Social networking and privacy

Print Friendly

This is a big issue and though I don’t have any deep new observations about this, I want to share some thoughts from using Facebook for a few weeks. This isn’t necessarily Facebook-specific, but that’s a recent example for me.

The basic problem is who gets to know what about me. Short of someone doing something illegal and stealing, say, confidential payroll information, I’m talking about the information that is out there on the web that comes from my explicit placement of personal data or by observations of my activities.

Before I get into the sites like Facebook, let me say that I know that I have this very blog and have been running it for close to 39 months. There’s a lot in here that describes me as a person, and not just musical tastes and proclivities toward certain kinds of carpentry projects. This blog is part of the information that can be mined about me. I get to control the input though I cannot control what people do with the information. There are a few areas of discussion of which I am particularly mindful, and I try to keep on the careful if not overly conservative side of those.

The problem with Facebook is that I think people get on it and get all excited by the connections you can make with other people, the groups you can join, and the applications you can install. This is about social networking, after all, and the value of the network goes up when you are connected to more people in more ways.

Have you carefully examined your privacy settings so that you are sure who can see what about you? Do you read all those check boxes when you install an application?

I belong to three Facebook networks: IBM (population 24,611), Harvard (population 50,458), and Princeton (population 16,067). Even allowing for some overlap, there are probably at least 60,000 people in my networks. Do I really want to have my cell phone number visible to “All my networks and all my friends”? What about my other information? I have no qualms with anyone knowing that I am married, but I should make a conscious decision about every bit of information and the access control to it. So should you, I think.

Similarly, do you want people to know to which groups you belong? If I were to look at all the groups of which you are a member, what could I learn about you? How would this help me market goods and services to you? Could this eventually be used to make decisions about you such as whether you are a good credit risk or the right kind of person for a job? Could it be used to remove you from a job?

You get to decide. I’m not trying to be Chicken Little and tell you that the sky is falling, but you need to actively think about what you are doing on these sites and how the explicit or implicit data you will be providing is going to be used, possibly together with other information.

Incidentally, this same advice applies to virtual worlds like Second Life. The groups to which you belong are visible to others. I’ve learned more that I wanted to know about certain people by casually looking at the collection of their groups. You might want to think about that if you wander into some inworld location that you don’t want discussed around the water cooler in the morning.

How long do you think it will take for there to be a program where I can type in someone’s real name or avatar name and pull up all sorts of data about them from social networking and virtual worlds? In the novel Snow Crash by Neal Stephenson, stringers are paid to endlessly collect all sorts of information and pump it into a huge online library. Royalties get paid at an increasing rate as the information is found to be more valuable. Is anyone watching you? Do you care?

What this means, I think, is that you really need to think twice about quickly signing up for networks, groups and applications in social networking sites without thinking through the implications. By all means, do join up for them if you conclude it’s within your comfort level. Do Twitter if you want people to see and possibly use that information. (If I watched your Twitter “tweets” for a week, what could I learn about you?)

If you were watching my Facebook information feed last week you would have seen a couple of entries along the lines of “Robert is getting nervous about Facebook and thinking about quitting” and “Robert is stripping back to a minimal Facebook configuration.” After a few weeks on Facebook I came to the conclusion that I was overextended group- and application-wise. I removed myself from most of my groups and deleted the majority of the applications I had installed. Since then I have carefully added some back in, and I have stared at and reset many of my privacy settings.

I think social networks like Facebook are quite valuable and can be kept within reasonable risk levels, but this does not come for free. You need to work at building up your network of “friends” but you also have to work at being particular about the details you expose. You need to understand that the information can be used in an aggregate. That is, while one little piece of data might seem harmless, what will it imply or allow when combined with all the rest of the pieces that are out there?

By all means use social networks, just use them with forethought and consideration.


12 Comments

  1. Bob,

    I’m totally struggling with this.

    I started using Facebook in August, and found it a really cool way to keep in touch with friends and colleagues. The problem stems from the definition of those two words.

    To me the word “friend” implies someone who I would have a conversation with, sit down for a beer or dinner, and generally enjoy interacting with. Those are people that I want to share my recent life events (wedding, honeymoon, etc.) with, and Facebook is an easy way to do so.

    It’s when it crosses from friend to acquaintance, or colleague, or, honestly, fanboy, that it gets complicated. I frankly -don’t- want to share that much of my life publicly — on edbrill.com, I can make decisions about what I write (for example, it was a total surprise to most of my readers that I got married two months ago…even people who I work with daily inside IBM). Now, I found a tool that helps expand the “connection” I have with my friends and colleagues… but at the risk of over-exposure to a broader world.

    I wrote this a few days after I started using Facebook: http://www.edbrill.com/ebrill/edbrill.nsf/dx/facebook-linkedin-and-me
    I intended it to be my “policy” on connections. LinkedIn is great for professional contacts… not so much on Facebook. Yet I keep getting friend requests from people I’ve never met or haven’t worked with or known in years (and lost touch for usually good reasons). I am really struggling with accepting them or not. Some are very persistent and won’t go away after being “ignored”. I have started using the “limited profile” setting but am not sure if that is enough. I don’t want to offend customers, so that is the area where I am most nervous.

    One of the funniest was the “friend” request I got from someone I had a job interview with ten years ago. At that time, he told me, “I’m at work to do a job. I’m not here to make friends.”

    The other struggle for me is how much of my “real” personality to let show on FB. I’ve noticed all sorts of wacky stuff on the profiles of people I work with. Talking about who got drunk (or worse) when where and with whom. Discussions about how to get dates, questions about religion or politics, and pictures of fun-but-not-professional things. Now, some of these are people that I’m friends with, but others are occasional contacts. I often think about whether I’m leading by example (my “business unit [b]executive[/b]” title creates certain perceptions/expectations amongst the Lotus community) or whether I’m having to meter my public persona.

    It will be interesting to see how these sites and experiments evolve.

  2. I am looking forward to seeing what Facebook means when they say “Sort out your friends: We’ll let you organize that long list of friends into groups so you can decide more specifically who sees what.” on their In The Works page. http://www.facebook.com/whatsnew.php

  3. Facebook and other social networks need easier tools for managing privacy. Fine print for privacy has its place, but I wonder about visual tools that easily show you “yourself” at anytime from other perspectives (a “network” perspective, group perspective, friend perspective, family perspective, etc.). LinkedIn doesn’t have quite as many “moving parts” as Facebook – but LinkedIn’s public profile editor provides a simple example of this. It gives you a visual of your public profile as you make privacy choices.

  4. I agree entirely. One thing I do not like about these networks is the amount of information they expose through peers. It’s totally out of one’s own control.

  5. I’ve avoided joining such sites for similar reasons. I remember declining an invitation to join Friendster because it seemed like a way for someone I do not know to make requests of me–in other words, a spam network. As unwanted marketing communications become more and more pervasive, you have to make extra effort to safeguard your personal information, lest it become fodder for even more spam.

    One thing I’d like to point out about it is that I might _consider_ joining Facebook if I could see what it is like beforehand. If it is very similar to MySpace, I know I wouldn’t be interested, but at least with MySpace, I could see enough of the site without joining to know I had no interest in it. So in that case, Facebook’s privacy protections make it *less desirable*. After all, you may resign your membership, but your information may stay on their servers for an extended time period.

  6. Perphaps using some virtual persona, can help reduce some of the risks.

  7. There was the long red state comment about defending the nation from terrorism on CNet from someone who posts pseudononymously. The irony or pathos of that is obvious.

    Sign your real name to everything you post. Refuse to publish anonymous contributions even if they favor your position. The rule is and always has been: you can’t cheat an honest man. If you are that afraid, don’t post. Avamnesia is cowardice mixed with greed, insecurity and a tincture of media psychosis.

    Facebook: so you need a web of kissin’ cousins as business contacts? It seems to me people are selling themselves rather cheaply to make other people wealthy enough to live in gated neighborhoods and to pay for reputation consultants.

