Friday, September 25, 2009

Rotenberg Op-Ed: What's Privacy in the Age of Facebook?

With the explosion in popularity of social networking sites like Facebook and Myspace the ability to protect ones personal privacy has become increasingly challenging. It goes without saying that Facebook and Myspace pages have the potential to reveal a considerable amount of information about a user's lifestyle, interests, and goals. Depending on the user's settings, co-workers, employers, and certain family members could have access to information about the user that may be better left unknown.

Recent Facebook flaps highlights growing concerns about the increasingly sophisticated technologies used to track online activities in an effort to more precisely target advertising. What has also become apparent is that these social networking sites have not exactly been forthcoming about how much user information they harvest, share, and with whom.

However, in recent months users have been becoming more and more conscious of privacy concerns, as Facebook has been criticized for not allowing people to permanently delete their accounts and personal information from the site as well as their use of "Beacon" (no longer in use by Facebook) - a technology that tracks user's online purchases and informs their friends.

The controversy raised by Facebook's use of the Beacon technology - and the subsequent victory of privacy advocates - has helped ignite a larger debate regarding the largely hidden and growing problem of online consumer-tracking and information-sharing.

And this larger discussion - like what privacy means in the age of Facebook - was expertly articulated today by Marc Rotenberg, Executive Director of the Electronic Privacy Information Center in an article entitled "What's Privacy in the Age of Facebook?".

He writes:

Make no mistake, this is all about privacy. Not the old-fashioned parchment scroll, carried by courier on horseback from the castle to the king's army. This is modern-day privacy, about digital identity, the control of personal information, and the brewing battle between what we post and its commercial value.

Modern privacy begins with the understanding that personal information will be widely accessible. That's as true for web 2.0 as it was for the early Internet, and for the telephone. It's a paradox to be sure. Someone once said, "we must protect privacy to ensure the free flow of information." That's exactly right.


Modern privacy is about what happens to information once it's held by others -- whether it's a government agency, a bank, a cell phone company, or a social network site. We give up personal information all the time, but that doesn't end the discussion over privacy. That's where it begins.

Is the government going to use our data as it is supposed to or is it going to spy on us? Does the bank have good security or do we have to worry about breaches? If I give an email address to a cell phone company, am I going to get spammed? And is that quiz that just told me which European capital city I'm most like really trying to figure out who my friends are?

Of course, there is still some interest in secrecy, as just about any parent who has tried to friend their kids on Facebook knows. In fact, everywhere around us, the digital anthropologists will observe, are the cultural artifacts of privacy -- privacy polices on web sites, privacy settings on social network services, privacy features in web browsers and email. What is the purpose of these techniques? To provide people with some control over the information they disclose to others.


I smile every time someone says, "Privacy is dead" or the "Facebook generation doesn't care about privacy." If there is one issue that people feel passionately about today, that literally unites everyone who goes online, it is the interest in privacy.

Click here to read the article in The Huffington Post.

As I wrote a few days ago, I think what a lot of privacy advocates would like to see Web sites do - and the government should require them to do - is give users as much control over their identities online as they have offline (as far as that is possible). In other words, if I'm online, I'd like to be asked if I want my personal information to be viewable by others, and by whom, be it their friends or be it everyone in the world.

Privacy settings, which allow for this kind of screening, should be prominent, clear and easily managed. Again, it's really about making the "opt-in" principle the Golden Rule of the web. That means that BEFORE the users information is disseminated he/she should be notified and should have to affirmatively “opt in".

As Mr. Rotenberg correctly concludes his editorial: "...the battle is just beginning."

No comments: