Feb 6

Mike Loukides

Mike Loukides

Social Privacy

At Social Graph FOO, privacy was the proverbial elephant in the room. Its presence is widely acknowledged, and the OAuth and OpenID guys are doing what they can to make people aware of the problems that arise when people aren't allowed to manage their personal data effectively.

The problem takes many shapes, but here's the scariest: during Brad Fitzpatrick's talk Saturday morning, he mentioned that he had set up a "secret" alternative web presence; but he listed his gmail address in his profile, and people fairly quickly traced the new presence back to him. In side conversations, other attendees reported making similar mistakes: creating private sites for family photos that quickly leaked to the rest of the world, and so on. Now, on one hand, you can say "hey, he screwed up, what do you expect." If you're more insightful, you can say "this is complex stuff, and if someone as net-aware as Brad screwed up, what chance do my mother/father/grandfather have?"

But what this really means is that privacy, as the web is currently formulated, is inherently unstable. It isn't a matter of a screwup or a misconfiguration that presumably could have been avoided. The problem is really that you can't know, even to a reasonable degree of certainty, that you have made all the right choices, exposed only what you want and nothing else, and that those settings are going to be honored in the way you think they are. If you import your bookmarks from into, do the bookmarks marked "private" remain private? It looks like they do, which means I lucked out. (The "privacy" flag doesn't appear on the "details" page, but does appear on the "edit details" page. This doesn't leave me feeling confident.) In the web's current configuration, you can't know whether you have privacy, no matter how diligent you are: it's too easy to make a simple mistake. Furthermore, if an application's policies change, even in a reasonable way, you could easily find that your privacy has evaporated.

It sounds like we need an idiot's button on every web app's signup page that says "I want privacy." But that's too much to ask for--privacy isn't a simple problem that can be solved with a simple button. We want different degrees of privacy in different situations. We have different things that we want to expose to the public, for
different reasons. What's needed is the ability to control the data you expose, whether that's email addresses, photos with particular tags, web sites, locations, addresses, or names. The problem is that, in the current formulation of the web, you really don't control your own data: others control it for you, and the best you can do is influence what they do. They (Flickr, Facebook, MySpace, you name it) are making the decisions for you--and, even in the best of all possible worlds, you can't expect benevolent information dictators to make good decisions all the time. I don't believe the operators of these sites are evil or malicious; Facebook's Beacon faux pas strikes me more as a classic dumb mistake than as profiteering that backfired. But if you have only indirect control over the data you provide, if your data is owned and managed by the Facebooks and Flickrs of the world, dumb mistakes--both on the part of users who "should know better" and on the part of web applications that "should know better"--are going to happen. And we'll be lucky if the next dumb mistake is as blatant as Beacon.

The next big challenge for social networks is putting mechanisms in place to put users back in control of their data. That's not a complete solution--we'll still see misconfigurations, unwanted side effects, and poor decisions that could easily have been avoided--but it's a precondition. It's absolutely essential if the Web is going to move forward. That's where OAuth and OpenID have a huge role to play.

tags: web 2.0  | comments: 2   | Sphere It

Previous  |  Next

0 TrackBacks

TrackBack URL for this entry:

Comments: 2

  Carolyn Hodge [02.07.08 09:32 AM]

Anyone looking for examples of fine tuning control over your information should spend some time playing around with the privacy and publishing controls on Facebook. They did screw up with the Beacon launch (and in the interest of full disclosure, my company TRUSTe works with Facebook on privacy and issued model disclosures for their partners.) We review a lot of websites for user disclosures and controls; and as a Facebook user myself, this platform gives me an unprecedented control over the publication of my information. They could be taken even further for sure, and this is a unique space, but if all companies could introduce the kind of piece-by-piece control Facebook offers it would be a start. None of this replaces the ID work taking place, and we still have a long way to go.

  Chat O Leary [10.14.08 07:50 AM]

I think privacy is possible in some cases
but anyone can hardly find it sometimes.
Maybe other institutions are the reason why
privacy would become more and more available
in the future!

Post A Comment:

 (please be patient, comments may take awhile to post)

Type the characters you see in the picture above.