Transition from Privacy 1.0 to Privacy 2.0, and a few ways to protect ourselves… – by “Michael A”

As the world and human race have evolved, so has the means by which we communicate. At first, hand signals, cave drawings and the primitive languages of ‘caveman’ marked the earliest forms of communication. This transitioned into fully formed languages and writing. Along with writing, new sources of media such as photos, videos and songs became popular forms of communication. And with the invention of the silicon chip, all forms of communication became available and transferable through computers. This marked the beginning of our shift toward digital data.

Offline dossier to online dossier

Modern information technology trends suggest that we have an insatiable desire to aggregate all of our information through digital means. Companies such as Facebook, Flickr and Google provide useful services to users that participate in these communities. Other products, for whatever reason, seem only to be a nuisance that create no palpable value (See Blippy, Foursquare; and again later). The importances of these products reside in their ability to provide real-world effects, through Internet means. Friends can stay connected through Facebook with common sharing of information and can inform each other of given locations, so as to make the connection come full circle back into the real-world. In the process, small bits of information are left behind.

Important or not, this data is collected, stored and forever connected to our username, or IP address. Companies such as Facebook, Google and Amazon target ads and ‘recommended products’ based on proprietary algorithms coupled with all of their known information. If you look for a few programming books on Amazon, chances are you’re going to get a suggestion for some sort of Tim O’Rielly book next time you log on. Amazon has taken the place of a bookstore employee that suggests the next related book for whatever your interest may be. In this case, it does so instantly and with better-assembled data about a person’s interests. Whether you like it or not, these digital dossiers of personal information are formed based on everything digital. From places you’ve been, websites you’ve visited, products you’ve viewed or mouse movements you’ve made.

Some (myself included) choose to participate in the construction of our digital dossiers. Facebook has become a great way to transform the entire social portion of people’s lives into 1’s and 0’s that are stored on the Internet.  (Watch)  Users actively participate in the construction process by uploading pictures, maintaining conversations through posts, messages or chats or liking certain bands, movies, or books. Ever wondered what all the data might look like aggregated? (Try it out, seriously, download all of your FB data and see the substantiality).  Small tidbits of information observed in pieces may seem inconsequential. But, when aggregated, this information creates a much different situation and it becomes much more valuable. The individual wants to protect the dossier, while other services want to obtain and exploit the dossier.

What if privacy is breached?

With most personal information digitized, such as Facebook likes, bank statements, medical records, or relationship statuses, how can we be sure that it will always remain in a secure location? Sure, server warehouses seem safe (maybe not).  But what if the data is stolen/found/obtained over the Internet? (Firesheep) Imagine the outbreak if Facebook, Google or some other products were found to be emitting data about its users to others. Oh wait…whoops  (Here, Here, Here).  There’s sever backlash when an Internet service fails to make good on its social contract of maintaining tight security of users’ data. On the other hand, Foursquare and Facebook Locations are built on the premise that people want to share their much more with others. The iPhone OS 5 has this feature as well that allows GPS tracking of other phones (sometimes for incriminating purposes).

How can we be sure that this information with always be for the betterment of society? Up to the minute tracking abilities could possible pose security threats to anyone that may be interested exploiting them.

Whatever our obsession may be with sharing personal information, it could pose a substantial threat if used in ways that target the real-world individual from digital information. The interest in uploading, sharing and aggregating all information lies in the movement to digitize the real world. The comfort levels that some experience on the Internet suggests either misunderstanding of the dangers involved, or irrational behavior.

A few ways to protect yourself:

–       For those who maintain personal websites and seek protection, Robots.txt allows the creator to disallow most web-crawling bots to index such sites. While most major search engines support it, it is not perfect. A good start, nonetheless.

–       To create secure files, TrueCrypt provide a free, open-sourced product that will take any file, encrypt and mount it to a disk image with password protection.

–       For a secure email service, Hushmail is considered the best.

–       Good web practices such as disabling cookies or taking note when a certain website is secure (HTTPS or SSL encrypted) will help prevent any unnoticed breached or privacy


Should there even be more protection?

While taking certain precautionary measures is important, such as described above, there is no guarantee that all digital information amassed will be completely protected. The only sure-fire way to make sure is to not participate in the creation of a digital dossier in the first place. But, for most it’s too late. In this case, what else can be done to bring about more protection from potential leaks of data? Government intervention or control won’t work; as they’re most likely those that could best use such information for incriminating purposes. Legislation could only seek retribution after data is already ‘misplaced’ and would not create any new incentives to further protect it. Is there anything that can legitimately protect someone like me?

What about the idea of ‘Mutually Assured Destruction’ in this context? If we all have incriminating, embarrassing, or private information online, then we all at the mercy of those who control such data. Surely there’s someone else out there with worse or more incriminating or more embarrassing information than I have. As such, any exposure will look relatively much worse for them; and as long as I’m not the worst, I’m not a target…Yeah, that’s probably the best way to think about it.

Facebook Patents Big Brother – by “Charlie C”

FB Like Button

Ahhh, a symbol of progress: The Facebook Like Button. Residing on almost every legitimate page on the internet these days, it enables socially hyperactive users to let the world know that they “Like” the page they are currently visiting. The button above, for instance, could enable you to like YaleBluebook, a new course information system my suitemate and I designed for students at Yale. But that’s not all this nifty little button can do, it also let’s Facebook know that you are currently viewing a blog post on the Yale Law & Technology class blog.

