May 14, 2010

The Evolution of Privacy on Facebook

Seems that Facebook is the latest privacy poster-child highlighting the strains that come between a service provider seeking a way to cash-in on our desire to socialize and the responsibility the provider assumes to protect its users.

Recent blog posts and articles have recently come out on the (de)evolution of privacy on Facebook since 2005. Kurt Opsahl of the EFF provides an handy timeline of changes to Facebook's Terms of Service through the years. This posting prompted Matt McKeon at IBM Research's Center for Social Software to create a more specific timeline and interactive chart (click on image below for link to interactive chart and blog post).

Matt points out on his blog:
However, Facebook hasn't always managed its users' data well. In the beginning, it restricted the visibility of a user's personal information to just their friends and their "network" (college or school). Over the past couple of years, the default privacy settings for a Facebook user's personal information have become more and more permissive. They've also changed how your personal information is classified several times, sometimes in a manner that has been confusing for their users. This has largely been part of Facebook's effort to correlate, publish, and monetize their social graph: a massive database of entities and links that covers everything from where you live to the movies you like and the people you trust.

In a May 13th blog post, Ken Opsahl continues his coverage and urges Facebook to "follow its own Principles." According to Opsahl, Facebook's current privacy practices coupled with Elliot Scrage's (Facebook's VP for Public Policy) flippant responses in a recent NYT readers' question and answer piece, amount to a boatload of double-speak coming out of Palo Alto when it comes to user data privacy.

Social software wants to be open by nature. Which is crux of the current Facebook privacy kerfuffle. Without openness connections can't be made. However, with any social group there are implied rules for who can participate, what gets shared, and how. From a user's point of view, social wants to be open, but not that open.

A third party, who's purpose it is to facilitate, moderate, and monetize social activity, can be at odds to the purpose of the user. It is the third purpose of the service provider, making money, that creates the tailspin. Today Facebook takes the point of view that the act of registering for a Facebook account is implicit permission for Facebook to use any information a user posts for Facebooks own purposes (we're talking about making money here). Facebook is not just there to facilitate the connections that users want to make. After all, Facebook isn't free for Facebook.

If you look at Matt's interactive chart big changes happened between 2007 and 2009. Yea, I know a whole year, but I suspect 2008 would show some other interesting data, like jumps in numbers of users, increased numbers of applications, and even increased investment into Facebook. In other words Facebook's business changed and the opening up of user data provided the means for creating monetary value in Facebook.

Social networking has reached a tipping point where the "trust" levels are diminishing as usage rises. As more people and applications use the information we post in social networks, the more skittish we become. Not without reason, the rise in spam/malware attacks, bullying, "checking-up on" by employers/neighbors/creditors, and identity theft on social media is an indication of how valuable the social media dirt is to others. Of course users want more protections with consistent policies and experiences. But maybe we're gonna have to pay for that luxury.

No comments: