everyday lives.

It became clear to me that what I did with my Facebook privacy settings and vice versa affected us all. If I post photos of people online, I make some decisions about their web shadow for them.

Discussion and social norming are required for us to work out how privacy works within our actual social networks. This is something we can and will all take part in…

Privacy is a fluid concept

Bill Thompson puts it really well in a talk he gave to the Lift Conference. Privacy as we understand, or understood it, is a new concept and one which may disappear or change radically.

The notion of people being happy to trade away their privacy is wishful thinking

Many people want to be in control of what appears about them in the public domain. Witness the “whitewalling” trend among young people spotted by (again) Danah Boyd. They want and need access to Facebook, but in order to remain in control of what is on their wall, who tags them where, they close down their accounts completely (temporarily) while they are not online.

Innovation can solve privacy issues

Sharing my location is useful, but sharing it permanently with anyone in the world who knows how to look for it is an unattractive proposition. Services like Glympse set a precedent for handling privacy differently from presuming openness is what people want – you can use it to send your location to people or broadcast it but after a period of time you choose – say a couple of hours – that information is deleted. In a similar vein Whapee is a photo-sharing service that lets you geo-tag photos anonymously.

Maybe “personal data management” is a better description than “privacy”

Obviously it is not – it is not very pithy for a start – but you catch my drift. What we talking about with privacy in the context of the social web is not “the state or condition of being free from being observed or disturbed by other people” (as my computer’s dictionary puts it), but being in control to some degree or other of what others observe or how they are able to disturb you.

We need to stay close to users’ perceptions of privacy

Point is, privacy, what privacy is, how people understand it and what they want from it is changing all the time. Different users will have different points of view, different personal policies. If you commissioning or building services and spaces in the social web you need to understand where they are at right now.

Privacy is a design issue

Perhaps I mean an innovation issue, and we’ve covered that above, but I suspect that applying design thinking to how users data, their privacy/publicness will be affected by a service would be useful. It is certainly something to be borne in mind from the outset in the development process.

Whitewalling: Teens create their own Facebook super log-off

201011161717.jpg

Here’s an interesting approach that Microsoft researcher Danah Boyd found a young person using to manage their Facebook privacy and presence:

Mikalah uses Facebook but when she goes to log out, she deactivates her Facebook account. She knows that this doesn’t delete the account – that’s the point. She knows that when she logs back in, she’ll be able to reactivate the account and have all of her friend connections back. But when she’s not logged in, no one can post messages on her wall or send her messages privately or browse her content. But when she’s logged in, they can do all of that. And she can delete anything that she doesn’t like. Michael Ducker calls this practice “super-logoff” when he noticed a group of gay male adults doing the exact same thing.

Mikalah is not trying to get rid of her data or piss of her friends. And she’s not. What she’s trying to do is minimize risk when she’s not present to actually address it.

It goes to show that despite a platform’s desire to push people into disclosure by default, users will find ways to make their own choices about how publicness works. Because for many young people not being on Facebook just isn’t an option.

I asked Shamika why she bothered with Facebook in the first place, given that she sent over 1200 text messages a day. Once again, she looked at me incredulously, pointing out that there’s no way that she’d give just anyone her cell phone number. Texting was for close friends that respected her while Facebook was necessary to be a part of her school social life. And besides, she liked being able to touch base with people from her former schools or reach out to someone from school that she didn’t know well. Facebook is a lighter touch communication structure and that’s really important to her. But it doesn’t need to be persistent to be useful.

In the comments and related Tweets to this post, we can see that this hacking of the way Facebook works to suit personal reputation / presence management is common. One Tweet from @Tremblebot says their students call it “Whitewalling” or “Whitewashing”, and that the practice requires an investment up front and then makes it easy to stay on top of what people are posting about in the way of comments, tags and photos.

Perhaps this is something I should add the second edition of Me and My Web Shadow in the workflow for managing reputation. Certainly, if Facebook were to take a leaf out of Twitter’s playbook it would think about adding this as an easier to use or more prevalent feature.

“Whitewalling” also looks like evidence for the notion that people, yes even digital natives, want to retain some control over their privacy and what the world sees and hears about them.

Educational stalking

Interesting to read of the English teacher who encourages their pupils to cyber-stalk strangers. It’s an excellent, practical lesson for them about just how much information people reveal about themselves online, often without considering the consequences.

Clarence Fisher explains his lesson:

Wanting to teach the kids in my class about concepts of digital footprint and online safety, I used three people well known from the edusphere as examples: Will Richardson, Jabiz Raisdana and Jeff Utecht. I introduced these three friends to the students in my class by giving them only a photo and a name. I simply told the kids in my class: find out all you can about these three guys.

The students made a list of places to search. They started with simply Google and then soon expanded to other places such as flickr, youtube, twitter, wordpress, linkedin, delicious and facebook. They expanded into a Yahoo domain search and searching other sites such as whois.net. Soon their lists of information began to grow.

Take a look at his blog post to see the detail they uncovered and noted on their classroom flip-charts. Granted the stalking targets are people who have chosen to live in plain sight online for some time, but the exercise is still a very useful one. This is an example of just one:

201011130937.jpgStalk. Stalking. Stalkerish. These are words which have found their way from the news pages into everyday vocabulary.

At the irritating, but mostly harmless end of things, I’ve heard young people describing someone who won’t take being ignored lightly (posting to their Facebook wall when texts, emails and DMs have been ignored is described as “stalkerish”).

Slightly more blood-chillingly there are the encounters with strangers that remind us that living in public online is not something to take too lightly. Shea Sylvia’s account of an unsettling phonecallin a restaurant from an unknown other while eating at a restaurant, is a reminder for us all that geotagging out location openly may not always be a good idea.

What a fantastic way, then, this teacher has found to show young people how managing their web shadow (or digital footprint as he terms it) is something to take very seriously indeed.

Via Ewan McIntosh

Transgressions: Noobs, boobs and Facebook privacy

A tangled web of transgressions...

Privacy is one of the most complex social, political and commercial issues on the web. It’s not a single issue at all really, it’s a seething mass of issues, struggles, norms being negotiated, lines being re-drawn…

For privacy, read: change. Read: brave new world. Read: cry for help. Read: incitement to revolt.

A few years ago, Matt Locke wrote an incredibly useful essay called Six spaces of social media (secret, group, publishing, performing, partcipation and watching), in an attempt to pry definitions of social spaces away from technical and platform ones and focus minds on what was actually happening in these spaces. You know, the interesting, human stuff. All of these spaces might exist in Facebook, for instance, or in a forum, or across several platforms (Twitter/blog/Facebook/email is a common combination).

Now he’s come back to the topic with a post about transgressions, that is to say when other users or the platform owners do things with your stuff (data, identity, images etc.) that you didn’t want them to. (more…)

The end of Facebook quiz spam?: Facebook continues to add privacy enhancements

Facebook yesterday added a welcome feature to its privacy controls: the ability to control who sees different types of content you share via applications.

The example Facebook’s blog used was sharing a greetings card via an app like someecards – maybe you don’t want everyone in your network to see your hilarious design.


Perhaps it will also mean that people will be more likely to be selective in their updates about quizzes and social games like the massively popular Farmville. While many enjoy these Facebook apps, the stream of updates drive other people nuts and can become what one colleague of mine refers to as “functional spam”.

This development’s another good reason to invest the time in setting up different groups for Facebook friends, one of the approaches discussed in the sections on managing networks of contacts in Me My Web Shadow. While some people keep their Facebook network closed and restricted to friends and family, many of us have networks that include colleagues and acquaintances that we don’t want to share *everything* with.

This is a good move from Facebook: I hope there will be further development in making privacy controls easier to access, use and understand.


Always look on the brightside of the downside…

Image: Grin-and-bear-it optimism...
Image: Grin-and-bear-it optimism...

Being utterly besotted with the web, and especially the social web, as I am, I tend dislike nay-saying about its significance, and the manifold benefits this thing will bring to society, the world etc. You know the sort of Daily Fail nonsense: Facebook gives you cancer, Twitter rots your brain, bloggers never meet real people.

But there’s a difference between reactionary nonsense and thoughtful critiques. Over at the O’Reilly Radar blog, Joshua-Michéle Ross has been poking at some of the more troublesome prospects that social technologies bring. Like how much of our identity and personal data are we surrendering for analysis by corporations and governments (since analysis of that data is a big part of my business, but I also value personal freedom that’s a particularly interesting issue for me).

He takes through a series of four posts that I highly recommend reading:

  1. The Evangelist Fallacy, Social Media and The New Age of Enlightenment: In which we are reminded that the Enlightenment with which we draw so many parallels to today brought not just progressive new ideas about equality and rights, but new (very effective) thinking about how to control the massses.
  2. The Captivity of the Commons: With the whole world connected and people living their lives in public we need to re-think privacy and how corporations work (so that they are less amoral).
  3. The Digital Panopticon: How the nightmare of the Panopticon is effectively at hand if corporations are able to see every detail of our livs in plain sight.
  4. Social Science Moves from Academia to the Corporation: Funding for social sciences will increasingly come from corporations as they try to understand how to manipulate mass social media.

As Alan Patrick says on Broadstuff:

hat makes this post extremely fascinating is that it comes from the O’Reilly Radar, which – in my experience anyway – have tended to be on the “cup overfloweth” side of the New New Social Thing, never mind a Glass Half Full – so this Glass Half Empty article – the first, it seems, of a series, is a rather fascinating shift of tenor, methinks.

He senses the beginning of a backlash, good and proper, perhaps coming from businesses (that aren’t managing to figure out how to get value out of networks as fast as Joshua-Michéle fears) as well as individuals wanting to rein in how much web shadow they are comfortable casting.

Meanwhile, Ian Delaney has a melancholy reflection on this subject that makes for good further reading and thinking matter, about how his early hopes that social media would bring socialist values to the fore are fading. He picks up the Panopticon analogy and extends it to society.

philosopher Michel Foucault back in the 70s picked up and ran with the idea of the Panopticon, especially in his best-known work Discipline and Punish. His idea was that Bentham’s model wasn’t just an idea for a prison; but for a society.

He argued that prisons are a really new idea. Back in the past, we simply thrashed/burned/drowned/stabbed transgressors. That all changed in the C18th with the Enlightenment . The idea of law-enforcement was ‘enlightened’ with the  understanding that resources [people] didn’t need to be wasted and that better social control is exercised through freely-given compliance, rather than co-option.

People could be turned into machines, a consequence of political thinking in the emergence of industrial society and the rush to efficiency and cost-allocation. Once properly mechanised, they could be ‘trusted’ – the scare quotes, because the trusted prisoner is no longer human. A big part of that process is surveillance: once people know that they are always (potentially) watched, they’re a bit more compliant to the rules, and a bit more like machines.

Actually, Ian turns from melancholy to fighting talk. Where is the transgression, he asks? What passes for subversion online is often just prnaksterism, often funded to, in small feats of legerdemain to slip in a flash of brand in front of the viewer.

The echo chamber is another danger in all of this, Ian says. Where are the racists in his network?:

Racists are poised to take Stoke in the next by-election. They don’t appear on my spectrum because I have deliberately blinded myself to their existence on a day-to-day basis. Diversity of opinion is purely opt-in (with strong incentives to opt-out) in socialmediaworld.

Add some racists to your feed list? I don’t know about racists, but I enjoy having different views on hand in my inbox. I detest a great deal of what some political bloggers say, but I like to try and understand. Sometimes I have had my mind changed too. I understand people on the right (OK, mainly the centre right) much better than I did when I was a pre-web student. Then I used to sneer at people for reading the Telegraph for goodness sake. Now I’ll read it’s leaders and blog posts alongside Comment is Free and the Guardian.

I’ll unsubscribe because people are boring, not because I disagree. Maybe that’s just me. And maybe I need to listen more to some Green voices, some far right voices, some Socialist Workers Party voices.

All is not lost, I say. Fight on…This world is still ours to shape, perhaps as never before. We’re right to identify these pitfalls and blind alleys, but nothing is inevitable in all of this. There’s still a revolution to be had.

After we’ve read these warnings, go and read some Umair Haque manifesto. Then think about what you will do this year to change the world. Seriously.

Point is: there’s a lot at stake.

Reminder: you’re always (potentially) on the record online

Image: The NUJ's website - inadvertently blowing the whistle on itself?
Image: The NUJ's website - inadvertently blowing the whistle on itself?

It pays to be a little paranoid about emails, IMs and the likes sometimes – about not saying things in them you wouldn’t like repeated elsewhere. Especially when it comes to matters professional and commercial…

When Adam Tinworth voiced his anger at the National Union of Journalists (NUJ) and its attitude to social media in a post on his blog, I’m sure he expected officials there to read it. I’m sure he even expected the lively discussion that followed in the comments section of his blog.

Analysis of the links that were sending traffic to this post gave an insight into the NUJ‘s reaction to the piece in a rather unexpected way. One link in particular he decoded as being from an email at the NUJ that must have been headlined “Effing Blogs”.

No problems with attitudes to social media there. Sounds very open minded.

Despite years of leaks, gaffes and slip-ups involving emails, voice mails, Tweets and IMs, people don’t seem to get it. So, once more, for the record:

You’re always (maybe) on the record online.

