Cites & Insights: Crawford at Large
ISSN 1534-0937
Libraries · Policy · Technology · Media


Selection from Cites & Insights 10, Number 8: July 2010


The Zeitgeist

One Facebook to Rule Them All?

I’m guessing most readers have (or had) Facebook accounts. I’m also guessing most readers have become at least vaguely aware of Facebook’s recent steps to encourage you to be more public—whether you’re interested or not.

It’s probably not as much of a debacle as Google’s buzzkill, even though it affects a lot more people. A cynic would say it’s just another reminder that whatever you do on the web is effectively public, and I think that’s simplistic. A realist might say it’s not at all surprising—and it should remind us that “semi-public” is a tricky thing.

When the early-2010 FB changes hit the fan, I rechecked my own privacy settings and changed whatever needed to be changed—but I’ve never included much in my profile, I’ve been fairly consistent in not Liking, Joining, using Apps, joining games or doing much else that would expose my email contacts or otherwise expand my circle, and I’m not everybody else (or anybody else).

This piece isn’t primarily my analysis of what FB did, what it means and where it might go. This is a Zeitgeist piece—notes from other people, some of them librarians, with comments along the way. It’s not all about the latest issue: The first segment includes relevant items that predate the latest brouhaha. I sometimes use FB as shorthand for Facebook and FF as shorthand for FriendFeed (not, in this case, Firefox). I’m aware that FB made changes for the better in late May/early June—see the last section of the essay. Those changes don’t negate the zeitgeist or, really, undo the damage.

Before the Fracas

I’m much more active on FriendFeed than on Facebook—indeed, I’m more active on FriendFeed than anywhere else online. That’s partly due to the Library Society of the World; it’s partly because FriendFeed’s threaded conversations and relatively small population suit my style.

Facebook purchased FriendFeed in August 2009. There was a near-immediate flood of FF messages from people who were sure FB was going to shut down FF and who wanted to find somewhere else to go. Some of them left FF. Robert Scoble, king of the deathwatchers, pronounced FF dead. So far, ten months later, FF continues to work just fine, with the added bonus that it hasn’t attracted so many new users that it’s become cumbersome.

Marshall Kirkpatrick wrote “Facebook Users: Here’s What FriendFeed Brings to the Family” on August 10, 2009 at ReadWriteWeb. He assumed FB and FF would “influence each other a lot.” So far, I think nearly all the influence has been in one direction: FF features showing up in FB. That’s all Kirkpatrick is talking about—five FF features he assumes will show up in FB:

·         He says FF is “very public. Everyones’ profiles and postings on the site are public…”—and assumed this would spread to FB. Except he’s wrong: you can have private feeds on FF, such that only people you specifically authorize can see your postings—and the profiles don’t amount to much anyway. He may be right about the FB implications—but he’s wrong on the facts.

·         He says FF has “in-depth conversations,” and there’s some truth to that, depending on your definition of in-depth. Two features of FF make that more likely: The way conversations are displayed—and the fact that any new comment in a conversation pops that conversation back to the top of the last-in/first-out stream. (A third is more mysterious but also interesting: You see comments and conversations from people you’re not following—as soon as somebody you are following adds to the conversation.)

·         I guess that parenthetical comment is the third item—”cross group interactions.” Here again, Kirkpatrick gets things fundamentally wrong when he says that in Facebook “you connect with people you already knew from real life.” Unless you define “knew” in the broadest possible sense, that’s not true for many of us—I’ve accepted dozens of Friend invitations from people I’ve never heard of, if they’re not obvious spammers and have some connection to librarianship. My wife’s primary involvement in FB is with a group of genealogical researchers, none of whom she’s met in real life.

·         “Multiple network aggregation”—the “lifestream” aspect of FF, since you can have it pull in content from other networks, including Twitter, blogs and others. (Here again, Kirkpatrick overstates—he assumes Twitter will turn off full access to FF immediately if not sooner, since Twitter “can’t be excited about giving their crown jewels to Facebook all the sudden.” Hasn’t happened yet, certainly not “this afternoon [or] tomorrow morning.”)

·         Real-time updates—which can be maddening in FF, and which I usually leave off (I run in “pause mode,” where the screen only refreshes if you want it to). The big difference: FF automatically updates your stream (if you’re not in pause mode), where FB is more likely to notify you of new messages.

Did FB move rapidly to incorporate FF goodies? Not so much, but to some extent. Am I surprised that the second commenter assumed FF would just be a pointer to FB? Not at all. Has FF disappeared, been crippled or turned into a pointer to FB? Absolutely not. It may be true that changes to FF have been fewer since the acquisition—and, given the nature of changes at FB, there are some of us who regard that as a very good thing.

How Facebook Ruins Friendships

Elizabeth Bernstein wrote this on August 25, 2009 at the Wall Street Journal—and it’s an interesting perspective. Here’s the start:

Notice to my friends: I love you all dearly.

But I don’t give a hoot that you are “having a busy Monday,” your child “took 30 minutes to brush his teeth,” your dog “just ate an ant trap” or you want to “save the piglets.” And I really, really don’t care which Addams Family member you most resemble. (I could have told you the answer before you took the quiz on Facebook.)

Here’s where you and I went wrong: We took our friendship online…

Bernstein notes that online networking has made people closer in some ways and has allowed people to get back in touch with long-lost friends (and enemies and stalkers…)—but online interactions can hurt real-life relationships.

Like many people, I’m experiencing Facebook Fatigue. I’m tired of loved ones—you know who you are—who claim they are too busy to pick up the phone, or even write a decent email, yet spend hours on social-media sites, uploading photos of their children or parties, forwarding inane quizzes, posting quirky, sometimes nonsensical one-liners or tweeting their latest whereabouts. (“Anyone know a good restaurant in Berlin?”)

She sees in FB statuses what I used to see in Twitter: Too much typing, too little interesting content. She checked her FB page and found that three “pals” had the same status update: “Zzzzz.” She thinks we’re chattering more and not saying much interesting—breaking the rule “Thou Shalt Not Bore Thy Friends.” One person labels the trend narcissism and finds it maddening. Others wonder why people feel compelled to post about the meal they just ate, or are eating, or want to eat, when they’d certainly never call friends on the phone to say “I just ate a Frito pie.” That’s not just FB, of course—it was the old knock on Twitter and I see more than enough FF messages (admittedly, mostly from Twitter) that seem equally…maybe narcissistic is the right word.

Bernstein also notes the TMI phenomenon, although she doesn’t use the phrase itself—e.g., it’s one thing to find out that an old friend or colleague has a sexual orientation you didn’t know about; it’s another to see the friend joining numerous unusual groups…or posting status updates when drunk and doing something regrettable. There are also issues of jealousy, taking longer to get over relationships, passive-aggressive behavior and more.

I know the feeling, although my own use of FB is so limited that it’s not a big deal for me. I’ve done an enormous amount of Hiding in FF (I really don’t care what you just heard on Pandora, what you’ve added to your Netflix queue, etc., etc.)—to the point where I get 15-20 “unseen” messages for every 30 that I see. Even so, there are cases where I ponder whether I should unfollow somebody—or, worse, block them, since that’s the only way to hide cases where your other friends Like the comments you’re tired of seeing.

The answer? Well, you could leave FB and all the other social networking sites—or, as Bernstein says, you could change your own conduct. Post when you have something to say—and respond to others only when they’re doing the same. Sure, you’ll still have to ignore huge quantities of boring or obnoxious stuff, but (for most of us) there’s enough benefit to social networking that this is a reasonable tradeoff.

It does make you realize, though, why some of the best stories involving telepathy view it as a horrible thing unless tightly focused: What if you really could pick up all the thoughts of people within a one-mile radius? Would you really want to?

The comments—251 of them—are, well, the comments. The very first one seems to be saying that the article itself is pointless and, at 1,378 words, far too long. One group (comment and replies) disagrees fundamentally, asserting that things like posting about the meal you just ate makes people “more real” and has changed the way we communicate for the better. Several people call Bernstein’s piece a “rant”—which isn’t the way it reads to me, but I also don’t find 1,400 words too long. Of course we’re informed that Bernstein doesn’t get it. And probably should leave FB, because trivia is the whole point of FB. I’m always impressed by people who take the time to add a comment saying an article is useless, with no other comment: I guess that boils down to “Damn, I’m important, so I have to say something here even though I have nothing to say.” There’s one that really blew me away: “If you think your friends’ posts are boring, they might not really be your friends.” How can you respond to something like that?

