If you are like the many people getting Quechup invitation spam, consider how it relates to the serious privacy problems with Social Networking. Quechup automatically imports your Gmail contacts and spams them when you register for their YASNS. If Bob signs up for it, he is opting into the graph, but he doesn't opt in to spamming Sally. Sally is included in the graph, whether she opts in to register or not. Over time, even if Sally resists, she is modeled as a node in the graph.
At first, this doesn't seem to matter. But if Bob adds relationship details like they are dating, and then her husband John opts into the graph and adds the detail they are married, you get the idea. But it is far worse, when the value of the network isn't the relationships, but simply the contact information. This is the case with enterprise social networking, particularly for sales. Many don't realize that Jigsaw actually pays people for submitting business cards of people they have met. Yes, there are financial incentives for people to register you into graphs without your knowledge. I'm seriously considering copywriting my contact information (Stowe Boyd suggested via twitter when I was exploring other ways of suing evil social networks).
The fundamental privacy problem is that social networks grow virally by adding you to a graph without asking you to opt in. Once you are in the graph, it may be hard for you to know you are in, let alone opt out (Spoke, you may recall, did this purposely). You are modeled without your control over social context, and identity and relationship data can be layered on top of you as a node. Not all data may be available to users, but more will to developers and all will to the social network service providers. Providers come in all stripes and you not only have to concern yourself with their ethical business practices, but the basic of security. Opening the graph to third party developers based on open standards is a laudable effort to solve one social graph problem. But the privacy concern of governance and oversight over those third party developers who have access to more data than users is uncharted.
Now, we have a very loose definition of privacy, particularly in the US. And the odds of a constitutional amendment are slim. But this is a new and increasingly popular risk to your right to privacy that unfortunately is not popular in understanding.
UPDATE: Someone pointed me to this Rapleaf public profile which I never opted into. Rapleaf has a decent privacy policy, but it is unclear if by emailing them to opt-out I become a user. And if I register to manage my public profile I certainly become a user "We use this information to process registrations, contact our users, and to provide our services." Auren Hoffman is behind Rapleaf, is very conscious of these issues and will probably clarify. But there is an interesting facet about public profiles people don't opt into. Great for SEO marketing and extortion signups.
UPDATE: Facebook opens to public profile search. Guess I'll change my profile picture from the one of me partying like a rock star. Also, copyrighting my contact info is a no go, perhaps I'll trademark it and me.
UPDATE: danah says:
I'm also befuddled by the slippery slope of Facebook. Today, they
announced public search listings on Facebook. I'm utterly fascinated by
how people talk about Facebook as being more private, more secure than
MySpace. By default, people's FB profiles are only available to their
network. Join a City network and your profile is far more open than you
realize. Accept the default search listings and you're findable on
Google. The default is far beyond friends-only and locking a FB profile
down to friends-only takes dozens of clicks in numerous different
locations. Plus, you never can really tell because if you join a new
network, everything is by-default open to that network (including your
IM and phone number). To make matters weirder, if you install an App,
you give the creator access to all of your profile data (no one reads
those checkboxes anyhow). Most people never touch the defaults, meaning
that they are far more exposed on Facebook than they realize. zrven a
college network is not that secure. MySpace on the other hand is rather
simple: public or friends-only. Friends-only is far more secure than
the defaults on Facebook. And public is well-understood to mean anyone
could access it (and often this is the goal). But I know all too well
that privacy has nothing to do with reality - it's all about
perception. And Facebook *feels* more secure than MySpace, even if it's
not. Still, I can't wait to see how a generation of college students
feel about their FB profile appearing at the top of Google searches.
That outta make them feel good about socializing there. Not.
It seems odd to me that Facebook is doing all sorts of things to go
against what gave them such strength: group support for people who
wanted to gather around a particular activity, tightly controlled
privacy defaults, and simple/clean profiles (which have been made
utterly gaudy by Apps). I think I'm missing the logic here.
::scratching forehead::
UPDATE: Auren Hoffman, in comments:
Ross -- thanks for the shout-out on Rapleaf. Anyone can opt-out of
Rapleaf (and you do not become a user). We do have a bunch of people
that opt-out every day. We also have many people that choose to only
display some of their information (like just hiding their age or
gender). There are many public profiles about people on the Internet
(ZoomInfo, Spock, Wink, Rapleaf, and others) … at Rapleaf, our goal is
give people the opportunity to manage their privacy and numerous online
profiles and control what people see about them. Of course, we're a
start-up (and thus not perfect) … so we really welcome your suggestions
on how to improve.
Recent Comments