On a large scale, the question we have to ask ourselves is: Do we have the right to privacy on the internet? The current cultural movement seems to answer with a resounding “yes.” All major browsers have recently implemented a private browsing mode which allows people to view sites without having any of their activity stored locally. This is the “Incognito” or private browsing window you probably use while perusing porn. However, this only protects your local computer. The servers hosting these websites still store information about your visit, with potentially personally identifiable information (IP Address). A recent movement by the Mozilla foundation has tried to standardize the use of the “Do-Not-Track” signal, which is a message that could be sent by your browser to websites, asking the websites not to record any information about your visit. However, there’s no way to enforce such an option, and no incentive for the website to do so.

The issues of privacy and anonymity seem to have become more intertwined recently. The only way of ensuring that my personal information isn’t being mis-used is to make sure that they don’t have any of personal information. Yet there are many positive reasons for websites to track IP addresses, so it seems the only logical course is to focus on privacy and when recording personal information on our net activity goes too far.

So why would Facebook care about this little blog though? Good question! Turns out behind the scenes Facebook has been working to create Google AdSense a nifty social advertising program. Unfortunately, the Pacific Ocean sized amount of data they have on you right now isn’t enough to compete with Google. So they figured, why not collect data on you about every site you visit? This recent patent is the key to unraveling Facebooks creepily invasive monetization scheme. In this post I plan to look at a few key points of the new patent.

I'll just stop paying for my Facebook subscription then...oh...wait...


What it Does

In case you still haven’t opened up the actual patent, here is the abstract:

In one embodiment, a method is described for tracking information about the activities of users of a social networking system while on another domain…The method additionally includes receiving one or more communications from a third-party website having a different domain than the social network system, each message communicating an action taken by a user of the social networking system on the third-party website. The method additionally includes logging the actions taken on the third-party website in the social networking system, each logged action including information about the action. The method further includes correlating the logged actions with one or more advertisements presented to the one or more users on the third-party website as well as correlating the logged actions with a user of the social networking system.

There’s three main components this patent describes, they are, in order of ascending bothersome-ness:

  1. The ability to transmit information back to Facebook from a website that is not facebook
  2. The ability to log actions you take on that non-facebook site and send those actions back to facebook
  3. The ability to use that data to display ads to you and your friends, on facebook and on third party sites.

Putting those three components together, we come up with some exciting scenarios:

Vibrator Storefront with friends who have bought this
The not so distant future...


Now you might think to yourself, “I’ve seen things like that already” (the friend recommendations I mean), but this ain’t your standard friend recommendation system, there are a few key passages in the patent I want to highlight.

In particular embodiments, the social network system receives messages from these third-party websites that communicate the actions taken by users while in the third-party websites.

Ever wonder why your Facebook ads always tend towards singles dating sites, ben and jerry’s, and Notebook Blu-Ray ads? (Or is that just me…?) Turns out that Facebook plans on mixing various data sources to decide which ads to show you. Right now, this is restricted to data facebook has access to such as your relationship status, favorite movies, political interests, etc. But in the near future, partner websites will be able to send data back to facebook with information about which ads were shown to you and which you clicked on, in addition they might send information about which products you bought from the partner site. This serves the two-fold purpose of telling Facebook how effective their advertising was (did you buy the yoga pants after you were shown the yoga ad yesterday?) and also telling facebook your interests (I see you could use a Yoga ball to go with those pants).

And for the majority of the patent, Facebook talks about wanting to know what ads you’ve seen, clicked on, and actually purchased the product from. However, if you wade through the million times they say “In particular embodiments”, you come across:

Another example illustrating real-world actions that may be tracked involves what program material the user is accessing on a television system. A television and/or set-top receiver may…transmit a message indicating that a user is viewing (or recording) a particular program on a particular channel at a particular time.

Wait, I’ve totally seen this somewhere before…

Big Brother is Watching
Oh, I guess that was more of content generation...

That’s right. There is apparently no limit to the amount of data facebook is willing to know about you. They want to know what events you attend, what credit card purchases you make, what stores you enter, classes you take…everything. Facebook wants to know every detail of your digital life.

So the real question is, what do they plan to do with all this data? Well currently it looks like they plan to use it to inform advertising not only on their site, but on other sites. I’ve already shown an example of how it might be used on other sites (OhMiBod). In addition, they might show more traditional Google AdSense ads (profit sharing with publishers). The secret sauce is in how the ads are selected and displayed. It seems they will use some combination of your profile, friends profiles, your browsing history and your friends browsing histories. Ads will be inherently social, letting you know that n of your friends recently purchased a product, or are attending a promoted event, or simply liked an emerging brand. The transition to this new system will actually be transparent to users:

McDonalds Social Advertising

Coincidence? I think not. For instance, Facebook can correlate the fact that you were recently on the McDonald’s homepage with the fact that 6 of your friends like McDonalds, AND the fact that Johnny Rocket likes him some BigMacs (ironic isn’t it?), throw it all into a magic algorithm and come up with the brillant idea to show you some McDonalds ads. While this might normally appear on your newsfeed, it just so happens that McDonalds has paid to have this “news article” appear more readily (the barrier number of friends before it’s shown might be lower). From the patent:

One benefit of mixing the newsfeed stories and the social ads in a single list presented to a user is that there may be little or no differentiation between advertising and general information that a user would want to know. Users visit social network systems to keep up to date on what their friends are doing, and the social ad can be as useful to the user as any other newsfeed story. Because the social ads and newsfeed stories may all be taken from the action log  it may be impossible for a user to determine whether an entry in the user’s newsfeed is a newsfeed story or a social ad. In fact, the content of a social ad could actually show up as an organic, unpaid newsfeed story in other contexts.

And therein lies the beauty of this whole thing. You’ll never even know. They will take your browsing history, your friends information, and your relationship status and a whole lot of advertisers money, but to you it’ll just look like another average news feed story.



What it doesn’t do (or rather doesn’t claim to):

There was recently an uproar that this patent would allow Facebook to track all users, not just logged in Facebook users. This came to a climax when it was discovered that the Facebook user id was being stored on users’ computers even after logout. Last week though Facebook patched this “bug” and defended its position that the patent is not designed to track logged out users.

I have two fundamental points to make on this issue.

1. As an experiment, go to this page. Did it ask you to login? Chances are that if you’re reading a blog post such as this one, you were already logged into facebook. So it doesn’t really matter that it only tracks logged in users, since who actually logs out?

Facebook Splash Page
Unless your page looks like this, they got you. Well they probably did anyways...

2. Although this patent doesn’t specifically mention tracking logged out users, it never explicitly denies that possibility. In fact, in the very paragraph Facebook refers to when defending its position, the text states:

By using this technique, the third party website and the social network system can communicate about the user without sharing any of the user’s personal information and without requiring the user to log into the social network system.

To me, this text reads quite the opposite way. It seems that although Facebook isn’t sending data about a specific user…it could still send data about the users events. From a technological standpoint, this information could be saved in a cookie on the users computer which could then be transmitted when a user logged into Facebook. Put differently, even though you’re logged out of Facebook, if they can make a reasonable inference about which Facebook user was using the computer when it was logged out, they might just queue that data and associate it with you when you log back in.


The Good News

I realize this post sounds somewhat alarmist, but the fact of the matter is if they patented it, they probably intend to use it. This is actually a brilliant idea which will undoubtedly immediately bring them into contention with Google AdSense. Right now, they claim to not be using this technology and they have stated that if it does become used it will of course be subject to their industry difficult opt-out program. I can’t help but wonder where it will end. Once this infrastructure is in place, it’s just a small side-step for them to track everyone.

We should be aware of our rights as internet users. I don’t think we’ll ever be able to change the internet culture to the point where Facebook doesn’t track our actions on its site, but I certainly think we should have the expectation of privacy (from Facebook and really anyone else) on third-party sites. When we view websites, that should be a privileged relationship between the viewer and the site. That site should be able to track our movements for it’s own reporting purposes, and maybe even to provide aggregated data to other parties, but it should not be able to sell tracking data alongside personal data (I.E. cannot say IP Address visited A, B, and C). It should be made much clearer what companies are doing with the data they collect on us, and we need to ability to opt out. I don’t think the way the internet works currently supports this, but hopefully through cultural, technological, or regulatory changes we can work towards a more data-safe internet in the future.

The FCC needs to step up it’s game and require more clear communication when user data is being collected and sold to third-parties. Facebook is starting to move into shady territory. It seems that neither the person publishing the like button, nor the consumer clicking on it understand exactly what is going on behind the scenes. No more legalese, implicit privacy agreements. I want a big fat popup, with clear instructions on how to keep myself hidden.

It's more of an opt-in box when you think about it

For now, hope for the best and be aware of your facebook privacy panel. Make sure you opt out of as much as possible! And please be sure to start an uproar if this Apple patent ever becomes used. Remember, just because it’s patented doesn’t mean it’s legal.

Unsell Yourself — A Protest Model Against Facebook – by “Max C.”

Facebook’s a monopoly that abuses its users: you and me. But we’re left without a way to retaliate. I propose a way to contaminate their database with false information, limiting the usefulness and resale value of our own information, while maintaining as much Facebook usefulness for the rest of us. It’s called Unsell Yourself, and I’d be honored if you’d give it a read.

[Edit: Reposted from my own blog in full, but formatting/CSS is better on my blog]

This is the story of how Facebook uses the information you put into it against you, and how you can unsell yourself. I believe Facebook is an exciting product and I hope that the company succeeds. But I also think Facebook’s monopoly has permitted them a business model which is bad for its users.

Not all stories of businesses harming their consumers begin with a man in a top hat, but it sure makes it easier to. Is Facebook a monopoly? Here’s a graph of Facebook’s web market share compared to hi5, friendster, orkut, linkedin, plaxo, & ning as assembled by Bill Tancer in 2007.

Since 2007, network effects have pushed Facebook into an even more dominant position. Facebook now claims that they have

More than 500 million active users
50% of our active users log on to Facebook in any given day
Average user has 130 friends
People spend over 700 billion minutes per month on Facebook names Facebook the #2 top site in the world, with 42% of the world’s entire Internet population having visited Facebook. The next social network doesn’t come up until #17: LinkedIn, with a meager 4% of the world’s Internet population.

Here at Yale, in a recent poll of people connected with the class Control, Privacy and Technology (tech savvy 18–22 yr olds, generally), 98.9% of the respondents had a Facebook.

Obvious truth number one: Facebook is the most dominant social network. Facebook alone is in exclusive possession of 500 million people’s communications, demographic data, location, and social habits. Since I’m not even close to being familiar with the nuance of antitrust law, I’ll leave that speculation to other people, noting only that Wikipedia says that the Sherman Antitrust Act doesn’t forbid innocent monopolies, but only those who achieve their monopoly through misconduct.