Nobody Goes There Anymore

You know the old joke: “That club’s too popular—nobody goes there anymore.” A couple of pieces, long before the current FB situation, made a similar claim about FB. Think of this section as a little humor.

Virginia Heffernan wrote “Facebook Exodus” on August 30, 2009 in the New York Times Magazine. Here’s the lead paragraph:

Things fall apart; the center cannot hold. Facebook, the online social grid, could not command loyalty forever. If you ask around, as I did, you’ll find quitters. One person shut down her account because she disliked how nosy it made her. Another thought the scene had turned desperate. A third feared stalkers. A fourth believed his privacy was compromised. A fifth disappeared without a word.

OMG! Five people left FB! Heffernan admits “the exodus is not evident from the site’s overall numbers” (ya’ think?) but says “a small but noticeable group are fleeing—some of them ostentatiously.” And, presumably, slamming the door on their way out. (Remember: This article was considered worth running in the New York Times Magazine—it should presumably be something other than pure filler. Or is that a mistake on my part?)

One FB user now “crusades against it” and agrees with his mother’s snap judgment, “Facebook is the devil.” We hear of waves of disillusionment with FB—not only doesn’t anybody go there now, they’ve stopped going several times already!

In an overwhelming flood of anecdata, Heffernan notes one friend who found FB a waste of time and another who left for reasons “he won’t discuss.” Some just stop going—you know, like the 94% of people who start blogs and give them up or, for that matter, the high percentage of Twitter “users” who never tweet. (Nobody blogs anymore either; that’s a different article.) A “prolific and eloquent Facebook updater” now prefers Twitter and says Facebook feels dead.

Is Facebook doomed to someday become an online ghost town, run by zombie users who never update their pages and packs of marketers picking at the corpses of social circles they once hoped to exploit? Sad, if so. Though maybe fated, like the demise of a college clique.

It’s all over—FB goes on the deathwatch. I think Heffernan came up with five people who left—except one of them hasn’t, really. I’m convinced: Turn out the lights, switch off the servers, the party’s over.

Comments amusing as ever—including “John” who wrote a 362-word comment on why “these models” (FB and its ilk) “offer nothing of any real value” and that he’s said “a thousand times” FB will shrink.

At which point I almost feel the need to say: I stopped using Twitter and deleted my account. Therefore Twitter is dead and everybody’s stopped using it. Right? Oh, and I did that more than a year ago, so Twitter’s ancient history. Right? And I bet I can find five other people who also stopped tweeting—can I get an article published about that and be paid NYT wordrates?

Chiming in from The Atlantic, Benjamin F. Carlson offered “Quitting Social Media” on August 31, 2009. He points to the Heffernan piece and a claim by business analysts that Twitter is “about to hit a wall” (because teens don’t use it as much as older users). To be fair, Carlson’s looking at the whole picture. To Heffernan’s claim, he counters that social media growth is surging (citing a venture capitalist); to the claim that FB is a “worthless professional tool” he counters Clive Thompson’s odd claim that social networking and the need for brevity is ushering in a golden age of literacy, teaching “young people to deploy haiku-like concision.” Haiku-like? ROFLMAO! He quotes Geoff Cook in the Washington Post:

The question of “Why Don’t Teens Use Twitter?” is the question of “Why Doesn’t Everyone Use Twitter?” The answer, it would seem, is both obvious and heretical: maybe Twitter isn’t for everyone.

Sure, that’s Twitter, not FB—but it may be the same message. To which I’d add: And sometimes you find out that a social network that used to make sense for you no longer does. That’s you—people (should) change; it’s not (inherently) the network.

Jumping forward a bit, here’s Russell Smith on Wednesday, January 27, 2010, offering “Social-media suicide” at The Globe and Mail—with the teaser “I’m joining Facebook just as the cool kids are leaving.” He’s joining FB because he’s been missing invitations and announcements that only show up on FB:

Cutting yourself off from this dominant communication system is like living in the country and demanding that all your friends go out of their way to visit you. Not participating in mindless online social networks now is like not having a telephone 20 years ago.

There is a word in that last sentence that should clue you in to Smith not being entirely happy about joining FB, but he’s mostly talking about the countertrend: he’s joining “just as it becomes trendy to announce that one is leaving social networking behind. Yes, that’s what all the cool kids are doing: They are killing off their virtual personas.” He says the trend is called online suicide. The rest of the column is about sites that offer to remove all of your social-network accounts—and steps taken by FB to prevent those sites from working. Not that any of this matters. His close:

How this legal tiff is resolved is not in the least important to Facebook, or even to the purpose of the websites that called for the annihilation of the online social persona. They have made their point, and made people think about social networking in a new way. Their agitprop function has been accomplished. They’ll probably move on to another subject in no time. On a more basic level, Facebook had won this from the beginning: It’s still so powerful that poor resistant saps like me have to buckle under and subscribe, just to feel a part of the world.

Lovely.

Facebook—just HOW rude and patronising can you get?

A short but pungent note from Phil Bradley at his eponymous blog on October 25, 2009. He noticed something over at the top right. Under the “Suggested Friends” heading was one case where Person X and Bradley have four mutual friends, and FB suggested adding X as a friend. But the second one, for Person Y, is the killer: “She only has 14 friends. Suggest Friends for her.”

Bradley’s restrained and low-key about this:

WTF do you think you’re playing at Facebook? It’s not up to you to comment on the number of friends that someone has or has not got - and if this person just wants 14 friends maybe that’s all that she wants? That Facebook should be making the point that I or anyone should suggest friends for her is rude and arrogant in the extreme. That attitude that someone is ‘less’ than anyone else because of the friends that they have or don’t have is something I wouldn’t expect to see out of a primary school, and I certainly don’t expect to see it on a social networking site. “Poor so-and-so, she’s only got 14 friends you know” is a disgusting and patronising way to treat your users. I would really suggest rethinking your approach here.

With one exception, commenters all agreed. The exception suggested that FB’s thing was “a very sweet gesture” and ended their comment with four exclamation points, which may say it all. One or two cited an odd feature that occasionally notes that you haven’t talked to someone in a while and suggests that you do so—really?

Facebook and Twitter Will Always Be Crappy Businesses

Not directly relevant, but we need a break here and there: Bo Peabody’s long-for-a-post piece on February 1, 2010 at Business Insider. He explains why (in his expert opinion as a venture capitalist) FB, Twitter and any social networking business are doomed to be “crappy businesses”—unlike “content networks.”

Why? Because advertisers are risk-averse and tightly controlled content networks can be much less “risky” than social networks. He calls social networks dangerous places for advertisers—and, as we all know, the only source of revenue for anything online is advertising. Right?

To create a compelling and safe environment for an advertiser requires that content be controlled and organized so that the advertisement itself can be targeted properly and, perhaps more importantly, so there is no chance that the brand being advertised will be associated with something it did not intend to associate with. There is very little control or organization on social networks; I can post whatever I want whenever I want, whether a written word, a spoken word, a picture, or a video. Only the most rudimentary restrictions apply to what content can be posted on a social network and even those are flouted all the time. This presents two problems for advertisers. First, it’s impossible to target an ad properly because it’s impossible to know with any specificity or certainty what content is on a social network. I could be talking about health one moment and NASCAR the next, or about Dale Earnhardt Junior’s health. Second, the content is amateurish at best and offensive at worst. There is no way a brand can be sure it’s going to be associated with content that is consistent with the message it wants to send to its audience.

There’s a lot more—for example, Peabody’s assertion that people use the web either to find information or to find people, which seems a little narrow. What you may need to know is an item in Peabody’s vita: He was the founder of Tripod (and some “content” sites). Tripod never established a real business model. Therefore, nothing that looks a little (a very little) like Tripod can possibly do so. Sounds right to me. Heck, Orkut was a failure in the U.S., therefore Facebook is a failure—after all, if Google can’t do it, nobody can. Right?

Getting There

The big changes in FB started in November-December 2009, although the full furor didn’t arise until April 2010. Kevin Bankston wrote “Facebook’s New Privacy Changes: The Good, The Bad, and the Ugly” on December 9, 2009 at EFF’s Deeplinks blog. The set of changes at that point were intended to simplify Facebook’s settings and “give you more control of your information”—or were they?

These new “privacy” changes are clearly intended to push Facebook users to publicly share even more information than before. Even worse, the changes will actually reduce the amount of control that users have over some of their personal data.

What EFF thought good in the changes: A reduction in the overall number of settings (and elimination of regional networks); per-post privacy settings; “forcing” users to pay attention to privacy settings. (Really?)