    MAD Magazine was a conservative rag. ;-)

  8. “Perhaps using some virtual persona, can help reduce some of the risks.”

    Very much so – what I would like is an easy way of managing multiple personae across multiple platforms. Very little of my real-world information has leaked onto the Internet (although some has, almost inevitably). It is a shame that for many people, anonymity is associated with nefarious intent, when in many, if not most cases, it is purely a protective practice.

    In the real world, people habitually adopt many different personae, to the extent that they don’t know that they do it. One’s character at work can be very different to that at home or out with friends/buddies; attending a religious ceremony; visiting parents or grandparents (or indeed, children or grandchildren). Managing an on-line gaggle of different personae is unreasonably difficult.

    Some people actually need anonymity: not least, those in witness protection programmes; abused spouses and suchlike.

    N.N.

  9. Having an anonymous persona does not help people who want to network with others as themselves. If you look at my list of friends, most of those are people with whom I have worked over the last 10 or 15 years. If I had a fake name or they had fake names, how would we network using these services?

    I do agree that you can use a fake name if you want to participate in various groups etc. that are are not immediately tied back to your real identity. That said, over time technology will get better at connecting these dots, and a pointed investigation might turn up more than you like.

  10. Bob, I am with you entirely – I particularly like the SnowCrash reference, it sums up the situation pretty well – particularly now services(?) like Jigsaw exist. I do care who is watching me online and I’ve been researching what they are up to here .

    I define privacy as ‘who gets to know what about me, when”. I realised that I have been putting a lot of information about me on various public websites. Some of them have limited access with my permission and others don’t, yet I was putting this privacy at risk. I have been taking some steps to regain my online privacy.

    Step 1 was to define my online persona as a 3 tiered model: Private, Personal and Public and I gave each a name. As this is a Public forum, I am comfortable giving away my Public name – Gammydodger.

    Step 2 involved cataloging where my public and private information was currently available. You can find this here: Who is Gammydodger?

    Step 3 I deliberately created a public profile of me here: Too Much Information, I think this is what Facebook hopes that everyone will do on its site.

    If I am the publisher of information about me, then I am going to stand a better change of maintaining my own privacy. At the moment, what I am doing is not scalable, it would take someone a fair amount of time to do themselves. But watch this space for Steps 4 thru’ 10 – there’s a lot more to come.

  11. Bob,

    Very good analysis of social networks.
    Much like Ed (Brill), I also find myself contemplating when ever a friend asks me to approve our past/present/future friendship. The line between building your small network (might even say Ego) and some troubling privacy issues is very thin. Furthermore, I still haven’t figured out what Facebook is all about – is it LinkedIn for the younger generation (1990 and beyond), maybe MySpace in disguise. LinkedIn is about business networks, MySpace is about creating your personal Ego-page and attracting people to it – so where does that leave Facebook?

    I got a comment about my new picture the other day, from a close high school friend, who has deep (very deep) knowledge in network security, internet protocols and appreciates a good firewall. It caught me by surprise that he tracks Facebook so often, although, just like me, he has no idea what the benefits are. We both came to the conclusion that we do it (creating growing networks) because of our work, meaning – social network relates to our day-to-day responsibilities, and constitutes a part of our professional interest.

    We acknowledge the fact that social network is here to stay, and through our ‘personal’ experiences we evaluate the business applications, each in its own field.
    Much like the effect public IM (ICQ) had on corporate living (Ubiq/Lotus Sametime), we see a similar trend invading our workspace as we speak.

    What I’m trying to say actually is “I’m using my work as an excuse to grow my small Ego on social networks”. What’s your?

  12. Not exactly the right topic, but close enough. What is your opinion of parents requiring reporting services from worlds (social, games, etc.)? I blogged the topic because I happen to be building the reporting services up for an unrelated application but it occurs to me that this would be a feature that the world providers for children-targeted apps should have and advertise.

Comments are closed