Do we really need privacy controls in Social Media?

A small discussion yesterday on Friendfeed after I posted a video that puts up a big warning about the way Facebook deals with your privacy. I do not know if any of the claims in that video are correct. Jason Kaneshiro pointed me to an article posted earlier that mentions some of the same assumptions here.

Privacy and Social media. An interesting contradiction. Social Media allows us to interact over any content on the web. It’s pubic by nature, people are stimulated to join an open conversation, become public figures. Social media does sometimes provide us “private” back channels (the direct message in Twitter). It is an unstoppable process. Any website, channel or technology is making the move towards the usage of social media. We love to be part of any conversation and by doing that we increase the value of any service for the service provider and ourselves.

And it feels good too. I don’t care a bit about the aggregation capabilities of Friendfeed for example. But I like the ability to join in a conversation about that content that gets aggregated. Same thing goes for Twitter. Tweets essentially broadcast something to anyone that wants to listen, and every once in a while, it leads to responses that make you smile, laugh out loud, sad, surprised. All emotions are addressed in a way.

I think it is a great that social media allow all of these interactions to take place. It makes the online world a more fun and interesting place to hang out. But it gets messy when the objective of the one providing the social media capabilities isn’t to let us interact. It gets messy when the objective is to store and analyze our interactions and relations on the web in order to make money. It gets messy when a privacy policy of the service provider is 10 pages lawyer talk that no one bothers to read. It gets messy when users are naive enough to think that this isn’t happening at the service they use. That is the point where privacy all of a sudden becomes important in social media.

The sad thing about this is that Social Media and privacy are holding each other in a death grip. But privacy is slowly choking and turning blue. Social Media can’t really exist unless it facilitates public interaction. But underneath lies the trouble. I can’t think of a single web company that isn’t using the free ad based business model to exploit social media. And it is this business model that really fights the battle with privacy. And unfortunately it is winning, big time.

The generation that grew up without social media still has a grasp of what privacy means on the web. The generation that lives with social media now is already losing sight on the concept. And that i a real threat in my opinion. Privacy control is as important as controlling your own finances. It is not something to think lightly about. That doesn’t mean that there should not be any public interaction through social media! But it’s crucial that the participants can decide for themselves which aspects of their online lives an interactions are accessible and reusable by others, and which aren’t.

The only way Social Media and privacy could co-exist, because that’s what is needed, is to make the user himself responsible for his privacy control. These controls can’t be implemented within the social media. They need to be implemented within the on-line presence of the user!

To explain this consider the following (its’s from that Friendfeed discussion I mentioned earlier). Facebook allows you to set all kinds of privacy controls. Within Facebook you can decide what your friends can and can;t see, and up to a certain level you get to control 3rd party access to your profile. But there is one control missing. It is the ” Facebook, stay away from my profile”  control. Facebook helps you to protect yoursef from anyone except Facebook.

Privacy is something the user needs to be in charge of. Who are you to think that you can do this for me? To implement this one could think of a highly localized version. Every user has his own privacy controls on his computer. But a much better solution would be to use the banking model. Create large privacy faults on the web where users can store their interactions and controls. Interacting using social media then simply passes by the controls we have within those vaults. Some will provide full access, some will put constraints on them. And the banker that provides this privacy service only has one business model, that is to protect the user’s privacy. And just like with banking, we want to have choice, privacy banks that compete to provide us the best, simple, easy to use, cheap, customer-centric service possible. A service that can connect with all social media and allows instant, fin-grain controls accessible to the user.

A simple idea, but almost impossible to implement due to the mainstream free ad based business model. Do we really need privacy controls in Social Media? You bet. We haven’t seen the last of this. As more Beacon-like services appear, feeding upon our personal data I think that privacy will wrestle back. Privacy will become a powerful counter force to the public addiction of this free ad based business model and get balance back into this death grip.

About vanelsas

See my about page, ;-)
This entry was posted in privacy, social interaction, social media, social networks, Uncategorized and tagged , , , , . Bookmark the permalink.

6 Responses to Do we really need privacy controls in Social Media?

  1. When I started to read this article, I couldn’t help but to read “abandon privacy, it’s an obsolete concept that only old folks care of and only by discarding it we can monetize social networks anyway”.