How Facebook’s Monopoly Harms Users

You might be asking (reasonably), “So what, who cares?” that Facebook is a monopoly. But Facebook’s definitely not been perfect, and their monopoly has permitted them some egregious abuses of their users that a competitive environment would not have permitted. As many Internet-based businesses know, it’s very very dangerous to abuse your users: they’re fickle, and can change services easily by merely navigating to their browser bar. Just look at Digg versus Reddit. So why hasn’t Facebook suffered user base drops when they rolled-out despised changes, like a redesign (the irony of linking Gawker isn’t missed), less default privacy, or ever more tailored behavioral ads. (Full disclosure: I recently got a Facebook behavioral ad for “bedwetting”. Not really sure what I’m doing to signal that one.)

Recently, even spookier things have surfaced. Julian Assange noted that Facebook is an FBI agent’s wet dream:

Facebook in particular is the most appalling spying machine that has ever been invented. Here we have the worlds most comprehensive database about people, their relationships, their names, their addresses, their locations, their communications with each other, their relatives… all accessible to US Intelligence… [Yahoo, Google and Facebook] have built in interfaces for US Intelligence. It’s not a matter of serving a subpoena.

Facebook users should get a Miranda warning:

And Mark Zuckerberg likes looking at more than merely the data you post. By reading between the lines, he’s worked out an algorithm with 33% success rate for predicting who you’ll date next.

Why Users Don’t Quit

I don’t quit Facebook because Facebook is a valuable network, one that can’t be easily replaced. That’s the natural strength of a monopoly combined with Metcalfe’s network benefits, the nature of walled garden web platforms, and their inability to control and remove their own data from Facebook. Walled garden web platforms like Facebook with embedded APIs and developers, along with Facebook-specific applications mean that users can’t easily replace or extract what could be valuable data to them. In other words, quitting Facebook means quitting Farmville and all the other applications you use. As more and more websites use Facebook as the only login system (for the best example, see, the web platform expands its power. These kinds of platforms also lead to a new, special kind of hurt of users: the AOL effect. Users’ lack of control over their Facebook data also makes it impossible to quit the platform. Not only is it truly impossible to delete messages (the delete button merely obscures them from user view, but enables them to be re-discovered via Facebook’s “Download Profile” tool and of course they remain on Facebook’s servers for subpoena or hackers and Facebook themselves, but it’s also impossible to pull Facebook contact information out of the roach motel. Even Google has lashed out against Facebook, criticizing Facebook’s design choice that makes users’ unable to export their data back out.

How Users Can Strike Back

Not a single user pays to use Facebook, and yet the company is valued at $50 billion dollars. Not bad: that means that of their users is worth $100, by my math! Which is to say that investors believe that your information, your time on the site, and your clicking is worth $100 to Facebook. To encourage a more competitive marketplace and discourage Facebook from abusing its users, there’s an easy way to reduce your value to Facebook while simultaneously reducing your legal vulnerability and privacy problems, without quitting Facebook, or even losing a valuable component of Facebook’s services!.

You keep all of your Facebook contacts, the ability to message or chat or use your wall and apps— but behavioral advertising, Facebook’s bread and butter dollar revenues and the short term thing that keeps them Wall Street’s darling— you can kill all of that just by adding a “Teen Vogue” to your interests. Or Teletubbies. Or Tiffany’s.

Here’s my current profile:

The trick is to populate your Facebook with just enough lies as to destroy the value and compromise Facebook’s ability to sell you. Collectively, users could use misinformation with “features” that they don’t like being used against them in order to guide Facebook’s future. (This is already done by FB’s user base with new some new features: Facebook places seems to effectively have been a flop. Among my 1000+ Facebook friends, only one person uses it.)

How Google is Different from Facebook

I’m wary of Google, but for now will say it’s not worth populating their data with false information yet, and not just because it’s harder. This stems from three major differences between Facebook and Google:
1. Long term monetization strategy
2. Competitors
3. Data Freedom

I don’t see Google’s long term monetization strategy being pimping your data out to the highest advertising bidder. That might be how you build a $50 billion dollar company, but it’s not a way to build a lasting $200 billion dollar company. Instead, I think they’re collecting data to get into a product development business via big data and simple algorithms.

Nor is Google’s monopoly even close to as complete as Facebook’s dominance. Bing apparently now has 29% of the search market, and Baidu won’t let up the Chinese market easily. There are innumerable competitors to Gmail, and they all have heavy user bases. Online documents is an area Microsoft won’t cede easily, since it’s one of their core products and one of their two sources of profit (Office). Mobile phones are obviously an extremely competitive arena, with RIM, Apple, Microsoft, and HP all fighting for OS market share in smartphones. And even in Google’s stronghold of display ads, Apple’s attacking (though the success of iAds remains to be seen).

Perhaps most important is that Google’s exportability of your data remains high. You aren’t locked in or integrated in the same way that Facebook joins all of your data to a persistent single identity, users can download calendars and quit Google Calendar or extract contacts onto a new framework. The integration also doesn’t lock users into Google: you can continue to use Google Docs even if you discontinue Gmail use.


Ultimately, I see inputting false data into Facebook’s “likes” pages a form of sit-in, a kind of CAPTCHA to prevent a Facebook data mining bot to freely pillage and extrapolate results from the data you put in to Facebook. It’s a good response in a scenario like today, where Facebook has a monopoly that almost everyone has to jump in on anyway, no matter how much they might be reluctant to. Hopefully though, the longer term solution is for a real competitor to emerge, offering users the things that they want, and the ability to migrate effortlessly from Facebook without paying Metcalfe’s prices. In the meantime, protect yourself and express a bit of discontent: unsell yourself from Facebook.

Thaler’s Right: Data Ownership – by “Max C.”

This week’s iPhone controversy is a big deal, but it also could be a win for consumers. Normally, to find out the information about you that your carrier has already taken and is now selling to law enforcement agencies, you have to sue them in court— but with the iPhone, at least, you yourself also own a copy!

Was the iPhone location tracking file an egregious error, especially since they didn’t notify users? Probably. Will it be patched, never to be seen again in the next version of iOS? Probably. But that’s a bummer for people that like owning their own data.

Writes Richard Thaler in today’s NY Times:

If a business collects data on consumers electronically, it should provide them with a version of that data that is easy to download and export to another Web site. Think of it this way: you have lent the company your data, and you’d like a copy for your own use.

That sounds a lot like what you iPhone location file is. One of the stink bombs thrown up over this iPhone debacle is, “this information isn’t behind a firewall.” True— which means that YOU own it, instead of your phone company. Besides, lots of private information up behind a firewall just creates another juicy target for a hacker (a la Epsilon’s data breach). Are we really getting to the point where we don’t want users owning their own data because they’re so incompetent they might get hacked? Even Thaler’s semi-paternalistic book Nudge doesn’t go that far! Besides, as David Pogue points out,

The one legitimate concern, therefore, is that someone else with access to your computer could retrieve the information about your travels and see where you’ve been. Your spouse, for example. The researchers also mention “a private investigator,” but that’s a little silly. A PI is going to break into your house to inspect your iTunes backup? If your computer is that accessible, you’ve got much bigger problems.

Most likely, the only person that is really that fascinated about you is… well, you. Pogue again:

Meanwhile, accept it: Yes, Big Brother is watching you. But he’s been watching you for years, well before the iPhone log came to light, and in many more ways than you suspect.

And you know what? I’ll bet he’s bored to tears.

The Evolution of Facebook Privacy – by “Michael C”

Facebook. The social network. The site that we all (well, most of us) use and love (or tolerate, at least). The site that some of us even name our babies after. Since its inception in 2005, Facebook has gone through an evolution that has moved it from being a networking site shared amongst students at Harvard to a global phenomenon used by 1 out of every 13 people in the world. For me, it’s more difficult than it should be to remember past versions of the site. I’ve been on Facebook since May 2007 (a few months before I started college), but when I think of the way Facebook looks, I can only recall the current design.

Old Facebook profile
I think this is how it looked before the recent changes…I honestly can’t really remember.

Anyway, every time that Facebook performed a revamp of its site, they also made a less apparent change—they adjusted the default privacy settings. This is important as many people on Facebook have probably never checked their privacy settings and just accept the default settings, whatever they may be. In that sense, it’s very interesting to think about how Facebook has changed the default privacy settings over time. Just like the old site interfaces, it’s difficult for me to recall old Facebook privacy options and defaults. Luckily, there are a number of informative sites that do just that.

About a year ago, Kurt Opsahl of the EFF wrote an informative article entitled “Facebook’s Eroding Privacy Policy: A Timeline” which gives us an idea of how Facebook’s privacy policy has changed over time. The differences become pretty apparent when you compare the 2005 privacy policy:

“No personal information that you submit to Thefacebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings.”

to the privacy policy from April 2010:

“When you connect with an application or website it will have access to General Information about you. The term General Information includes your and your friends’ names, profile pictures, gender, user IDs, connections, and any content shared using the Everyone privacy setting. … The default privacy setting for certain types of information you post on Facebook is set to “everyone.” … Because it takes two to connect, your privacy settings only control who can see the connection on your profile page. If you are uncomfortable with the connection being publicly available, you should consider removing (or not making) the connection.”

If the change isn’t apparent enough from the text, Matt McKeon created a handy infographic that illustrates how Facebook’s default privacy settings have changed over time. You should go to his site to see the full interactive infographic, but take a look at the difference between 2005 and April 2010:

Evolution of Facebook Privacy

The changes are clear, and to be honest, somewhat alarming. Currently, the majority of the information found in one’s profile—one’s wall posts, photos, likes, etc.—is visible to the entire internet by default. Only friends can see one’s contact information, but Facebook would have no privacy whatsoever if contact information was available to everyone. However, with so much other information out there in the public, it is entirely possible that someone could still glean one’s contact info from the site. As Facebook has expanded, becoming not just a site for Harvard students to interact on but a site for literally everyone to interact on, it seems logical that Facebook might increase the default privacy settings, as there are many more people with access to the site that one would want to keep their information private from. Back when the only people on Facebook were your classmates, having conservative privacy defaults probably was not as big of an issue as it is now, when anyone in the world can use Facebook.

Of course, not all of these changes are Facebook being evil; rather, it seems that some of them are the result of Facebook simply being ambivalent about one’s privacy. A lot of the expansion in the infographic comes from the fact that Facebook’s audience has greatly expanded since 2005. Back in 2005, there was no such thing as a “public profile” that everyone on the internet could see—you were either on Facebook (and you could only get access if you were in a select group of people) or you weren’t. As Facebook has opened up to more and more people, rather than “pulling back” on privacy settings to maintain the privacy that Facebook had when it was much more exclusive, Facebook has simply let privacy slide along with the site’s access. Perhaps this is due to Mark Zuckerberg’s lack of understanding about people’s desire for privacy. Even in Time’s “Person of the Year” article about Zuckerberg, it said “Zuckerberg has a talent for understanding how people work, but one urge, the urge to conceal, seems to be foreign to him….Sometimes Zuckerberg can sound like a wheedling spokesman for the secret police of some future totalitarian state. Why wouldn’t you want to share? Why wouldn’t you want to be open — unless you’ve got something to hide? ‘Having two identities for yourself is an example of a lack of integrity,’ Zuckerberg said in a 2009 interview with David Kirkpatrick, author of The Facebook Effect.”

Zuckerberg’s comments stand in stark contrast with the themes of our class. This week, we read Warren and Brandeis’s The Right to Privacy, which states “The intensity and complexity of life, attendant upon advancing civilization, have rendered necessary some retreat from the world, and man, under the refining influence of culture, has become more sensitive to publicity, so that solitude and privacy have become more essential to the individual; but modern enterprise and invention have, through invasions upon his privacy, subjected him to mental pain and distress, far greater than could be inflicted by mere bodily injury.” The real question is, can we use Facebook and cell phones and all the other facets of the modern age and still maintain our privacy? Naturally, we must be willing to give up some privacy simply by virtue of using a “social networking” site. Yet, at the same time, we shouldn’t have to give up more privacy than necessary. Perhaps Facebook shouldn’t be allowed to use an opt-out system of privacy, where most of a user’s profile is shared with the entire internet by default and the burden of selecting more restrictive privacy settings is placed on users. Perhaps, through legislation, we can put the burden on corporations like Facebook, so that the default behavior of the site is in users’ best interests, not Facebook’s. After all, Facebook is a social networking site, existing for the people who use it to communicate and connect; it has no one but its millions of users to thank for its success.

’cause it’s a jungle out there ♪ – by “Russell K”

In all likelihood, I was not the only one last class who wanted to discuss further the issue of online identity and privacy. I tend to agree with Kashmir Hill in her suggestion (in class and in her website) that our sense of privacy will change. Yes, in a more transparent era, or perhaps just for a younger generation, last Friday’s embarrassing moment will remain just that and no more, despite and perhaps in part due to online evidence.

This perspective may be comforting, but we should qualify this comfort. It is a small, finite comfort.

The comfort lies in the realization that our own mistakes will not be as damaging as we might initially fear. Mr. Scalia (who often seems to be assigned in readings at Yale at his expense!) if little else in our readings does seem to remind us that the idea of the law protecting every little fact about us is absurd. Kashmir Hill suggested that more openness might lead to more comfort. And indeed, for stuff like what happened last Friday that a friend posted with you tagged in it, it might be less silly to turn to social norms than to turn to law. Social norms are formed online — we all have seen this happen in our generation — and we can expect a great deal of such online exposure to be made safer by online social norms, without overprotective, “silly” legislation. We can all simmer down now because the privacy FUD problem is solved.

If that leaves you less than satisfied, I’m with you. “Online exposure” can go far beyond being tagged in a Facebook pic. Specifically, your online exposure is not necessarily of your own doing, or even your friends’ doing.

Daniel Solove’s blog post in this week’s reading suggested an interesting term: Aggregation. Solove uses this term to describe a way that gathering data on someone can lead to violating his/her privacy, essentially by connecting “innocuous” points into a “detailed portrait of our personalities and behavior.” We can ask a sort of philosophical question: What other effects might the Internet bring about to data about you?

Like Seth Godin’s list of ways things can get broken, my list of privacy FUD is sure to be incomplete. Please comment and add your own!

1. Aggregation – Connecting innocuous dots can lead to an uncomfortably detailed big picture. For an example, do the readings.

2. Dis-gregation – Less is more — more harmful.

What if an online journalist or a Facebook friend isolated a couple (true) facts about you and leaves out other relevant facts?

3. Context Distortion – Taken out of context, new implications begin to arise.

I thought of this last class when I discovered searching for my name leads to a porn website. No, I don’t have a porn star double life! But in 2009 I did help promote Yale and other US colleges to Japanese students, and the Japanese term 中高生 (middle and high school students) landed links to YouTube versions of our video footage filled the greater part of a fuchsia-colored website. (Incidentally, if you’re being naughty and trying to find this website, at least on the page with my name in it there was nothing graphic, let alone anything involving minors.)

4. Unplanned Anti-Obsolescence – It’s forgotten by now, right? No, it’s in the Net’s hands now.

A friend thought he’d put up a silly status update, and delete it 30 minutes later. It wasn’t something he wanted everyone to know, but having a few know would have been acceptable to him. He had it planned out that way. But when another friend found it hilarious and re-posted it as his status, control over it had changed.

5. Promulgation – Data that’s out there, but in small circulation, can become less innocuous by gaining popularity.

A funny story shared to friends might not be best when shared on the Internet, where there are less degrees of separation from total strangers who might interpret it differently. Cyber-bullying examples come to mind as well — a few enemies at school is a smaller problem when they’re not enlisting online comrades. Or what if RapLeaf had sold (“inadvertently”) data about your online behavior not to a dozen advertisers, but hundreds? What if they also sold data to your workplace, school, or to the government?

