Two interesting posts this morning that made me think we are doing things the wrong way around. Zephoria wrote an excellent piece on privacy and used an example where a user within Facebook was able to get access to other peoples photos even though they could not access their profile. A quote:
Facebook’s privacy settings are the most flexible and the most confusing privacy settings in the industry. Over and over again, I interview teens (and adults) who think that they’ve set their privacy settings to do one thing and are shocked (and sometimes horrified) to learn that their privacy settings do something else. Furthermore, because of things like tagged photos, people are often unaware of the visibility of content that they did not directly contribute. People continue to get themselves into trouble because they lack the control that they think they have. And this ain’t just about teenagers. Teachers/professors – are you _sure_ that the photos that your friends post and tag with your name aren’t visible to your students? Parents – I know many of you joined to snoop on your kids… now that your high school mates are joining, are your kids snooping on you? Power dynamics are a bitch, whether your 16 or 40.
Why are privacy settings still an abstract process removed from the context of the content itself? Privacy settings shouldn’t just be about control; they should be about the combination of awareness, context, and control. You should understand the visibility of an act during the moment of the act itself and whenever you are accessing the tracings of the act.
Zephoria hits on something I feel is becoming a major issue the coming years. Privacy is the most underestimated unsolved problem in this social media “let’s share it all” era. Everything is becoming social, and yet there is no simple way to be able to control what is being shared and what not. I doubt we currently fully understand or care about this problem. At the same time I can’t understand our schizophrenic behavior towards privacy. In the physical world we are all aware and careful about protecting our privacy. We do not allow anyone to monitor our tracks or behavior. We do not just tell everyone about our political views, sexual behavior, e-mail addresses, phone numbers, who we work for and what we feel about that company, our best friends, our worst enemies, etc. We are careful, because it’s information that isn’t to be shared with everyone.
Now look at the way we behave when we turn to the on-line world. All of a sudden we turn into information nudists, giving away every private or personal details that we would have protected in real life. There seem to be no boundaries or limits to our sharing behavior. It is as if our on-line life isn’t really connected to our physical life. No one seems to be bothered that they can be tracked and traced on-line. That Google or Facebook never forgets information. It seems to me that people don’t really mind being confronted on-line with private information about themselves. It only becomes real when they are confronted with on-line private material in their physical world (think job interview here as an example).
web 2.0 thinking has made it nearly impossible to protect your privacy on-line. There are no tools, and worse, you are “old-fashioned” when you aren’t on all these cool social networks, or not using free search or email services. We put up with advertisement, because it sponsors our service, and the fact that every little detail about ourselves is stored for later use is something few understand or care about.
Doc Searl writes a good post on why online advertisement sucks. He writes:
My point is that this is baiting and switching, and it’s not a unusual example. It’s also one more reason why I believe the advertising bubble is due to burst. There’s a limit to how much abuse, misleading and general wrong-ness we’ll put up with. This has been tested for the duration, but at some point the failures become intolerable.
And those failures are not just of performance on the sell side.
What we need is for demand to find supply, not just for supply to “drive” demand. We’re not cattle, and we don’t like being herded, even if it’s by friendly chutes like Google’s. This was true before online advertising went nuts, and it will be true after the chutes get trampled.
It got me to think about this push culture. If anything communities have always been successful because of their pull instead of push. Communities work because the members are willing to put the effort in to make it work. Advertisement really never got this right. It remains to be a push thing, an on-line display that isn’t really aimed at serving, but at selling. A small but crucial difference.
These two articles made me realise we are still doing things backwards. Privacy shouldn’t be used to keep others away from your users. It should be implemented to serve its user. Right now a user can’t take responsibility for his privacy, even if he would want to. And this will not change as privacy is quickly losing ground to social media sharing. There isn’t a business model possible that allows privacy to be implemented for the user. Current business models focus on monetizing user information and networks instead of user value. And as long as that is the main business driver, privacy will continue to fight a lost battle. Same thing holds for advertisement. If advertisement would be positioned and implemented in a way that serves a need, it would be much more effective than current practice.
Maybe we need to turn things upside down and tackle these things from a user perspective instead of a network perspective?
@vanelsas 
Two thoughts:
1. The reveal of personal information is not a one-way street. Often, it is necessary to reveal (some) personal information in order to obtain value from a service. We let google know what we’re looking for when we search; it wouldn’t work otherwise. We let the mobile company know where we are when we look at a map. Aggregated data from lots of individuals can be collectively useful to lots of people.
The way things should be: users always opt-in for any revealed information, get clear value from the reveal, and have a way to cleanly remove personal information.
2. Privacy advocates usually speak of the problem in terms of personal invasions, identity theft, and individual exposure. Equally troublesome is the potential that data aggregation has to function as a “cultural redlining”: people are demographically defined by the characteristics they reveal, resulting in their receiving different or pigeon-holing content as a result. The information is collected for precisely this purpose; segregated homogeneity can be the result.
@Yourcelf Couldn’t agree more. The user needs to be in control ad be able to make good decisions. Right now this is impossible.
I’ve been meaning to offer a brief note on this post for a few days now.
I want to start by stating that I agree – there is a pressing need to address the manner in which privacy is dealt with in online spaces, and especially in social networking environments, given how much personal data they can (and do!) collect on individual users. At the same time, however, I would suggest that in the ‘physical’ world people cannot retain their privacy as strongly as you suggest they can.
When I walk down the streets I am subjected to surveillance by CCTV at all street corners. The core difference, as I see it, between CCTV and social networking, is that it isn’t as easy to index and tag CCTV data. In some cases, though not all, tapes are destroyed/copied over, but there is no guarentee.
What I am pointing to, is that while there is commonly a disjunct between physical and digital privacy, their differences shouldn’t necessarily preclude us from trying to recognize common issues between both realms, and subsequently develop harmonized strategies to resist what is seen as excessive privacy invasions.
@Christopher In your example of the CCTV camera there is one difference. The Camera owner doesn’t really know who you are. He can see you but can’t use that information commercially connected to you.
In a social networking environment this is quite the opposite. You are known and everything you do will be used in a commercial manner. Big difference imo 😉
Pingback: 5 dangers of social media « Alexander van Elsas’s Weblog on new media & technologies and their effect on social behavior