Best to act that way.

Don’t be distracted by the Facebook climbdown “victory” – big issues remain

I wrote yesterday on the iCrossing UK blog some thoughts about the Facebook decision to revert to its old Terms of Sevice (TOS) in the face of a user revolt.

M’learned iCrossing NYC colleague Alisa is on the warpath over the Facebook Terms of Sevice (TOS) debacle. Seems she’s on to something, and I’m listening closely:

Some people have claimed that user data on Facebook is worthless (silly people). I recently wrote a post for Mashable on how Facebook could build a revenue model by essentially selling even anonymized user data. Silicon Alley Insider then posted about this same idea. Commenters to the SA post clearly didn’t get that what they view as “useless” or frivolous Facebook data is in fact extremely rich and valuable trend data– worth a lot of money to marketers, government entities, and private enterprises.

Its the value of our data that incenses me so much over the current Facebook TOS hub-bub. Its not enough to say “Facebook doesn’t own your data” when the license we grant them is so wholly encompassing so as to allow full usage of user data as if they did own it.

The FB-TOS debacle dominated the top of the Techmeme news/blog aggregator yesterday, showing that this was issue number one for the digerati. From Perez Hilton to Pete Cashmore, everyone had a view.

Now it’s tucked down at the bottom of the page, with a couple of posts which have a users-force-Facebook-volte-face sort of flavour.

Was reverting to the old TOS is just legerdemain, misdirection on a grand scale? If so it hasn’t worked. This is an issue which has hit the mainstream, much more so than the Beacon advertising issue of a year ago, and many people have a niggling doubt in their minds about Facebook and their data.

It’s good to see the BBC continuing to look closely at the issue in its coverage. According to its man in Silicon Valley law suits were being prepared by privacy activists against Facebook at the moment that it decided to revert it its old TOS.

It’s made me think more about the concerns Tom Hodgkinson voiced in his article for the Guardian – one of its most popular articles ever, I believe – about Facebook’s suitability as the keeper of so much of our most private data.

Upload to Facebook = donate your content to Facebook?

perez
Image: Perez say NO!

* * UPDATE: Check out my NYC colleague, Alisa’s analysis of what the Terms and Conditions mean in Facebook: All Your Data Are Belong to Us…

Facebook’s new terms of service make it sound an awful lot like they own anything you put up there forever. Ulp!

Some think this may even have consequences for brands that upload content. Double ulp (on behalf of brands)!

While others, publicity shy as they are, are calling for a Facebook boycott.

Now Mark Zuckerberg, Facebook’s CEO going on an, er, charm offensive:

In reality, we wouldn’t share your information in a way you wouldn’t want. The trust you place in us as a safe place to share information is the most important part of what makes Facebook work. Our goal is to build great products and to communicate clearly to help people share more information in this trusted environment….

…the interesting thing about this change in our terms is that it highlights the importance of these issues and their complexity. People want full ownership and control of their information so they can turn off access to it at any time. At the same time, people also want to be able to bring the information others have shared with them—like email addresses, phone numbers, photos and so on—to other services and grant those services access to those people’s information. These two positions are at odds with each other.

He says he’ll post more soon. Best had – this issue won’t go away…

Thanks to @tacanderson and @dirkthecow for points via Twitter…

Upload to Facebook = donate your content to Facebook?

perez
Image: Perez say NO!

* * UPDATE: Check out my NYC colleague, Alisa’s analysis of what the Terms and Conditions mean in Facebook: All Your Data Are Belong to Us…

Facebook’s new terms of service make it sound an awful lot like they own anything you put up there forever. Ulp!

Some think this may even have consequences for brands that upload content. Double ulp (on behalf of brands)!

While others, publicity shy as they are, are calling for a Facebook boycott.

Now Mark Zuckerberg, Facebook’s CEO going on an, er, charm offensive:

In reality, we wouldn’t share your information in a way you wouldn’t want. The trust you place in us as a safe place to share information is the most important part of what makes Facebook work. Our goal is to build great products and to communicate clearly to help people share more information in this trusted environment….

…the interesting thing about this change in our terms is that it highlights the importance of these issues and their complexity. People want full ownership and control of their information so they can turn off access to it at any time. At the same time, people also want to be able to bring the information others have shared with them—like email addresses, phone numbers, photos and so on—to other services and grant those services access to those people’s information. These two positions are at odds with each other.

He says he’ll post more soon. Best had – this issue won’t go away…

Thanks to @tacanderson and @dirkthecow for points via Twitter…