I am sure there are more effects we could talk about, but the bottom line is that an embarrassing Friday should not be our only concern. Even if greater transparency helps establish social norms online, we shouldn’t ignore that it’s becoming easier and easier for the Internet to affect info about you. What you post about yourself or reveal to marketers tracking you is really just where that data might start off – really we’re talking about the potential for that data to take on a life of its own. Much of this seems difficult for the law to prevent, but I suspect we’re more eager to turn to the law rather than social norms when we consider that it’s not just about our own mistakes confined to a few popular sites.

Privacy Matters; will it always? – by “Ben L”

In recent history, we have seen a plethora of companies arise based on the aggregation and selling of personal information. Spokeo, ChoicePoint, Intellius, ZabaSearch, Acxiom are just a few. Spokeo, the most recent one however, provides the most information for free, and the cheapest price if you do decide to pay. The concern is that since all of these sites use essentially the same underlying information, there is no way for the user to prevent dissemination. This has led to a number of cries for congressional restriction. A good start might be to extend the Fair Credit Reporting Act to other kinds of data collection and sale.

In the meantime, what does this mean for society? Are we going to undergo a privacy based cultural revolution? I do not think this will happen anytime soon. Currently, the information available on the websites is horribly inaccurate. Generally, you only know if the person you’ve found is correct based on name and address, and many people are not searchable. Once you have found the correct person, further information is generally not helpful. Spokeo says my father, the only family member who shows up, as having several interests and lifestyle facts, “has children” and “enjoys entertainment.” Now I wonder who doesn’t enjoy entertainment. The rest, while inaccurate, do reveal the potential for extensive information: the only reason I can think of for them to suspect my Dad enjoys home decorating and home improvement is the time we spent remodeling, which was thoroughly not enjoyed by anyone at all. Does that mean that Spokeo has some way of knowing what we are buying? It is not getting Dad’s interesting from linked facebook pages, though I don’t doubt website will soon be mining that, so where is it coming from? Spokeo hasn’t disclosed its sources, so it will be interesting to find out. Spokeo also claims my Dad is not intersted in Politics, when in actuality he votes in and follows every election. He does not run a home business as advertised. There are also personality descriptions like “self-driven,” which, without knowing the sources, and given the general inaccuracy, seem  dubious.

I haven’t found any sites or testimonials claiming these aggregators are particularly useful or accurate. Given that, it seems hard to believe they represent a real disruption. Even if they are somewhat right, what good is that to a stranger, who cannot tell whether a particular fact goes in the wrong category or the right one? It seems to me that if privacy deteriorates for the majority, it will have nothing to do with people invading it, but rather information being freely disclosed, or allowed to be easily accessed. The current generation is growing more accustomed to sharing everything with everyone. This class in general knows more about facebook and internet privacy than a few handfuls of people. Yet how many of us keep facebook? More than that, how many people keep “likeing,” things, and forming public “connections,” which describe ourselves and our tastes? If everyone is going to keep doing this, then one of two things will happen: people will either get used to presenting their “public face,” on the internet, or we will learn not to care so much whether another’s interests (supposed, self disclosed, reported, whatever) disagree with our own. The inaccuracy of current databases will contribute to a distrust and dismissal of information found online. When it does get more accurate, we will be so used to not caring that we won’t start.

There have been a number of criminal investigation based on wrong information, where it is especially dangerous in law enforcement. Governments should not be trusting these sites to do their investigation for them, and rather than pass laws mandating higher accountability the solution is for criminal investigations to be investigatory rather than a matter of buying the information. It is and should be the responsibility of the police to find and apprehend the correct person. If we do pass laws mandating that information databases be more transparent and correct, this will hasten the future in which we are more tolerant. but there is no sign of this happening amongst the current crises.

Lastly, I leave you with an illustrative graphic of the progression in disclosure. How long before other websites share information like facebook does, or are all connected, or these stop being the default settings and become the only one? Will we really give up our social networks?

Your Big Brother is Watching You! Actually. – by “Andrew C”


In1949, George Orwell wrote 1984, a novel describing a nightmarish future in which England, fallen to socialism and renamed Airstrip One, is ruled with an iron fist by an oppressive, authoritarian government. In the novel, Orwell describes how, with adequate technology, a regime could dominate the masses through constant surveillance.  Specifically, in the dystopian nightmare of 1984, “Big Brother” monitors every citizen 24 hours a day through the television set in their living room.  Ultimately, Orwell’s vision never truly came to pass, as in the end it is simply impossible for a government to monitor every individual at all times.  However, as surveillance cameras become increasingly inexpensive and the ability to share media over the internet becomes increasingly efficient, the actions of everyday individuals have come more and more under the eye of public scrutiny.  In today’s world, any individual walking down the street can reasonably expect to be videotaped by anything ranging from remote surveillance cameras, to roving Google Street View vans, to anybody carrying a cell phone purchased within the last five years and to have that video posted online.  As such, those who commit shameful, illegal, or simply bizarre acts can and must accept that their actions may be broadcasted to and scrutinized by an anonymous, faceless horde of users.

Ironically, England, the setting for Orwell’s 1984 has become one of the single most disturbing examples of the loss of privacy in the modern world.  It is currently estimated that there is one camera for every fourteen British citizens. Recently, the British government has quite literally set aside £400 million to install 24 hour surveillance cameras in the homes of 20,000 families in order to ensure that children attend school, go to bed on time, and eat proper meals.  Even better, the government plans to hire private security contractors to perform home checks upon the families in question.  The irony is beyond overwhelming.