    Thankfully you didn’t write that, but rather gave an pretty interesting concept on how to shift privacy (control) to fit demands on social networks, without giving it up and others still being able to monetize latter. This seems to be fair on both ends.

    About an implementation, I think this could be piggybacked by OpenID providers (as OpenID services are more commonly integrated). They’re all about identity, it would be just obvious for them to handle your privacy as well.

    Sadly, as most Internet users just don’t care about their privacy (and I doubt they ever will), I don’t think it’s likely for any company to implement something like this – why for, if they can make more money with more data. Being cynical on recent global developments on privacy, at least “they’re after my money, not after me” (no, I don’t want to start a political discussion).

  2. Benjamin, we definitely need more balance, and the web 2.0 business model is crushing privacy right now. I’m hopeful that at one point people will find privacy more important. They will be more confronted with the results of their on-line activities being watched and monetized by social media. One real big problem is the free vs paid barrier. People put up with advertisement because it means the service is free. That barrier needs to be broken down for privacy controls to become implemented the way I described above.

  3. I think that your idea of a privacy vault is interesting, though I concur that it would be challenging to construct in the present economic climate.

    In my recently defended MA thesis, I took up the issue of dispersed and (often) hidden data flows that lead people generally to be concerned with how their information is being shared. Though unstated in the thesis, an element of ‘digital privacy’ that many people seem to internalize is that privacy ought to be at least as good as ‘privacy by obscurity’ models that we enjoy in analogue spaces, and given the ‘net’s high-tech nature we shoudl be able to create privacy settings that are perfectly tuned to the individual.

    Obviously, this isn’t the case as it stands now.

    To my way of thinking, the easiest method for securing personal privacy revolves around a central change in how privacy laws presently operate – rather than requiring ‘opt-out’ clauses to most info-sharing agreements, opt-in clauses should be needed. If a user doesn’t opt-in to the various (explicit) ways that a infobank is sharing their information, that information should not be legally shareable. Of course, there is a little more subtly to that part of the thesis, but that’s the general aim, and the governmental implementation of any such law that would enforce this would be challenging in the present economic climate.

  4. Christopher, Challenging is a n understatement, as I explained the difficulties that need to be solved 😉
    You ay be right that privacy laws would help. But they are likely to be just as difficult to be implemented, and you would probably need them in all countries.
    opt-in would definitely be an improvement. But it still doesn’t solve the real problem. The underlying business model needs to change. Instead of free ad based services we need something else. Maybe payed services, maybe other ways of monetization, but that is both an investors and a user’s dilemma. I have written a lot of posts on that topic if interested. Search for business model on the side and you will find them 😉

  5. Martin Killmann says:

    I think you made the Freudian typo of the months:

    “Create large privacy faults on the web where users can store their interactions and controls. ”

    It is a nice idea in theory, but in reality, forget it. In a world where even top secret government data can be left in the morning bus, I want no one company to store all my private data, thank you. That so-called “vault” just screams “hack me” or “pay that disgruntled admin a few quid to hand over a database dump”. There is only one way to handle the situation, and that is guard your private information like you guard your bank account, your diary, your car keys etc. Know that whatever you do online leaves a trail that can be followed, and make sure only things are on that trail that you want people to know about you.

    In fact, it is best to understand Twitter, Blogs, Facebook and all other Web 2.0 spawns as ways to self-promote, to create an online persona that shares your face and your name. There are even instructions on how to fake attending events on Twitter, and lots of other ways to cheat.

    I think that this is an aspect of Web 2.0 that few people realize: the more data about you that is piled on the net, the more real information gets buried in a pile of crap.

  6. Martin, I am not sure if I trust one instance to store everything about me that is sensitive either. But at the same time I do think that basic privacy can be implemented this way. Most people on the web aren’t even aware what data is stored. Users are naive. Enabling them to set basic privacy controls and not letting service providers have instant access to everything is a good thing. That’s where this idea comes from. We already leave sensitive information around on the web. Using a privacy vault and simple controls makes the user more aware of this and lets him make decisions about what he is willing to share and what not.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s