Privacy Value Networks

As mentioned in the previous post by Tristan, Facebook is facing all kinds of trouble at the moment. I’ve just deactivated my account, and will shift it to deleted in a few weeks (once I have the time to scrape off my contacts). As an early adopter of Facebook, this was a tough decision to make – it’s been a fantastic way to reconnect with old friends, make some new ones, and to share news, photos and ideas. But, recent events have made it obvious that the benefits no longer outweigh the costs. In particular, the shift to public ‘pages’ and the searchable status updates, alongside the recently announced ‘open social’ approach to sharing friends’ data with external web sites has made it almost impossible (in some cases actually impossible) to control the leakage of information across Internet sites that I as a user have not consented to give my information to.

As a user, there are a number of choices available to us when faced with these decisions. One is to just walk away, and leave a moribund account. The problem here is that information is still leaked. Option two is to delete information in the profile, and replace with either fake information or no information at all. This obviously has downsides for Facebook since much of their USP is the wealth of relatively accurate information available for marketing types. But, for users there’s a downside too – for us, the USP of Facebook was about connecting with people we had a connection to in ‘real life’ – so, once we attempt to achieve privacy through obfuscation or deception, the actual utility of the site is also reduced for us. So, it’s a loss-loss situation. That leave the final option – deletion or deactivation – the route I chose.

I’ve researched how people use Facebook (relatively) extensively (e.g. this paper) – and one of the core lessons from the more recent work is that it only works if people can protect their privacy via the site, rather than via their actions. When they don’t do it through the site (whether because it’s too complicated, or not possible, or they don’t trust the settings), then they’ll do it through their actions. In the cases I looked at, this was by engaging with the site in a more shallow way. But, if this isn’t feasible, then the only option left is to quit. The management of Facebook (in particular the CEO) seem to have forgotten that if our private spaces are made public, there’s really not much chance that we’ll ‘dance like there’s no-one looking’ – instead we’ll become self-conscious, awkward, and eventually sit down in a corner looking a little embarrassed. My version of that is retreating to a locked Twitter account…

Today is “Kill your Facebook Page” day. Pundits across the blogosphere are loudly criticising the social network giant. What is going on?

Last year, Facebook, under pressure from its users, introduced a new set of principles that included all sorts of good things like equality, ownership and freedom. But these principles have been thrown out of the window as Facebook has gone “rogue”, making previously-private data public in an attempt to monetise its users’ social graphs and self-declared preferences.

What now? Will Facebook cave in to pressure once again? So far they are alternating between arrogance and silence.

Meanwhile, demand grows for an alternative. While big companies such as Google offer little comfort for privacy-aware social network users, a group of undergraduate students have raised over US$100,000 based on little more than a flashy web site with some nascent plans for a decentralised OSN. While these ideas are nothing new, hopefully they will use some of their funds to develop a system that is usable by “silver surfers” as well as holders of Computer Science PhDs.

So maybe the market will decide. Perhaps Facebook has underestimated the costs of their users’ privacy and will suffer a loss in market share and business as a result. Or perhaps their users would actually prefer more of their data to be public, and the privacy-aware competitors will fall by the wayside. Either way, these social network site builders would no doubt have benefited from a privacy value network framework to help understand the costs of privacy.