However, it has nevertheless become increasingly obvious that no one government can monitor an entire population internet-eyes1at all times.  Thankfully, the anonymous masses of the internet have proven to be more than willing to fill in the gaps the government leaves behind.  As such, we increasingly see “Big Brother” being replaced with your actual big brother (and your neighbors, co-workers, and complete strangers).  In England, one program in particular, called Internet Eyes, would have sent George Orwell into fatal convulsive seizures.  The program, which will go live in Stratford-upon-Avon in late November, aims to harness the power of Web 2.0 by directly connecting live feed from surveillance cameras to a vast swarm of users.  The theory behind the program is that with more eyes watching the footage more crimes can be averted.  The website is being promoted as a sort of game which everyday individuals can play in their spare time.  Users, who will be allowed to register for free, will be allowed to view real-time random video feeds from participating establishments across the country.  Any viewer who spots suspicious activity from a specific camera can anonymously inform the camera owner.  Users will then receive a certain amount of points based upon the quality of the alert.  The user with the most points at the end of the month will receive a £1000 prize.  Fantastically, Tony Morgan, one of the founders of Internet Eyes, claims that it will “give people something better to do than watching Big Brother when everyone is asleep.” Put another way: why watch Big Brother when you can be Big Brother?

However, in the end, this website is not simply another game.  Rather, it is a breach of privacy more distasteful than anything ever imagined by George Orwell.  While Internet Eyes may very well be an effective way of preventing vandalism and shoplifting it also encourages private citizens to spy on their neighbors.  Furthermore, if previous cases have shown us anything it is that the scope and potential damage of public scrutiny can be far greater than that of a government investigation or surveillance.  While Internet Eyes will in fact connect users to random video feeds it is impossible to eliminate the possibility that Internet Eyes could reveal potentially damaging private information (i.e. sexual orientation, political affiliation, etc) to one’s loved ones, co-workers, or neighbors.  How could an individual stage a protest knowing that his or her boss might not only disapprove, but be watching him? As such, it is nearly impossible to argue that websites like Internet Eyes, and the general trend towards increased scrutiny in the Web 2.0 world, are increasingly having a chilling effect upon free speech and expression.

However, in the end the question is not necessarily straightforward at all.  The same features that make constant surveillance and public scrutiny such an insidious problem in today’s world have proven to be an incredibly powerful and valuable tool in fighting oppression across the globe.  Easy access to video cameras and internet access, and the rise of the generative Web 2.0, have ensured that, in the modern world, those who are oppressed are finding it increasingly easy to record and disseminate their messages.  As such, in the end, we need to find some way to strike a balance between the benefits of a free and open internet and the dangers of the constant threat of surveillance.

How can we accomplish that? Quite frankly, I’m not sure, but this seems like a fantastic bet.

Google unveils “unprecedented” privacy dashboard – by “Samuel D”

Much has been made of the dangers of trusting all your private data to Google. Not only does the search giant host your emails and contact lists, but your entire search history, your blog posts, your documents, your YouTube videos, and even your phone records. In response to growing concerns as to what they might do with all your data, Google released the Google Privacy Dashboard this week–claiming to be the “first Internet company” to offer such a product. The official blog post explains:

Over the past 11 years, Google has focused on building innovative products for our users. Today, with hundreds of millions of people using those products around the world, we are very aware of the trust that you have placed in us, and our responsibility to protect your privacy and data. Transparency, choice and control have become a key part of Google’s philosophy, and today, we’re happy to announce that we’re doing even more.

The Dashboard aims to give users greater transparency and control over their data. Users log in to their account and can view exactly what data Google hosts from over twenty products. For each product, the Dashboard provides direct links to the privacy settings for that service. Google concludes, “The scale and level of detail of the Dashboard is unprecedented, and we’re delighted to be the first Internet company to offer this — and we hope it will become the standard.”

Given Google’s grand proclamations about the groundbreaking Dashboard, response to the announcement has been subdued at best. Advocacy group Consumer Watchdog has been one of the most vocal opponents to Google’s privacy policies. The organization said the Dashboard was a step in the right direction, but wanted Google to give “the ability to stop being tracked by the company and to delete information associated with their computer’s IP address from the Google servers.” One advocate added, “If Google really wanted to give users control over their privacy it would give consumers the ability to be anonymous from the company and its advertisers in crucial areas such as search data and online behavior.” The group suggested that Google added a “Make Me Anonymous” or “Don’t Track” button to each service listed in the dashboard.

Outside of advocacy groups, response to the Dashboard was mostly negative. Tech blog Mashable wrote, “Sure, it’s nice to have all these in one place, should you ever want to review all your private information stored at Google at once, but there’s nothing really new about this list; you could even call it a privacy-related compilation. Unfortunately, it’s also an unpleasant reminder of just how much data you’re giving out to Google (and other online services).” Valleywag noted, “But, really, it just scares the crap out of you. Google knows all.”

The Dashboard clearly was not received as Google anticipated–it certainly is only seen as the first step in the right direction. Will they allow users to remain anonymous and prevent data from being attached to their IP address? Will they allow users to instantly delete all their data from Google’s servers? Would they allow the police to subpoena access to a user’s Dashboard? Only time will tell how Google will live up to its promise of “choice and control.”

– Google Dashboard explained on YouTube.

– Check out what Google knows about you here: