Missing the point on Facebook and privacy

B.L. Ochman writes here about Facebook’s privacy issues, arguing that actually, the fault lies with all of us for consistently oversharing on the internet, rather than with Facebook. While admitting that Facebook has made a PR mess of the way it has introduced and communicated some of its changes, the article says, in part:

“People have made a lot of terrible decisions about what they put online for as long as the internet has existed. It’s about time everyone realized that you shouldn’t put anything online that you wouldn’t want an employer, the government or your mother to see. Facebook never made those decisions for anyone! “

Well, as far as it goes, that’s true – but it paints a picture which is partial in two crucial aspects; those of purpose and informed consent.

“Social networking” sites (and I have ranted often enough about why I object to that phrase) create a false reality which users are only too happy to collude in: the illusion that when you go online, just you and your buddies are interacting. In fact, of course, not only are you not alone, there is a third party in the room whose commercial interests lie explicitly in re-selling the byproduct of your social interactions.

Awareness of that fact is growing, thanks in part to the current publicity Facebook’s privacy-eroding policies are generating, but not, it must be said, through any informative disclosure by Facebook, to users, about their role in its business model.

Ochman makes the case that we have all been making poor privacy/disclosure decisions for years. Well, if that’s so evident, it should be correspondingly obvious how to design systems to help users make better privacy decisions. One cannot credibly argue that Facebook is an example of that.

[Thanks to @N_Hickman for pointing me to the B.L. Ochman article]


2 thoughts on “Missing the point on Facebook and privacy

  1. Nick Taylor says:

    Robin, As an IAM nerd, I've had a fair few conversations with friends around online privacy, and UMA-style management of what gets shared when… Most people I know outside of IT security, even those within IT, find it hard to be bothered about the impact of sharing all their information, even when it's explained to them.It's true not just online, but for mass collections of data – for example I was alarmed when reading some time ago that the police routinely make thousands of requests to search Oyster card data, but nobody I knew outside of the industry was worried about this sort of privacy issue, most believing the 'if you've done nothing wrong, you have nothing to hide' mantra. It's not just about designing systems to allow people to make the decisions, but a wider public education of the impact of personal data held with third parties, no matter who those parties are, or whether the data is given voluntarily.

  2. It's all about making it real. I believe @zephoria illustrated this beautifully in a recent post, when she talked of a teenage girl who didn't think privacy was an issue till she realized it meant her mom could see what was online.I think the idea of "security by obscurity" is one we (the general public, not IT or Identity folks) intuitively understand from real life, and expect that it carries over to the internet. Most people just don't think they are important enough that their inanities would get compiled into a massive database. The word "social" creates a mental link between the online world and the real world that is a complete illusion.So no, I don't think *we* are to blame for our privacy woes.

Comments are closed.