The bad: FB’s recommended settings were far too public. Before, there was no “everyone” setting.

Facebook will justify the new push for more sharing with everyone by pointing to the new per-post privacy options—if you don’t want to share a particular piece of content with everyone, Facebook will argue, then just set the privacy level for that piece of content to something else. But we think the much safer option is to do the reverse: set your general privacy default to a more restrictive level, like “Only Friends,” and then set the per-post privacy to “Everyone” for those particular things that you’re sure you want to share with the world.

The ugly? Here’s the boldface subhead and first paragraph:

Information That You Used to Control Is Now Treated as “Publicly Available,” and You Can’t Opt Out of The “Sharing” of Your Information with Facebook Apps

Looking even closer at the new Facebook privacy changes, things get downright ugly when it comes to controlling who gets to see personal information such as your list of friends. Under the new regime, Facebook treats that information — along with your name, profile picture, current city, gender, networks, and the pages that you are a “fan” of—as “publicly available information” or “PAI.” Before, users were allowed to restrict access to much of that information. Now, however, those privacy options have been eliminated. For example, although you used to have the ability to prevent everyone but your friends from seeing your friends list, that old privacy setting…has now been removed completely from the privacy settings page.

There’s quite a bit more in the “ugly” section. Bankston says “we at EFF are worried that today’s changes will lead to Facebook users publishing to the world much more information about themselves than they ever intended.”

Is it possible to opt out of social networking?

“Jono at Mozilla Labs” (Jono DiCarlo) asked that question on February 6, 2010 at Not the User’s Fault. DiCarlo had chosen not to participate in FB, not being much for social networks in general. Coworkers told him he ought to at least try “the modern Facebook” (he’d used it in university-only days). I’m quoting much of this because it’s instructive—and I think you forget the initial shock shortly after you’ve started using FB:

So I went to Facebook and started creating an account. I entered my first and last name and email address, and Facebook showed me a page saying “We think these people might be your friends”. There were several dozen people there who I actually know, mixed in with several dozen who I don’t.

Wait a minute, How does Facebook know who my friends are?? Remember, I hadn’t told them anything except an email address at this point. I was disturbed by how much they knew about me. More than disturbed. I was freaked out.

Where did this information come from? From the old account that I deleted? Unlikely. I believe it came from my friends importing their email contacts into Facebook. My email address was in their contact lists, so Facebook looked it up in their database and, not finding me, stored a sort of “dangling pointer”. This pointer laid dormant until I entered a matching email address, at which point it sprang into action…

The part that disturbs me about all this is that Facebook had my email address in their database, without my knowledge or consent, despite my decision not to use their service.

And they had a lot more than my email address. They had pictures of me, uploaded by my friends and tagged with my name. They knew who my friends were. They knew what my friends liked. They knew more or less how I would fit into their social network. If they wanted to, they could deduce a lot of information about the person behind the email address. It would have been fairly trivial for them to figure out what school I went to, about how old I am, what political activities I have been involved in, and what advertisers would be most interested in reaching my demographic.

My friends did not ask my permission before giving Facebook all this information about me. Why would they? There is no UI warning, no legal terms, no moral or cultural expectation that they should do so. They just typed in their own email password and clicked “Find Friends”.

Facebook makes money through targeted advertising. They profit from the detailed information that they extract from their extensive social network database. I was part of that database despite my choice not to participate. It’s not too much of a stretch to say that they have been profiting off of me, without my knowledge or consent, using information about me that was given away by my friends, again without my knowledge or consent.

DiCarlo doesn’t target FB specifically; he thinks what they’re doing is “pretty much standard practice in the industry”—but FB is the biggest player.

I want to be able to choose what information about myself I make available on the Internet. I want to be able to control how that information is used. And if I make a choice not to participate in an organization or do business with a company, then I don’t want that organization or company storing information about me.

There are 47 comments. One person thinks he’s overreacting because there’s lots of information already out there on the web—”What Facebook did was merely cross reference it, organize it, and make it easily accessible.” This person says transparency is good, approvingly quotes Eric Schmidt’s obnoxious “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”—then signs off anonymously. (Several others disagree or at least say that reality’s a little more complex than that.) One person goes so far as to say that no information entered into a web browser, even in SSL mode, is private—a startling claim. Another person, signing a full name and admitting to have not read the article, comes up with a truly bizarre confusion of the real world and an online world in which you’re intimately connected with 400 million other people:

Isn’t it a fact, that your friends talk about you without you knowing that they talk about you!? How drunk you were last night. How bad you danced. And that they tried to hook you up with a nice girl and you blew it by talking about how MSFT of today is the IBM of the 80s!

This is life.

Others seem to follow the same lines: Because your friends may say things about you that you’d rather they not say, it’s OK—and no different—for a social network to spread stuff about you. One commenter had a great indirect response to this:

It’s a little absurd to say, ‘the information was always available; there’s really no difference because it’s more easily available.’ First, disparaging the value of accessibility and discoverability is a little odd for software developers. Second, it ignores the value of technology; it’s like saying:

“You could always travel NY to Los Angeles; the fact that you once had to do it by horse and now can do it by plane, really hasn’t changed anything.” But it has.

The Man Who Looked Into Facebook’s Soul

Another Marshall Kirkpatrick article at ReadWriteWeb, posted February 8, 2010. Pete Warden, who used to work at Apple, had been crawling public profile pages on FB and uploading “100GB of user data” onto his server to make it available for academic research. While he’s removed profile URLs, he’s kept “names, locations, Fan page lists and partial Friends lists.” All available for any academic to mine at will…because Warden is “fascinated by how we can build tools to understand our world and connect people based on all the data we’re just littering the Internet with.”

My first thought: How does Warden assure that only academic researchers will have access to this data, replete as it is with names and addresses? (The article doesn’t address that…after all, it’s RWW, so the ooh, shiny of bigger and better social graph analysis is the main focus.) I do see that he’s not just giving it away—he’s focused on “working on ways of presenting all this information in a form that answers questions for people willing to pay.”

Is there an issue? Well, these are public profiles. Do people assume “public” means not only that anybody can see them…but that they will be aggregated and cross-referenced at will? Probably not, and maybe they should. Does it matter? As it turns out, not in this case—and maybe not for the right reasons.

Why not? Because the dataset’s gone, according to an April 5, 2010 post by Pete Warden at PeteSearch: “How I got sued by Facebook.” He summarizes his project, notes steps he took to publicize it—and the result: a cell-phone call from a Facebook attorney. Even though Warden had followed robots.txt instructions, FB apparently contended they could still sue you for crawling the site. The attorney demanded—and got—assurance that Warden would not publish the data. Warden was required to destroy the dataset. The final paragraph:

I’m just glad that the whole process is over. I’m bummed that Facebook are taking a legal position that would cripple the web if it was adopted (how many people would Google need to hire to write letters to every single website they crawled?), and a bit frustrated that people don’t understand that the data I was planning to release is already in the hands of lots of commercial marketing firms, but mostly I’m just looking forward to leaving the massive distraction of a legal threat behind and getting on with building my startup. I really appreciate everyone’s support, stay tuned for my next project!

It’s never that simple. A comment says that FB has a clearly-posted Acceptable Use Policy that forbids scraping, and what Warden was doing was an awful lot like scraping.

Dear Facebook, I Would Like My Illusion* of Privacy Back, K, Thanks

That’s Bobbi L. Newman on February 11, 2010 at Librarian by Day. She’s commenting on an update that removed users’ ability to turn off a recent activity feed:

Now everything you do posts to your wall and the news feed. You can not opt out. If you don’t like it Facebook says you’re welcome to use the “Remove” button.

Great except there is no “remove” button on any mobile version of Facebook and it’s a pain in the you-know-what to delete all of my activity every time I’m active on Facebook.

I suspect Newman is fairly typical in some ways: She grumbles every time FB makes an “improvement” (her appropriate scare quotes) but “I adjust pretty quickly and move on”—but not this time. FB changed to using the privacy of the content in general, not a specific piece. “Yeah great, but WHY?... What possible benefit am I missing to removing my option to check a little box that allows me the illusion of privacy?”

That asterisk in the title? The last paragraph, in italics:

*yes I know that just by having a Facebook page I don’t really have any privacy, but the ability to hide my recent activity makes me feel all warm and fuzzy inside.

The Storm

Kurt Opsahl explains it on April 19, 2010 at EFF’s Deeplinks: “Facebook Further Reduces Your Control Over Personal Information.” Opsahl cites one early version of FB’s privacy policy: “No personal information that you submit to Facebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings.”

How times have changed.

Today, Facebook removed its users’ ability to control who can see their own interests and personal information. Certain parts of users’ profiles, “including your current city, hometown, education and work, and likes and interests” will now be transformed into “connections,” meaning that they will be shared publicly. If you don’t want these parts of your profile to be made public, your only option is to delete them.

So you include “cooking” as an interest on your profile? Well, now, there’s a new Cooking page—that lists you and everybody else including cooking as an interest. Harmless enough, to be sure… “Of course, the new program will also create public lists for controversial issues, such as an interest in abortion rights, gay marriage, marijuana, tea parties and so on.”

Opsahl finds that the change benefits Facebook and business partners—but probably not users. After the December “privacy degradations” resulted in lots of outrage, FB came partway back..and might do so again, if enough people complain. (In an update, Opsahl clarifies that the problem with the new feature is not that you can’t opt-out—it’s that you can only opt-out by removing the interest from your profile entirely. Facebook Pages you connect to are public, period.)

By this time, people were getting concerned: FB seemed to be opening things they thought were closed and turning opt-in into opt-out.

To leave…or not to leave

Dan Yoder at rocket.ly posted “Top Ten Reasons You Should Quit Facebook” on April 26, 2010 and “Why You Should Still Quit Facebook” on May 5, 2010. rocket.ly isn’t an enormously high-profile—but that first post struck a nerve. Yoder says he’s decided to delete his FB account and would like to encourage others to do the same—because he thinks FB is unethical and he’d like his own social network to migrate away from it. (He links to an April 23, 2010 on the European version of TechCrunch claiming Google engineers are leaving FB “in droves”—said droves apparently adding up to ten people.) His ten reasons without his commentary minus #9 (because it’s potentially slanderous):

10. Facebook’s Terms Of Service are completely one-sided.

8. Facebook has flat out declared war on privacy.

7. Facebook is pulling a classic bait-and-switch. (Telling developers how to access your data with new APIs, but being quiet about explaining the implications.)

6. Facebook is a bully. (They sued, or threatened to sue, Pete Warden—see earlier.)

5. Even your private data is shared with applications.

4. Facebook is not technically competent enough to be trusted.

3. Facebook makes it incredibly difficult to truly delete your account.

2. Facebook doesn’t (really) support the Open Web.

1. The Facebook application itself sucks.

I won’t try to go through 249 comments… Yoder says he was overwhelmed by the response to that post. The followup responds to some common objections to his stance and some of those responses resonate with my pseudo-librarian soul. For example, the first objection and part of his response:

What’s the big deal? I don’t care if someone has access to my photos or status updates.

Tens of millions of people provided personal information to Facebook with the understanding that this information was being shared only within their social network. Then Facebook changed the rules and this information was unexpectedly shared with perfect strangers. That is, simply stated, a profound invasion of privacy…

Consider the example of the government tapping your phones. You conduct phone conversations thinking that they’re just between you and the person you’re speaking with. The government can’t tap your phone and listen in on the conversation without a warrant. This is because your privacy is a right protected by law.

Now take this example a step further, and suppose your cell phone provider one day sends you an updated privacy policy that states that they can tap your phone any time they want. Would you still use their service? Of course not! And, in fact, they won’t do this because it’s actually against the law for them to do so…

I haven’t even touched on the various reasons people might want to keep these conversations private. They range from the profound, like avoiding workplace discrimination or protecting political dissidents, to the banal, like cheating on your wife or avoiding an abusive husband. But it really doesn’t matter. It is not for any of us to decide on behalf of someone else what information should be considered private.

Most people just want control over what they’re sharing and with whom…

Of several other objections, the most difficult (and the reason I’m still on FB) is this:

I’d leave except that I have too many family and friends still on there.

This is a tough one. I wrote my original post for exactly this reason—to try and convince them to leave. I felt that by continuing to use Facebook, I was passively endorsing it.

This one, not surprisingly, drew fewer comments (but 40 is still quite a few by my standards!).

David Lee King posted “10 Reasons to NOT Quit Facebook” at his eponymous blog on May 4, 2010. He’s focusing on organizational Facebook pages, and isn’t sure deleting your library’s Profile or Page is a good idea. (Neither am I: almost none of the privacy-and-control issues for individuals apply to libraries and organizations at all, and Yoder said nothing about organizations dropping out.) In a way, King’s response is orthogonal to the original, but here are his ten reasons (again, without expansion):

Your customers are using Facebook. Your community is on Facebook. Did I mention free marketing? Teach proper privacy protocols. Answer questions. Friend your customers. Say hi to your mom. Don’t stop with your Mom—connect with friends and colleagues too. Start conversations. Use Facebook tools to tell Facebook what you think.

Setting aside the unfortunate use of “customers” for patrons, the fourth and fifth suggestions (Teach proper privacy protocols and answer questions) are worthwhile but have nothing to do with whether you, as a person, should be on FB. (As for #4, the options seem to change so fast that it would be difficult for any but the biggest libraries to keep up with them.) Otherwise…well, these basically amount to “it doesn’t matter how bad it is, it’s popular, so you should use it.” It’s also true that you can’t have an organizational page without a personal account—but that account could be a dummy account that has no real personal info but only exists to support the page.

Stephen Abram weighed in with “The Great Privacy Contradiction” on May 7, 2010 at Stephen’s Lighthouse. He seems to think Dan Yoder might have been writing tongue-in-cheek (really?), cites King’s post and says “It’d be humourous if it wasn’t so sad in the extension of a problem into a B&W choice instead of a more nuanced solution.” Then it gets strange. Abram seems to think that any “information professionals” should always be entirely up-to-date on how Facebook’s settings work, which is a damn tall order for people with day jobs. And he says this:

It seems to me that publicly advocating exiting Facebook and giving up on learning (and keeping up to date with) the ability to manage and control your settings is admitting publicly that your skills as an information professional are inadequate.

First, the cited post that advocates leaving FB is not from a library person or “information professional.” Second, there’s a gulf between saying “I don’t know how to manage my settings” and “I think FB’s become a bad thing and I’m leaving.” I don’t remember any librarian saying the first, and it’s insulting to suggest that leaving FB is an implicit admission of failure. (Abram posted another related item on May 31, 2010; I responded at length in a June 1, 2010 Walt at Random post.)

Then Abram goes into reminiscences of when colleagues said they would never get a fax (which some of us never did), never use voicemail, never get an email account… and says he can name “some ‘big’ library names who declared in writing that the web or blogging were short term fads and would have no relevance to the future of librarianship.” I would love to see Abram’s list of “big” library names who called the web a short-term fad with no relevance to the future of librarianship! (As for blogging…well, I’m not among that number, but to some extent it was a short-term fad as a fad or Shiny New Thing.) The following sentence is even more amusing: “I doubt that they fully realized how that made them appear to others including potential employers who might be looking to fill positions or to current employers who might be looking for whom to cull.” I hate to say this, but the only “big” library name I’m aware of who dismissed blogging as pointless was already a library director and in his final professional post. It may have been a stupid thing to say, but it sure didn’t cost him his job.

Here’s the last paragraph:

I suspect some folks will be annoyed by this post but I felt the need to say what most are too polite to tell people to their faces when they declare their lack of facility with the newer social and information tools.

Yes, Stephen, I’m annoyed by that post—but not at all for the reasons you cite. A decision to stop using FB is not a “lack of facility”; it’s a decision quite possibly based on serious thought. And no, even if I was an active library professional, I reject the notion that I must learn every single social service (Gowalla? Foursquare?) in order to be a professional—and the notion that most people go to librarians to ask about Facebook, for that matter. (I looked up Gowalla. It’s a game of sorts, with around 150,000 users. Really? All library professionals are required to be users of, and expert in, games with a large handful of users?)

Nancy Baym offered an interesting perspective on “Why, despite myself, I am not leaving Facebook. Yet.” in a May 13, 2010 post at online fandom. She responds to “criticisms of criticism” of FB that she’s hearing. Some of them, with summaries of Baym’s response:

(1) Twitter’s public, where’s the rage against Twitter?

When you sign up for Twitter, there’s one big choice—public or private? The difference: FB changed the rules for existing users. “Regularly. Repeatedly. And every time they did it required more research to understand what they’d done and more unclicking to preserve the premises they’d offered when I signed up.”

(2) If you think it’s so evil, just leave.

She’s thinking about it—but she still gets real value from FB. And it’s a copout: People provide FB with value by building networks; telling them “if you don’t like it, leave” is not an answer.

(3) Facebook needs to make money.

She agrees but hasn’t been convinced that this is the best (or a necessary) way to do that.

(4) If you don’t want it shared, don’t share it.

A complex response involving marginalized groups, but the statement “completely misses the point. “The willingness to disclose all our data to marketers should not be required to socialize.”

So far, she’s “fighting the system from within”—blocking ads, removing most connections, wiping out most profile info, locking down settings. But she thinks it’s wrong for her to be a “subversive user” and concludes:

What I want is a Facebook that is premised on a belief that first and foremost human relationships are valuable and sacred, not the ground on which money trees grow, but that if the value of relationships is genuinely nurtured, there will be ways to earn money.

I want a Facebook that really believes that people have a right to select how their information will be shared, instead of a belief that they’re too dumb to figure it out if the settings are too confusing so it’s okay to dupe them.

I want a Facebook that can find creative ways to make a profit using the rules they originally set for their own game.

I want an ethical Facebook.

That shouldn’t be too much to ask.

I’ll admit my surprise that neither King nor Abram even mentioned ethical issues.

Biomedicine on Display, the blog of the Medical Museion at the University of Copenhagen, had a pithy post on May 16, 2010: “Facebook—just another uncool site.” Yes, the institution is on FB, “Not because we love it, but because we follow the siren calls of other museums that believe they need this part of the social media spectrum to be visible online.” The person writing the post hates FB, both for the way they treat customers and for their business idea, “to commercialise the need of human social interaction.” But the title may say it all: As things get worse, FB may lose “its former reputation as a hip online social medium” and turn into “just another MySpace.”

CW at Ruminations (an Australian librarian) wrote “No more Facebook for me” on May 16, 2010. She deleted her FB account that morning; she couldn’t see any reason to stay any longer. So she looked through profiles for the people she really knew among her FB “friends,” wrote info down where she found it…and dropped out.

The thing that struck me most while looking over the friends list was that I have been connecting with most of my FB friends in other ways—either using online methods including other social media like Twitter and Flickr, my blog, or email, or in realtime, using the good old face-to-face method. I found that those FB friends I didn’t connect with much on FB, I don’t connect with elsewhere either. So even though I’ve written down their email addresses, I don’t know if I will be emailing them much anyway. Many of my FB friends would fall into the “acquaintances” category, but I know where they work or have their contact details already, so I didn’t bother to go and collect that information again.

Excluding my family and maybe four others, I could say the same. Others would lose a significant social network; for them, the problem is different.

Other Perspectives and Problems

Some people left—probably not many. Other people joined—and I’m nearly certain most of those people didn’t take the time to explore the ramifications of FB privacy choices. That’s not unusual.

Maybe it’s worth going back to a January 9, 2010 Kirkpatrick item at ReadWriteWeb to gain background: “Facebook’s Zuckerberg Says The Age of Privacy is Over.” Zuckerberg was talking with Michael Arrington of TechCrunch:

When I got started in my dorm room at Harvard, the question a lot of people asked was ‘why would I want to put any information on the Internet at all? Why would I want to have a website?’

And then in the last 5 or 6 years, blogging has taken off in a huge way and all these different services that have people sharing all this information. People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.

We view it as our role in the system to constantly be innovating and be updating what our system is to reflect what the current social norms are.

A lot of companies would be trapped by the conventions and their legacies of what they’ve built, doing a privacy change—doing a privacy change for 350 million users is not the kind of thing that a lot of companies would do. But we viewed that as a really important thing, to always keep a beginner’s mind and what would we do if we were starting the company now and we decided that these would be the social norms now and we just went for it.

As the article notes, this is a radical change from FB’s original assurances—and as recently as 2008, Zuckerberg was quoted as saying privacy control is “the vector around which Facebook operates.” Kirkpatrick doesn’t buy the explanation and calls it “arrogant and condescending.” It is certainly absurd to suggest that blogging means people don’t care about privacy. (Apparently, another FB executive says privacy doesn’t much matter anymore…because of, among other things, the rise of reality TV. So because there are more exhibitionists, we’re all exhibitionists now?)

It turns out there’s more to the situation than Zuckerberg’s changing attitudes and FB’s ever-changing settings. In May 2010, Facebook confirmed that it has sent usernames of FB members to its advertising partners—a direct violation of its current privacy policy. Oh, it was a mistake, and it’s been fixed, but it hardly gives anyone reason to trust FB. EFF thought this was a serious violation—that when you say “We don’t share your information with advertisers. Our targeting is anonymous. We don’t identify or share names. Period.” you really shouldn’t pass names on to advertisers. Really. If you want a reasonably clear explanation of what this was all about, read “Understanding the latest Facebook privacy train wreck,” an article by Peter Bright at Ars Technica. Bright calls it “reckless behavior” and thinks it’s distressing: “Privacy is about more than having a bunch of checkboxes you can tick: it needs to be considered for every piece of development, or else these accidental problems will continue to arise.” (The content stream is fascinating, including the question of whether “accidental” is the right word.)

Concerned About Facebook? You’re Probably Getting Old

The middle-finger salute for this essay has to go to this piece by Mike Melanson on May 11, 2010 at ReadWriteWeb. His case? “YouGov BrandIndex,” a company that measures “consumer perception” (even Melanson finds scare quotes necessary for that), says the “buzz score” for Facebook is falling (slowly) among adults 35+ and rising—rapidly—among adults 18-34.

This is serious science here: BrandIndex asks “If you’ve heard anything about the brand in the last two weeks, was it positive or negative?” and lets you choose a score between +100 and -100. It adds all the points to get an overall “buzz.” Among us doddering old fogies 35 and up, the buzz dropped from 26.7 on March 24 to 21.2 on May 7…while it jumped from 32.8 to 44.8 for the young punks.

Melanson pontificates about possible reasons for this disparity, concluding:

Either way, it seems that Facebook continues to be a dividing line in the debate over online privacy and the battle is drawn among generations.

I have a different conclusion: It’s bullshit. The question asked doesn’t say diddly-squat about the respondent’s own attitudes toward the product—only about what they’ve heard. Second, “being concerned” is not the same as liking or disliking. Third, after reading YouGov’s own FAQ, I would question its general applicability in any case.

I won’t comment on the notion that being over 34 is “getting old.” Technically, it’s true; everybody is getting old, since the alternative is death.

One commenter felt obliged to offer this almost-certainly-false comment: “The fact is that younger people care much less about their privacy, since they are much more used to their lives being public through social media.” That’s not a fact, it’s gengen—and quite probably false gengen. I’d bet (even if Pew Internet seems to agree) that today’s aware younger people (many people of any age don’t pay much attention) do care about privacy. (The very next comment, albeit anecdata, is from a 20-year-old who says 90% of their friends don’t use FB that much or have any personal info left on it.)

Adding a Little Nuance

I’m devoting a separate section to comments from danah boyd because she’s had a lot of worthwhile things to say on this cluster of topics. But I thought I’d do something I never do: Quote from notes on a conference speech and assume the notes actually represent the speaker’s thoughts. The notes on boyd’s speech are by Bora Zivkovic (who writes carefully and thoughtfully) and appeared in “Public vs. Publicized: Future of the Web at WWW2010,” posted May 10, 2010 at Science in the Triangle. I love the first point he cites—that people are harvesting information from social networks, running it through mathematical models…and then assuming too much about the meaningfulness of the results. (I quietly say “Go danah! I’ll keep lowercasing your name if you keep saying things that sensible!”) But here’s the key:

There is a difference between Public and Publicized. If you put something online with a hope it will go viral and be seen by as many strangers as possible, you have done broadcasting – what you did was Publicizing. But if you put something online with an unspoken understanding that it is targeted at a relatively limited number of people, usually personal friends (on Facebook) or regular readership (on blogs and Twitter), that is only Public, not Publicized. Taking that kind of stuff posted online by someone and spreading it to a much wider audience of strangers (or using that data for ‘scientific research’) is a violation of privacy. It is at best unthinking and tone-deaf, at worst unethical.

That’s what Facebook did with the change in settings and passthrough—take “public” information and make it Publicized.

Andrew Burkhardt at Information Tyrannosaur offers “An Illusion of Privacy (The Facebook Debate)” on May 16, 2010. He cites three perspectives—Robert Scoble’s wish for Facebook to be more open; danah boyd’s belief that people are angry, confused and feel trapped; and Ben Parr’s “In Defense of Facebook” at Mashable, whose sophisticated argument boils down to “hey, once it’s on the web, it’s public anyway.” Nuance? Not here! Parr has climbed on the “Privacy is dead” dumbwagon, where everything is Black or White, with nothing in between. I imagine he would read the quoted paragraph above and say it has no content.

Where does Burkhardt come down? The title is telling—as are his three lessons. “Privacy is the responsibility of the user”—but he boils that down to “Privacy online is an illusion.” “Social media is public sharing of information”—again, the Parr simplification: there are no walls, public sharing is the new norm. He puts it oddly, saying FB wants to “allow people to share more across the web”—as though the problem is that people were unable to do the sharing they’re all so anxious to do. Really? Finally—and this should come first and foremost, “People use social media for different purposes.” But Burkhardt’s earlier comments essentially say that only Scoble-style purposes are legitimate; that it’s OK for the tools to betray other purposes. So, basically, Burkhardt thinks we should accept that privacy is dead and advise people to behave appropriately. Because information can be shared anywhere, it’s apparently ethical and appropriate to encourage that sharing despite the wishes of the originator.

David Lee King also seems to boil things down to black and white in “Facebook and Privacy—is this REALLY a big deal” (May 17, 2010). He says FB should have told people what was happening and made it opt-in, not opt-out—but that’s 49 words, followed by 609 words essentially saying “Nothing’s private. Get over it.” With a side helping of “I don’t have any concerns about this stuff, so you shouldn’t either.”

I was hoping posts by library people would show a little more nuance. That’s true for a Bobbi Newman post, “What’s at Stake With Facebook is Not Privacy or Publicity But Informed Consent and Choice,” but her post is almost entirely quoting material I’ve used elsewhere. Still, a good and thoughtful summary on Newman’s part. I’m astonished that, when Newman commented on King’s post saying part of the problem was FB changing the rules in the middle of the game, King responds “It’s no bait and switch—it’s their game. They created the rules, and have every right to change them (just as you have the right to not play along.)” Wow. Legally correct, yes. Ethically correct, not a chance.

Here’s another librarian who takes a nuanced view—Jenny Levine, in another comment on King’s post. A large portion of her comment:

There are reasons to give users granular permissions, and it’s because not everyone is like you. Think like your neighbor who believes Google is the only search engine out there, not like a techie or early adopter. Your information is scattered across the web because you purposely let it be, but the vast majority of Facebook users don’t have blogs, Twitter accounts, Flickr accounts, etc. where they’ve already made information public. Their Facebook profile is their main web presence, so starting out with one privacy policy and then doing a total 180 is just plain wrong when the new settings are the default. I’m an early adopter who understands the settings (after a lot of reading up on them), and FB inserted likes for me when I removed all of mine. Apparently I can’t have no likes, which are then going to be shared with the world, no matter what I do, short of deleting my account.

Sure “social networks” are “social,” but FB keeps changing the definition of that word. And obviously I define “social” differently than you do, because I limit my definition to my friends, while you’re okay with that stuff being disseminated to the whole world and aggregated by third-party companies.

Ultimately, I shouldn’t have to conform to your definition, and you shouldn’t have to conform to mine, so the middle ground should be FB giving us controls that let us each set our comfort level. Instead, they’ve implemented your definition and taken away mine, making for a pretty one-sided playing field.

You may not have reasons for wanting to show your friends list, but other people like me do. I hope you can concede that others may have reasons to take a different approach than you do (or maybe they just *want* to be more private). If you can, then I think the title on your post is a little insulting. If you can’t, I’d love to explore further why not.

Although I found King’s post annoying (and, yes, insulting), the stream of comments—including the kind of extended conversation Levine can engage in within comment streams—makes it well worth reading. In a third go-round, King says he thinks FB’s post-facto changes were wrong—but undermines that by essentially saying “but who cares?” That is: He thinks people want to keep “private” (that is, less public) things that to David Lee King are innocuous. And comes down to the black/white stance: If you don’t want it shared with everybody, don’t share it at all.

T. Scott also seems uninterested in nuance and a bit ahistorical in “It May As Well Be On the Front Page of the NYT” (May 18, 2010, T. Scott)—and maybe the title is all I need to cite. He cites another article commenting on the sheer number of settings and options you need to deal with in order to avoid full disclosure and says:

And I’m reading it thinking, But if you want all of that information to be that private, what in the world are you doing on Facebook in the first place?

Not a lot of nuance there—or in his use of the old cliché (which I’ve used as well) that you should never put anything on the internet that you’re not willing to see on the front page of the NYT. Here’s the ahistoricity:

I do understand that people feel as if Facebook has pulled a bait and switch. They believe that they were led to believe that they would have more control over who gets to see their information than they now do--or at least than they now do unless they go through those 50 buttons and 170 options. The level of outrage is high. But seriously, I think it’s misplaced. The whole point of Facebook was to build an application that enabled personal information to be shared with people that you don’t know! So it makes sense to me that the default would be sharing and that you, as the user, would have to do something extra to prevent sharing. Being outraged that Facebook is developing new ways to share information without asking you first seems to me to be the antithesis of what Facebook is designed to do.

Yabbut… FB had one set of default assumptions and then changed it drastically, retroactively and without opt-in. And a lot of this isn’t about sharing information with people you don’t know; it’s about harvesting information for companies you don’t know. Did most people join FB on the assumption that it was a way their information would be harvested in whatever way FB found convenient, with options changed at FB’s whim? I don’t think so.

Openbook—public Facebook status updates

Phil Bradley offered a short commentary on May 23, 2010 on his weblog. He says what FB did is “very uncool” but “it’s also worth considering the fact that people have to take responsibility for their own actions, and if they post stupid stuff to their status updates, they’re in a poor position to complain afterwards.” And “here’s a shocking thought—if you don’t want it public, don’t write it in the first place!”

The primary point of his post is to point to openbook (youropenbook.org), a tool for searching FB updates—and, as he says, “a good one to use when training and/or demonstrating the dangers of not locking down a Facebook account.” The site definitely has an attitude—in one corner is a quote from Mark Zuckerberg that I won’t repeat here and the slogan is “Facebook helps you connect and share with the people in your life. Whether you want to or not.” It comes preloaded with “cheating wife” as a search. I was unwilling to spend much time there; it’s a sad commentary on, as Bradley says, “some of the mind bogglingly stupid things that people write.”

Deleting your Facebook account (FAQ)

That’s the title of Elinor Mills’ May 21, 2010 item at cnet news. I find it hard to believe the poll quoted: “an estimated 60 percent of users are considering quitting Facebook over privacy issues.” OK, so it’s an online of 1,588 people; 16% claim they’ve already deleted their accounts, 30% say it’s highly likely that they will, and 30% say “possibly.” Sophos is up front about the poll not being scientific; I’m inclined to believe it’s not representative either.

The rest of the article offers tips on deleting and deactivating—different things—and what deleting means for your data. The longer FAQ deals with some of the issues and uproar. There is also another poll, “Are you considering quitting Facebook over privacy issues?” At the time I checked the article, this one had 4,588 votes, including 57% yes and 17% maybe (and 9% don’t use FB: only 16% said No). Do I believe 57% of FB users are seriously considering quitting FB? Nahh…probably closer to 0.57%.

danah boyd’s Take

A few notes from several posts by danah boyd at apophenia (dated January 16 and May 14, 15, and 23, 2010). The posts tend to be fairly long and extremely well thought out, all worth reading in the original—and, to be sure, apophenia gets a lot of comments. (I’m paraphrasing, summarizing and quoting brief excerpts because boyd explicitly copyrights apophenia and does not show a CC license).

Facebook’s move ain’t about changes in privacy norms

This post predates the major furor but follows the January 9, 2010 ReadWriteWeb article discussed earlier—the one entitled “Facebook’s Zuckerberg Says The Age of Privacy is Over.” boyd’s response: she wanted to scream. She provides the short version of her take on Zuckerberg’s logic:

·         People I knew didn’t used to like to be public.

·         Now “everyone” is being public.

·         Ergo, privacy is dead.

She’s not buying it any more than she bought the “privacy is dead, get over it” meme a decade ago.

Privacy isn’t a technological binary that you turn off and on. Privacy is about having control of a situation. It’s about controlling what information flows where and adjusting measures of trust when things flow in unexpected ways. It’s about creating certainty so that we can act appropriately. People still care about privacy because they care about control. Sure, many teens repeatedly tell me “public by default, private when necessary” but this doesn’t suggest that privacy is declining; it suggests that publicity has value and, more importantly, that folks are very conscious about when something is private and want it to remain so. When the default is private, you have to think about making something public. When the default is public, you become very aware of privacy. And thus, I would suspect, people are more conscious of privacy now than ever. Because not everyone wants to share everything to everyone else all the time.

She offers a telling real-life scenario and how it plays out with FB. She also notes that being public without consequences is still largely a privilege, not the norm—and that essentially forcing people to be more public reinforces the structures of power and privilege. That’s a discussion you’re better off reading in the original; I can’t do it justice.

Facebook and “radical transparency” (a rant)

boyd says she talked about privacy in her appearance at SXSW “because I thought that it would be the most important issue of the year. I was more accurate than my wildest dreams.” She found that people focused on two of her case studies: Google and Facebook.

After my talk, I received numerous emails from folks at Google, including the PM in charge of Buzz. The tenor was consistent, effectively: “we fucked up, we’re trying to fix it, please help us.” What startled me was the radio silence from Facebook, although a close friend of mine told me that Randi Zuckerberg had heard it and effectively responded with a big ole ::gulp:: My SXSW critique concerned their decision in December, an irresponsible move that I felt put users at risk. I wasn’t prepared for how they were going to leverage that data only a few months later.

At the point of this post—all of 13 days ago as I write this—boyd found that while “people are cranky,” FB assumed it was “just weirdo tech elites like me who are pissed off. They’re standing firm and trying to justify why what they’re doing is good for everyone.” And that attitude is bringing on the potential regulators.

There’s a lot more in this 1,900-word post (which isn’t a rant by my standards). boyd’s an insider; she knew about the “non-marketing studies” showing youth are concerned about privacy and she’s been reading a forthcoming book about FB that suggests “radical transparency” is a core FB value.

In short, Kirkpatrick argues that Zuckerberg believes that people will be better off if they make themselves transparent. Not only that, society will be better off. (We’ll ignore the fact that Facebook’s purse strings may be better off too.) My encounters with Zuckerberg lead me to believe that he genuinely believes this, he genuinely believes that society will be better off if people make themselves transparent.

Getting back to what may be the real issues:

The battle that is underway is not a battle over the future of privacy and publicity. It’s a battle over choice and informed consent. It’s unfolding because people are being duped, tricked, coerced, and confused into doing things where they don’t understand the consequences. Facebook keeps saying that it gives users choices, but that is completely unfair. It gives users the illusion of choice and hides the details away from them “for their own good.”

Later:

Forcing people into being exposed isn’t good for society. Outting people isn’t good for society, turning people into mini-celebrities isn’t good for society. It isn’t good for individuals either. The psychological harm can be great. Just think of how many “heros” have killed themselves following the high levels of publicity they received.

Zuckerberg and gang may think that they know what’s best for society, for individuals, but I violently disagree. I think that they know what’s best for the privileged class. And I’m terrified of the consequences that these moves are having for those who don’t live in a lap of luxury.

boyd is angry. Her anger is informed—and it’s not about her public nature. “I think that it’s high time that we take into consideration those whose lives aren’t nearly as privileged as ours, those who aren’t choosing to take the risks that we take, those who can’t afford to. This isn’t about liberals vs. libertarians; it’s about monkeys vs. robots.”

I’m going to quote one of boyd’s very few responses within the stream of 90 comments, because it clarifies both her own opinions and where she’s coming from:

Let me be clear about one thing… Being public has benefits. Being open has benefits. But exposure (being forced into the public against your will) is a different beast. Choice matters. Having the choice to access publics is important. That’s where change happens. Being exposed is not a change agent. We need to create the infrastructure where people feel comfortable making their voices heard. But we need to give them the choice to do so and recognize that there are people for whom that’s not going to be beneficial.

Surprisingly, of 90 comments (quite a few fairly long, mostly thoughtful), there’s really only one along the lines of “Don’t like it? Quit.” Maybe 1,900 words—some of them with more than two syllables—is too long for the simplistic crowd?

Facebook is a utility; utilities get regulated

There’s a title that should send shudders down Mark Zuckerberg’s spine. As the post begins:

From day one, Mark Zuckerberg wanted Facebook to become a social utility. He succeeded. Facebook is now a utility for many. The problem with utilities is that they get regulated.

She started looking up people who wrote thanking her for the “rant” discussed above—and found that most were on FB. She wrote them asking why—and the response was consistent: They felt as though they needed to be there. (She cites Nancy Baym’s post.)

People felt they needed to stay put, regardless of what Facebook chose to do. Those working at Facebook should be proud: they’ve truly provided a service that people feel is an essential part of their lives, one that they need more than want. That’s the fundamental nature of a utility. They succeeded at their mission.

In the forthcoming book (The Facebook Effect), Zuckerberg and others are quoted repeatedly as believing FB is different because it’s a “social utility” rather than a social network. The problem with that is there’s rarely much of a choice in utilities. “When it comes to utilities like water, power, sewage, Internet, etc., I am constantly told that I have a choice. But like hell I’d choose Comcast if I had a choice. Still, I subscribe to Comcast. Begrudgingly. Because the ‘choice’ I have is Internet or no Internet.” boyd isn’t fond of the utilities in her life:

I hate all of the utilities in my life. Venomous hatred. And because they’re monopolies, they feel no need to make me appreciate them. Cuz they know that I’m not going to give up water, power, sewage, or the Internet out of spite. Nor will most people give up Facebook, regardless of how much they grow to hate them.

To those reacting that FB isn’t a utility, she says “You’re wrong. People’s language reflects that people are depending on Facebook just like they depended on the Internet a decade ago.” The meat of the matter: Utilities get regulated—less in the U.S. than in most nations, but still. And, as she notes, FB isn’t just in the U.S.: “It’s quite popular in Canada and Europe, two regions that LOVE to regulate their utilities.”

Turns out she’s at least partly wrong in the next paragraph—where she says that typically, when a company oversteps its hand on privacy, “people flip out, governments threaten regulation, and companies back off”—but that hadn’t happened yet with FB. She just needed to wait another week. (In an update, boyd says the title probably should have been “Facebook is trying to be a utility; utilities get regulated.” That might have eliminated a lot of comments arguing that there are other internet utilities—and making undeserved character attacks on boyd and her employers.)

Venessa Miemis wrote an interesting sidebar on boyd’s posts (and other FB-related posts) in “What is Privacy? a rant about Facebook & the open source movement,” posted May 23, 2010 at emergent by design. Miemis wants to look at the emotional aspects of the situation and summarizes it in this sentence:

When conversations get commodified, we are lost.

She says “the space where you share yourself and your life with others” is nearly as sacred as physical intimacy—and thinks “people are not so much upset that Facebook is making this sharing of ourselves more transparent, it’s that this sharing of ourselves is being commodified, and people are making money off of it.” Her answer seems to be an explosion of the open source movement. I’m not quite sure I follow the argument, but you might find it interesting.

Quitting Facebook is pointless; challenging them to do better is not

Here boyd discusses some (mis)interpretations of earlier posts—including nonsense like “Microsoft wants Facebook to be regulated as a utility.” (Anyone who regards danah boyd as an official spokesperson for Microsoft really needs a reality check—although it’s true that she works at Microsoft Research New England.) She clarifies that she didn’t necessarily want FB to be regulated; she just thought it was likely (she uses “inevitable”). And she finds it necessary to enumerate “six beliefs”—particularly given nonsensical discussions about “everyone” leaving FB:

1. I do not believe that people will (or should) leave Facebook because of privacy issues.

2. I do not believe that the tech elites who are publicly leaving Facebook will affect the company’s numbers; they are unrepresentative and were not central users in the first place.

3. I do not believe that an alternative will emerge in the next 2-5 years that will “replace” Facebook in any meaningful sense.

4. I believe that Facebook will get regulated and I would like to see an open discussion of what this means and what form this takes.

5. I believe that a significant minority of users are at risk because of decisions Facebook has made and I think that those of us who aren’t owe it to those who are to work through these issues.

6. I believe that Facebook needs to start a public dialogue with users and those who are concerned ASAP…

boyd recognizes that FB matters to many people and it’s no more reasonable to say “just leave if you’re not happy” than it is to tell people to just leave their apartments if they’re not happy with their landlord or just leave their job if they’re not happy with their boss. As boyd implicitly notes, it’s dangerous nonsense in the real world.) boyd also thinks “those with the most to gain from Facebook are the least likely to leave, even if they also have the most to lose.”

boyd believes (I suspect correctly) that most of the high-profile characters (“digerati”) who have announced their departure from FB weren’t that involved with FB in the first place—and they’re not at all representative users. She doesn’t think people will leave FB en masse because they’re already invested in FB. She notes that FB expects backlash from any change—and, she believes, has become numb to user complaints.

Screaming about the end of Facebook is futile. And I think that folks are wasting a lot of energy telling others to quit or boycott to send a message. Doing so will do no such thing. It’ll just make us technophiles look like we’re living on a different planet. Which we are. Instead, I think that we should all be working to help people understand what’s going on. I love using Reclaim Privacy to walk through privacy settings with people. While you’re helping your family and friends understand their settings, talk to them and record their stories. I want to hear average people’s stories, their fears, their passions. I want to hear what privacy means to them and why they care about it. I want to hear about the upside and downside of visibility and the challenges introduced by exposure. And I want folks inside Facebook to listen. Not because this is another user rebellion, but because Facebook’s decisions shape the dynamics of so many people’s lives. And we need to help make those voices heard.

As always, there’s a lot more here: boyd doesn’t do pithy at apophenia (for which I greatly admire her), and this one’s the longest of the group at just under 2,800 words. In an update, she clarifies that she’s not telling individuals not to leave FB; she just doesn’t think there’s going to be a mass exodus or that such an exodus would make sense.

Do I agree with everything boyd says? No, any more than I do anybody else. I find that she’s providing thoughtful, worthwhile, nuanced commentary; that’s worth a lot. (You can read that sentence without the semicolon if you like.)

What’s Next?

This is a Zeitgeist essay, primarily concerned with the changes made to Facebook in late 2009 and early 2010. Thanks in large part (I would say “thanks entirely” but can’t prove that) to the sustained uproar, Facebook announced a new set of privacy setting changes at about the time I was writing this piece.

Do the new changes solve the problem? Even before they’re in play, one partial answer is that they can’t—the betrayal happened even if it’s fixed some weeks later, particularly given Mark Zuckerberg’s public dismissal of privacy as an issue. (Similarly, some of us are never likely to use or trust Google Buzz thanks to the disastrously bad initial implementation.) It’s also true that improving permissions doesn’t do diddly for the few hundred million users who had their defaults changed and paid no attention to them—I strongly doubt that the new rollout will suddenly change April settings to be less public. But the changes may help—even as they raise new issues.

Most of that’s irrelevant to this piece, which concerns a situation during a time period. Still, a few words about the new changes might be useful.

The new changes add an overarching control for content viewing permissions—and claim both that those permissions affect existing content and also that they’ll stay in place for the future: No more “defaulting to public.” The changes also improve control over how people can find you and what non-friend users can see about you., and let you opt out of sharing your friends list and Pages that you like. Finally, there’s a straightforward way to opt out of “instant personalization” and sending information to third parties. There continue to be more granular settings—and, this time around, FB did not reset existing settings to their “Recommended” (default) options.

Mashable’s coverage seems to say this settles the issues—”With controls this simple, it’s hard to imagine users being confused or pundits throwing fits.” (I suspect those last three words sum up Mashable’s stance on the whole FB brouhaha: Just some pundits throwing fits.)

Ars Technica’s coverage (by Jacqui Cheng) is also positive: “Facebook finally gets it with new, simpler privacy controls.” A quote from Mark Zuckerberg is less reassuring than it might be: “Don’t mess with the privacy stuff for a long time!” [Emphasis added.] Think about those last four words, FB’s track record for keeping promises and Zuckerberg’s clear attitudes about privacy. Does “for a long time” mean “until people have mostly forgotten about this and we have another 200 million users”? (Am I being paranoid? I honestly don’t think so; I think I’m paying attention to history. Nobody forced Zuckerberg to add those four words.) The very first comment seems to have the same nervousness:

If they hadn’t messed around with privacy so much in the past, and if Zuckerberg hadn’t made the comments he made about privacy, I might have had a facebook account. This is encouraging, but their history tells me they can’t be trusted.

Farhad Manjoo’s a little more skeptical, as the subtitle of his May 27, 2010 Slate essay (“Friends Again”) indicates: “Facebook has improved its privacy controls. Should we trust it not to screw up again?”

He notes that he earlier predicted that Zuckerberg would respond “by doing what he’s always done”: write a public letter and unveil a few new updates. That’s what he did. Manjoo finds the new settings “drop-dead simple to use” but says that isn’t enough: FB also needs to educate its users about the changes. “Given Facebook’s track record on that, it would be foolish to guess that everything will go smoothly from now on.” Indeed, even snapshots of the screens indicate that “education” will be on FB’s terms.

Manjoo points out that the master switch doesn’t affect directory information and third-party applications (but most people will assume it does). The new master switch does take care of the worst of the problems.

So far, so good—even though it doesn’t really undo all the damage done before. But:

You may find it hard to believe that Facebook has suddenly found the magic bullet for managing your privacy. Sure, these changes may look good now, but Facebook seems to redesign the site every six months. Shouldn’t we assume that privacy, like everything else on Facebook, will become unwieldy once more?

This is where you simply have to decide whether to trust Facebook.

We have Zuckerberg’s promise that the master setting will take care of the future, even as Facebook rolls out new ways to share information (e.g., a location-based system). We also have those last four words and Zuckerberg’s track record. Manjoo’s response: “I’ll believe it when I see it.”

I’m happy Facebook did all this. But while the changes are likely to stem the current outcry, I doubt that this is the end of our stormy relationship with Facebook. We’re likely to see the same movie play out again and again: Six months or a year from now, the media, tech bloggers, and lawmakers will start yelling about the site once more. Zuckerberg, again, will be forced to respond. You watch.

Manjoo tells us why—and you’ll have to read that for yourself.

Privacy Theater

That’s a wonderful phrase—and the title of Ed Felten’s May 26, 2010 post at Freedom to Tinker, which in turn links to a New York Times “Room for Debate” feature in which he and several others discuss whether the government should regulate Facebook. I won’t get into that debate. This post relates to Felten’s search for “a pithy way to express the problems with today’s notice-and-consent model for online privacy.”

Namely: You sign up, you click on something that says “I have read the terms of service/privacy agreement and I agree,” and you’ve consented. You’ve probably done that dozens of times. How often did you actually read and attempt to understand the entire agreement(s)? Show of hands?

Facebook’s privacy policy runs to almost 6000 words of dense legalese. We are all supposed to have read it and agreed to accept its terms. But that’s just theater. Hardly any of us have actually read privacy policies, and even fewer consider carefully their provisions. As I wrote in the Times piece, we pretend to have read sites’ privacy policies, and the sites pretend that we have understood and consented to all of their terms. It’s privacy theater.

Felten credits Bruce Schneier as inspiration, since Schneier speaks of “security theater”—those security measures that look impressive but don’t actually provide security. Most of what happens at airport checkpoints is security theater.

What Felten sees with FB is the second form of privacy theater, much as we see in credit card “agreement” theater:

Worse yet. privacy policies are subject to change. When sites change their policies, we get another round of privacy theater, in which sites pretend to notify us of the changes, and we pretend to consider them before continuing our use of the site.

Felten doesn’t see any easy answer, except possibly (and partially) default rules. “If we can’t provide the reality of privacy or security, we can settle for theater, which at least makes us feel a bit better about our vulnerability.”

How to Get More Privacy From Facebook’s New Privacy Controls

When I wrote this essay, my own FB account didn’t yet show the new controls. Now it does—and I find that they’re a little incoherent, as they’re showing an “Other” column that’s not explained and is inconsistent with the detailed settings. So I’ll just recommend Kurt Opsahl’s May 26, 2010 article in the EFF Deeplinks blog as a good step-by-step approach to making the most of the new privacy settings. It’s clear, reasonably short (under 900 words) and includes a video (which I haven’t watched) for those who learn better in that way. I suspect that, if you check off each paragraph of the EFF post, you’ll have things under control.

For now at least—and, if we can trust FB, for the future.

Cites & Insights: Crawford at Large, Volume 10, Number 8, Whole Issue 131, ISSN 1534-0937, a journal of libraries, policy, technology and media, is written and produced by Walt Crawford.

This issue sponsored by the Library Society of the World (LSW).

Comments should be sent to waltcrawford@gmail.com. Cites & Insights: Crawford at Large is copyright © 2010 by Walt Crawford: Some rights reserved.

All original material in this work is licensed under the Creative Commons Attribution-NonCommercial License. To view a copy of this license, visit http://creativecommons.org/ licenses/by-nc/1.0 or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.

URL: citesandinsights.info/civ10i8.pdf